Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Old Dell Suddenly Slowing Down

Started by monkeyboyblues , Nov 02 2022 06:22 PM

  • Please log in to reply

#1
monkeyboyblues
Posted 02 November 2022 - 06:22 PM

monkeyboyblues

    Member

  • Member
  • PipPipPip
  • 146 posts

Hi,

 

Using an old Dell Latitude 6400.

 

Everything has slowed down including searching on the internet.

 

Thank you experts for your help in advance!!

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-10-2022 02
Ran by Admin (administrator) on E6400 (Dell Inc. Latitude E6400) (03-11-2022 20:02:57)
Running from C:\Users\Admin\Downloads
Loaded Profiles: Admin
Platform: Microsoft Windows 10 Pro Version 21H1 19043.2130 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe ->) (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE ->) (Dell Inc.) [File not signed] C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(C:\Program Files\DellTPad\Apoint.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(C:\Program Files\DellTPad\Apoint.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(explorer.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(explorer.exe ->) (Dell Inc.) [File not signed] [File is in use] C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <11>
(explorer.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <6>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Broadcom Corp -> Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
(services.exe ->) (Broadcom Corp -> Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
(services.exe ->) (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(services.exe ->) (Dell Inc.) [File not signed] C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_e085d3cd5b474ba6\AESTSr64.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_e085d3cd5b474ba6\stacsv64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\NisSrv.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
Failed to access process -> csrss.exe
Failed to access process -> csrss.exe
Failed to access process -> dasHost.exe
Failed to access process -> dwm.exe
Failed to access process -> fontdrvhost.exe
Failed to access process -> fontdrvhost.exe
Failed to access process -> GoogleCrashHandler.exe
Failed to access process -> GoogleCrashHandler64.exe
Failed to access process -> WmiPrvSE.exe
Failed to access process -> WUDFHost.exe
Failed to access process -> WUDFHost.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [5712896 2010-02-01] (Dell Inc.) [File not signed] [File is in use]
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] (Samsung Electronics CO., LTD. -> )
HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-10-31] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-09] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [592240 2011-01-04] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-10-31] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2015-01-29] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4517376 2014-11-11] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [1939968 2014-10-22] (Brother Industries, Ltd.) [File not signed]
HKU\S-1-5-21-2494090995-947898825-4045838511-1003\...\Run: [MicrosoftEdgeAutoLaunch_5EFC0ECB77A7585FE9DCDD0B2E946A2B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3891624 2022-10-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2494090995-947898825-4045838511-1003\...\Run: [GoogleChromeAutoLaunch_A5B343D047FD8BD2F268B0EA0F8DBD7C] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [3217176 2022-10-26] (Google LLC -> Google LLC)
HKLM\...\Windows x64\Print Processors\sdb2MPC: C:\Windows\System32\spool\prtprocs\x64\sdb2mpc.dll [37376 2012-10-31] (Windows ® Server 2003 DDK provider) [File not signed]
HKLM\...\Print\Monitors\CutePDF Writer Monitor: C:\WINDOWS\SYSTEM32\cpwmon64.dll [89008 2016-01-22] (Acro Software Inc. -> )
HKLM\...\Print\Monitors\sdb2M Langmon: C:\WINDOWS\SYSTEM32\sdb2mlm.dll [34304 2011-09-26] () [File not signed]
HKLM\...\Print\Monitors\sdb2x Langmon: C:\WINDOWS\SYSTEM32\sdb2xlm.dll [34304 2011-09-25] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\107.0.5304.88\Installer\chrmstp.exe [2022-11-03] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{31F6EB2D-A04B-401A-BE3B-0604C2462BA2}] -> MSPACredentialProvider_7.00.33.202204221301.dll
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Lsa: [Notification Packages] scecli "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03E76D3E-AC1D-4455-8EE9-A0031323BE1C} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {07FF35EA-5C86-4A7D-8B61-85537E968680} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {0F2B86FB-2155-4393-B8E2-88EF5027860E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MpCmdRun.exe [1567336 2022-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {15D6CE39-B88A-426E-9531-E17D4F3096FC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MpCmdRun.exe [1567336 2022-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {241DE746-00E5-48F9-9AF1-C988CE3C0D89} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (No File)
Task: {2495F688-B89B-438D-9465-24CEA2D862D5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MpCmdRun.exe [1567336 2022-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {31ED96E7-12E9-4AA3-AE48-AC9C15FEE7AA} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {326FFD04-FDDC-4069-8526-37D28F51DE2C} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-14] (Adobe Inc. -> Adobe)
Task: {3700C63B-5EB8-4B85-A280-FE8B7D257EC9} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (No File)
Task: {3755493B-8642-4A68-AF9F-F787ACB752D5} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (No File)
Task: {3B78CDC3-2C96-46D7-837A-E9C96BC2D4CB} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2287472 2022-05-24] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {3C3FAC5A-E147-48C0-A2D0-335892C70796} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {45DC34F0-04C3-4B74-9CD4-5D0C4FC2B5A6} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (No File)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4A3DC197-C032-4B15-BE7B-B217DFD03F39} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-13] (Google LLC -> Google LLC)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {7571DF58-458F-4222-A0B1-CBE2C1C7A4B4} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (No File)
Task: {79D63C81-35B2-46A3-9B77-6770925A1C7D} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (No File)
Task: {7C424160-6374-4E80-99C3-3BE7FE39B8B8} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {7EEF9173-B582-404A-9CCA-CDC12EF0D38E} - System32\Tasks\{F3035542-602D-49CC-A2A4-4B482E74AC02} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\USWRQITL\DELL_TOUCHPAD----POINTING-ST_A11_R231736[1].exe
Task: {7FA12F49-DE8E-4489-8B11-DA99077410F3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MpCmdRun.exe [1567336 2022-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8046BC1F-E1F8-4A48-B9E7-41E45AA2D3AD} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (No File)
Task: {858A0D97-E482-465D-888D-B999EDC10D68} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (No File)
Task: {90A3DA29-6DCE-4AB1-BB6B-AA178F8A06DF} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (No File)
Task: {94190FDA-B410-4BCE-ACD0-8CB85A6E0F04} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (No File)
Task: {98C88774-C977-4AA0-A1BC-B8A5D201D64C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (No File)
Task: {9DFB6922-93F2-4644-B773-F5655BB2A0F6} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (No File)
Task: {A060F7BD-C8B0-44CF-A9FC-395D00C727E2} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {A21DA9C6-2ECC-4B36-8A71-60009A9632C5} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (No File)
Task: {A38731AE-0347-4979-AE17-9530C898BE7D} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (No File)
Task: {A880B82B-B0F8-4AB9-8E9D-72EF2B01BDA4} - System32\Tasks\{230103E3-047F-442D-AEE7-2F9D5B3DB970} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Admin\Downloads\IDT_92HDXXX-HD-AUDIO_A04_R302809.exe -d C:\Users\Admin\Downloads
Task: {ADC26AFE-2902-405D-8218-EDC48FC52295} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B4961E1B-F09D-47E4-9068-F94596A60F53} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (No File)
Task: {B957A03C-659E-405A-A771-48787F7135E9} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (No File)
Task: {BC44CE4E-8493-4630-9BC3-06BBA86B706F} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (No File)
Task: {C6DBF053-00DC-4791-9111-7666AF62D189} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (No File)
Task: {CB531407-13FF-442C-B5D6-EC8E8CB7DE1A} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (No File)
Task: {D3C8E979-F63D-40DA-95DA-5892BBA1082D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-13] (Google LLC -> Google LLC)
Task: {D742D6BF-24AC-40CC-B792-BB9AC755EF65} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (No File)
Task: {DBDB8660-66C6-4FE7-8487-D30E132E3CB7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-14] (Adobe Inc. -> Adobe)
Task: {E054FEAA-99C0-4997-9BEB-58B2BD6D5D7E} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (No File)
Task: {E332D4E4-D60E-4362-B31B-A17C38E77B27} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (No File)
Task: {F14EEEB6-F872-47F9-9717-F8D8C001C0E9} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{48f90ba7-95c3-4707-9746-91302525f96b}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9992bc72-c55a-4958-a302-4abb522d67bc}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{f3b88faf-88a6-416c-a28f-fcd4d871a462}: [DhcpNameServer] 75.75.75.75 75.75.76.76

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default [2022-11-03]
Edge Notifications: Default -> hxxps://www.facebook.com

FireFox:
========
FF DefaultProfile: bjfvrvhs.default
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\309n7l2u.default-release [2022-11-03]
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bjfvrvhs.default [2022-10-21]
FF Homepage: Mozilla\Firefox\Profiles\bjfvrvhs.default -> hxxps://www.ixquick.com/
FF Extension: (Keywords Everywhere - Keyword Tool) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bjfvrvhs.default\Extensions\[email protected] [2022-10-10]
FF Extension: (Startpage.com — Private Search Engine) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bjfvrvhs.default\Extensions\{20fc2e06-e3e4-4b2b-812b-ab431220cada}.xpi [2020-09-22]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-14] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-14] (Adobe Inc. -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2022-11-03]
CHR Notifications: Default -> hxxps://aloha-news.net; hxxps://newssysstem.net
CHR DefaultSearchURL: Default -> hxxps://www.startpage.com/do/dsearch?query={searchTerms}&cat=web&pl=ext-chrome&language=english&extVersion=1.1.2
CHR DefaultSearchKeyword: Default -> startpage.com
CHR Extension: (TikTok™ for Desktop & Downloader) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdphkkecaejjijafinepmkefiegpkdjf [2022-10-31]
CHR Extension: (Resizing App) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpiobpcinjhhemgobhjghkakdabddmg [2021-02-15]
CHR Extension: (Startpage - English) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgmjlmbojbkmdpofahffgcpkhkngfpef [2021-06-03]
CHR Extension: (Google Docs Offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-02]
CHR Extension: (Desktopify) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlhjgcligpbnjphflfdbmabbmjidnmek [2021-02-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-07]
CHR Extension: (Invite post likers for Facebook™) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\oobofacgjpheigmglnjjlhfolhcamaia [2022-10-19]
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-02-15]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-14] (Adobe Inc. -> Adobe)
R2 AESTFilters; C:\WINDOWS\System32\DriverStore\FileRepository\stwrt64.inf_amd64_e085d3cd5b474ba6\AESTSr64.exe [89600 2009-03-02] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [289792 2014-10-23] (Brother Industries, Ltd.) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224192 2022-09-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 STacSV; C:\WINDOWS\System32\DriverStore\FileRepository\stwrt64.inf_amd64_e085d3cd5b474ba6\STacSV64.exe [244736 2010-03-09] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\NisSrv.exe [3191224 2022-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MsMpEng.exe [133536 2022-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [5088256 2010-02-01] (Dell Inc.) [File not signed]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R3 BCM43XX; C:\WINDOWS\System32\drivers\bcmwl63al.sys [5170176 2019-12-07] (Microsoft Windows -> Broadcom Corporation)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 fanio; C:\Windows\system32\drivers\fanio.sys [23552 2016-06-11] (NGO -> Christian Diefer)
R3 MpKsl601978c3; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{975E11CB-EBA7-419D-A205-1B1D1C43A6A7}\MpKslDrv.sys [228632 2022-11-03] (Microsoft Windows -> Microsoft Corporation)
R2 rimmptsk; C:\WINDOWS\System32\drivers\rimmpx64.sys [67584 2009-06-25] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R3 STHDA; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [505856 2010-03-09] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
R1 UimBus; C:\WINDOWS\System32\drivers\UimBus.sys [102576 2015-08-21] (Paragon Software GmbH -> )
R1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uim_devim.sys [25904 2015-08-21] (Paragon Software GmbH -> )
R1 Uim_IM; C:\WINDOWS\System32\drivers\uim_im.sys [701232 2015-08-21] (Paragon Software GmbH -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-11-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [469280 2022-11-02] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-11-02] (Microsoft Windows -> Microsoft Corporation)
S3 btwaudio; \SystemRoot\system32\drivers\btwaudio.sys [X]
S3 btwavdt; \SystemRoot\system32\drivers\btwavdt.sys [X]
S3 btwl2cap; \SystemRoot\system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; \SystemRoot\System32\drivers\btwrchid.sys [X]
U3 idsvc; no ImagePath
S3 TASCAM_US1200_USB; \SystemRoot\System32\Drivers\tus1200u.sys [X]
S3 TASCAM_US1200_WDM; \SystemRoot\system32\drivers\tus1200a.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-11-03 20:02 - 2022-11-03 20:15 - 000024664 _____ C:\Users\Admin\Downloads\FRST.txt
2022-11-03 20:02 - 2022-11-03 20:02 - 000000000 ____D C:\Users\Admin\Downloads\FRST-OlderVersion
2022-11-03 20:00 - 2022-11-03 20:02 - 002374144 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2022-10-31 18:51 - 2022-11-02 13:16 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-10-25 13:28 - 2022-10-25 13:28 - 000000744 _____ C:\Users\Admin\Documents\Desktop - Shortcut.lnk
2022-10-23 18:50 - 2022-10-23 18:50 - 000913167 _____ C:\Users\Admin\Downloads\Tiszai_Luca_Preverbal_2019_net.pdf
2022-10-23 12:14 - 2022-10-23 12:14 - 000848539 _____ C:\Users\Admin\Downloads\Tiszai_Luca_Community_2019_net.pdf
2022-10-23 12:14 - 2022-10-23 12:14 - 000000000 _____ C:\Users\Admin\Downloads\JuxHxgwn.htm
2022-10-23 11:39 - 2022-10-23 11:40 - 000895789 _____ C:\Users\Admin\Downloads\TiszaiConsonante.pdf
2022-10-21 20:48 - 2022-11-02 13:16 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-10-21 20:48 - 2022-11-01 11:01 - 000000969 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-10-21 20:48 - 2022-10-28 13:51 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-10-21 20:48 - 2022-10-21 20:48 - 000000957 _____ C:\Users\Public\Desktop\Firefox.lnk
2022-10-21 20:38 - 2022-10-21 20:38 - 000351488 _____ (Mozilla) C:\Users\Admin\Downloads\Firefox Installer.exe
2022-10-21 08:13 - 2022-10-27 11:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-10-12 11:36 - 2022-10-12 11:36 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-10-12 11:35 - 2022-10-12 11:35 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-10-12 11:35 - 2022-10-12 11:35 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-10-12 11:33 - 2022-10-12 11:33 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-10-12 11:33 - 2022-10-12 11:33 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-10-12 11:31 - 2022-10-12 11:31 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-10-12 11:30 - 2022-10-12 11:30 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-10-12 10:04 - 2022-10-12 10:04 - 000000000 ___HD C:\$WinREAgent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-11-03 20:20 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-03 20:12 - 2018-08-09 13:24 - 000000000 ____D C:\FRST
2022-11-03 20:01 - 2016-06-10 18:06 - 000000000 ____D C:\Program Files (x86)\Google
2022-11-03 19:54 - 2020-09-05 19:44 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-11-03 19:54 - 2020-09-05 19:44 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-11-03 19:29 - 2022-03-28 18:38 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-11-03 19:27 - 2017-01-07 14:40 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Mozilla
2022-11-03 19:10 - 2016-09-20 14:33 - 000000000 ___RD C:\Users\Admin\OneDrive
2022-11-03 19:04 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-11-03 18:53 - 2020-09-03 13:42 - 000000000 ____D C:\Users\Admin
2022-11-03 17:44 - 2020-07-13 18:47 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-11-03 17:44 - 2020-07-13 18:47 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-11-03 14:04 - 2020-09-03 13:31 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-11-02 19:49 - 2020-10-05 16:13 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-02 19:49 - 2020-09-03 14:18 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-11-02 13:44 - 2018-06-23 22:18 - 000008051 _____ C:\WINDOWS\BRRBCOM.INI
2022-11-02 13:27 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-02 13:24 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2022-11-02 13:15 - 2019-12-07 05:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-11-02 09:22 - 2018-04-14 00:23 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-11-01 12:13 - 2022-02-26 13:09 - 000002383 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-11-01 12:13 - 2021-12-16 19:07 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2494090995-947898825-4045838511-1003
2022-11-01 12:13 - 2020-09-03 14:18 - 000003358 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2494090995-947898825-4045838511-1003
2022-10-30 10:19 - 2020-11-06 13:25 - 000000000 ____D C:\Users\Admin\Desktop\iNDEPRENUER
2022-10-27 18:50 - 2017-03-07 20:31 - 000000000 ____D C:\Users\Admin\AppData\Local\ElevatedDiagnostics
2022-10-21 09:42 - 2022-08-02 10:29 - 000050176 ____H C:\Users\Admin\Documents\~WRL3770.tmp
2022-10-14 20:18 - 2020-09-05 19:42 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-10-14 20:18 - 2020-09-05 19:42 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-10-13 07:47 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2022-10-13 07:43 - 2020-09-03 13:56 - 000840602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-10-12 21:59 - 2020-09-03 13:31 - 000310360 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-10-12 21:51 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-10-12 21:51 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-10-12 21:50 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-10-12 21:50 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-10-12 21:50 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-10-12 21:50 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-10-12 21:50 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-10-12 21:49 - 2019-12-07 05:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-10-12 21:49 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-10-12 21:49 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-10-12 12:08 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-10-12 12:02 - 2019-12-07 05:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2022-10-12 12:02 - 2019-12-07 05:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2022-10-12 11:34 - 2016-05-12 14:32 - 000415690 __RSH C:\bootmgr
2022-10-12 11:27 - 2020-09-03 13:38 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-10-12 09:46 - 2016-06-12 17:22 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-10-12 09:25 - 2016-06-12 17:22 - 147398024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)



testsigning: ==> 'testsigning' is set. Check for possible unsigned driver <==== ATTENTION
==================== End of FRST.txt ========================

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-10-2022 02
Ran by Admin (03-11-2022 20:24:53)
Running from C:\Users\Admin\Downloads
Microsoft Windows 10 Pro Version 21H1 19043.2130 (X64) (2020-09-03 18:21:05)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Admin (S-1-5-21-2494090995-947898825-4045838511-1003 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2494090995-947898825-4045838511-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2494090995-947898825-4045838511-503 - Limited - Disabled)
Guest (S-1-5-21-2494090995-947898825-4045838511-501 - Limited - Disabled)
jadeh (S-1-5-21-2494090995-947898825-4045838511-1002 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2494090995-947898825-4045838511-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Reader XI (11.0.23) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Belarc Advisor 8.4 (HKLM-x32\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
BrLauncher (HKLM-x32\...\{C661197A-6B93-4E37-9E3F-2A1DFCD64234}) (Version: 1.1.15.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{B556F816-FF4D-4BB6-9339-ED28639E2EF3}) (Version: 1.0.2.1 - Brother Industries Ltd.) Hidden
Brother PCFax Driver (HKLM-x32\...\{56BA05BD-7A67-4EF8-85A7-8C6528AEE2AC}) (Version: 1.4.0.0 - Brother Industries Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{A17C3197-24C9-493B-BB9A-A73800A0B61A}) (Version: 1.6.0.1 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{AE0056FC-36C2-4C09-B9BB-9111617914EA}) (Version: 1.0.11.11 - Brother Industries Ltd.) Hidden
BrotherHelpInstaller (HKLM-x32\...\{4E461C2A-EC1C-46D1-AF5B-7FEFD0054AF8}) (Version: 1.0.0.0 - Brother) Hidden
BrSupportTools (HKLM-x32\...\{F8F9EB58-33BA-4FF8-80E7-66D87D2E0C3C}) (Version: 1.0.9.0 - Brother Industries Ltd.) Hidden
CDBurnerXP (64 bit) (HKLM\...\{7B8B3EDE-B54A-4DF5-A689-0042ED2661CC}) (Version: 4.5.6.6059 - Canneverbe Limited)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Common Desktop Agent (HKLM\...\{2DBE349F-FF05-42FE-81A9-2B3A0EC22BBE}) (Version: 1.62.0 - OEM) Hidden
ControlCenter4 (HKLM-x32\...\{9ADB625A-7F6D-4C48-9058-4767A55D5424}) (Version: 4.2.438.1 - Brother Insutries Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{1BAE50D4-5F2A-4E34-BD81-B4555109F7C2}) (Version: 4.2.3.1 - Brother Insutries Ltd.) Hidden
CutePDF Writer 3.1 (HKLM\...\CutePDF Writer Installation) (Version:  3.1 - Acro Software Inc.)
Dell ControlVault Host Components Installer 64 bit (HKLM\...\{55E79447-F6B0-46CB-9F58-F82DAC9C2286}) (Version: 2.1.2.187 - Broadcom Corporation)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1207.101.108 - ALPS ELECTRIC CO., LTD.)
DeviceDetect (HKLM-x32\...\{FF45CD35-CEAA-4B57-81DA-8F215B9249CB}) (Version: 1.4.2.0 - Brother Industries Ltd.) Hidden
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 5.60.48.35 - Dell Inc.)
Easy Photo Scan (HKLM-x32\...\{61D1B0E8-8651-4AF3-8E8F-3EA3C0C9E8F7}) (Version: 1.00.0003 - Seiko Epson Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 107.0.5304.88 - Google LLC)
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
I8kfanGUI V3.1 (x64) (HKLM-x32\...\I8kfanGUI) (Version: 3.1 - Christian Diefer)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6227.0 - IDT)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2869 - Intel Corporation)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 14.5 - Intel)
Microsoft DVD App Installation for Microsoft.WindowsDVDPlayer_2019.6.13291.0_neutral_~_8wekyb3d8bbwe (x64) (HKLM\...\{25E80DAA-FD87-DCE5-202C-CC02F6673002}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 107.0.1418.35 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 107.0.1418.26 - Microsoft Corporation)
Microsoft Office XP Professional with FrontPage (HKLM-x32\...\{90280409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2627.01 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2494090995-947898825-4045838511-1003\...\OneDriveSetup.exe) (Version: 22.217.1016.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 (HKLM-x32\...\{40d3fee2-b257-46c2-bdc0-cb1088d97327}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.27.29016 (HKLM\...\{F07B1E25-5670-4556-9C7F-5A1966C83269}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.27.29016 (HKLM\...\{E493B8F4-E300-43EC-95D0-BDF3711297EA}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 106.0.3 (x64 en-US)) (Version: 106.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 106.0.1 - Mozilla)
NetworkRepairTool (HKLM-x32\...\{4694AD3E-D4A2-4D98-9848-662A0475E872}) (Version: 1.2.11.0 - Brother Insutries Ltd.) Hidden
OpenOffice 4.1.7 (HKLM-x32\...\{A09D951F-4BA3-4383-97B3-D1B91835E779}) (Version: 4.17.9800 - Apache Software Foundation)
Paragon Backup and Recovery™ 14 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PC-FAXReceive (HKLM-x32\...\{DD40894F-7575-4905-90AB-695FD827E358}) (Version: 1.4.24.0 - Brother Insutries Ltd.) Hidden
PCFaxTx (HKLM-x32\...\{63530B2D-3A34-4D79-A52D-F3EB5D99A7C1}) (Version: 1.1.1.1 - Brother Industries Ltd.) Hidden
RemoteSetup (HKLM-x32\...\{BDD8C463-1183-4A91-9EC8-BF68E4ECA9B6}) (Version: 3.9.2.1 - Brother Industries Ltd.) Hidden
RICOH Media Driver ver.2.07.01.01 (HKLM-x32\...\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}) (Version: 2.07.01.01 - RICOH)
ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
Shotcut (HKLM-x32\...\Shotcut) (Version:  - )
Software Updater (HKLM-x32\...\{B307472F-7BD9-4040-9255-CE6D6A1196A3}) (Version: 4.3.1 - SEIKO EPSON CORPORATION)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
StatusMonitor (HKLM-x32\...\{86D16055-3C14-44C6-BCD7-5514B83BAD34}) (Version: 1.12.4.0 - Brother Insutries Ltd.) Hidden
Telegram Desktop (HKU\S-1-5-21-2494090995-947898825-4045838511-1003\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.1 - Telegram FZ-LLC)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
US-1200 drivers (HKLM\...\USB_AUDIO_DEusb-audio.deTascamUS1200) (Version:  - )
UsbRepairTool (HKLM-x32\...\{523276A4-5779-4105-9163-CA1CF94EC533}) (Version: 1.4.0.0 - Brother Insutries Ltd.) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
XMind 6 (v3.5.2) (HKLM-x32\...\XMind_is1) (Version: 3.5.2.201504270119 - XMind Ltd.)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-11] (Microsoft Corporation)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2016-06-12] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.voxacm160] => C:\WINDOWS\SYSTEM32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.scg726] => C:\WINDOWS\SYSTEM32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\WINDOWS\SYSTEM32\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\SYSTEM32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lame] => C:\WINDOWS\SYSTEM32\lame.ax [245760 2005-08-01] () [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\WINDOWS\SYSTEM32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [File not signed]
HKLM\...\Drivers32: [vidc.mpg4] => C:\WINDOWS\SYSTEM32\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp42] => C:\WINDOWS\SYSTEM32\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\WINDOWS\SYSTEM32\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\WINDOWS\SYSTEM32\xvidvfw.dll [139264 2004-07-03] () [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\WINDOWS\SYSTEM32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SYSTEM32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SYSTEM32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP62] => C:\WINDOWS\SYSTEM32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.LAGS] => C:\WINDOWS\SYSTEM32\lagarith.dll [216064 2011-12-07] () [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2013-04-16] (Belarc, Inc. -> Belarc, Inc.)
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation) [File not signed]
Handler-x32: http - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: http - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: https - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: https - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: msdaipp - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: msdaipp - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2018-09-25 20:01 - 000000842 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2494090995-947898825-4045838511-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\Desktop\4Slow Motion.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{33692514-9F66-477D-B585-0B100C838916}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CE5BA17F-170C-4D81-BF86-081CB9604A0F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F7E174D5-0472-484B-8C6B-0C211E136CB3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{35C84583-330A-43AE-8C58-C2CB9EC910AF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{51DDEE1E-22B2-4D85-8D06-48ED181D0720}] => (Allow) E:\Network\EpsonNetSetup\ENEasyApp.exe => No File
FirewallRules: [{B7FBF0DF-FA7E-4F78-AAA0-E1002B119398}] => (Allow) E:\Network\EpsonNetSetup\ENEasyApp.exe => No File
FirewallRules: [{8A46E546-8071-438B-ACB0-C3EA746974E9}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe => No File
FirewallRules: [{0C286CAD-1205-442D-B0BB-FFF717E716CF}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe => No File
FirewallRules: [{3BDC4358-789A-4D3D-8EE7-51636159FF50}] => (Allow) C:\Program Files\PreSonus\Studio One 3\Studio One.exe => No File
FirewallRules: [{0A8C659A-D2C7-498F-BE09-75C8AA1A8865}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{8DE3E9E8-DC49-4014-AF85-EFD14F28E6D1}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{C4265F33-FC3D-4288-9D2F-D0CFA046C2D4}] => (Allow) C:\Program Files (x86)\Dell\Dell Printer Manager\uninstall.exe => No File
FirewallRules: [{1647560B-AE52-4A98-B9B5-4099F72BF5A2}] => (Allow) C:\Program Files (x86)\Dell\Dell Printer Manager\uninstall.exe => No File
FirewallRules: [{F291C2B2-3437-490D-BBFC-956C51E065D2}] => (Allow) C:\Program Files (x86)\Dell\Dell B1160w Mono Laser Printer\TORDER\uninstall.exe => No File
FirewallRules: [{5FC54622-E36B-4C3E-88ED-3855D9232B5A}] => (Allow) C:\Program Files (x86)\Dell\Dell B1160w Mono Laser Printer\TORDER\uninstall.exe => No File
FirewallRules: [{3AD2B4F6-8713-485C-90C9-9FCDE91A1EFA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{87C22761-FE5C-4347-ACFE-E2B71B09D3FA}] => (Allow) C:\Program Files\PreSonus\Studio One 3\Studio One.exe => No File
FirewallRules: [{4E0A4BC7-CFF1-48E4-8559-955CD478F34A}] => (Allow) LPort=54925
FirewallRules: [{4DF1B6A4-2305-407F-BA77-0B631F20D4BB}] => (Allow) c:\program files (x86)\pc-faxreceive\brengineprocess.exe (Brother Industries, Ltd.) [File not signed]
FirewallRules: [{A006EDAC-06DF-4D88-88A1-E6F571D4ECA3}] => (Allow) c:\program files (x86)\pc-faxreceive\brengineprocess.exe (Brother Industries, Ltd.) [File not signed]
FirewallRules: [{450D4299-B455-4B7F-924E-A738C871E9A4}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe => No File
FirewallRules: [{6A419DF9-5A6A-435F-BEF2-DE53CBA4B70F}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe => No File
FirewallRules: [{BBEB3DA7-CC67-41E6-99FF-4DD192D70F89}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => No File
FirewallRules: [{0AAC38FC-9084-4CEF-87EF-38E70871593A}] => (Allow) C:\Program Files (x86)\BeAnywhere Support Express\GetSupportService\BASupSrvc.exe (N-ABLE TECHNOLOGIES LTD -> N-able Take Control)
FirewallRules: [{1B582306-1A03-4580-A736-979B40D46A80}] => (Allow) C:\Program Files (x86)\BeAnywhere Support Express\GetSupportService\BASupSrvc.exe (N-ABLE TECHNOLOGIES LTD -> N-able Take Control)
FirewallRules: [{039CB3D8-6302-4D9C-8F7B-40340CE29955}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B5CDD456-7239-4141-BB0C-A84D3677B259}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B9BC198F-1F5D-4220-A4F7-EEC3384CA341}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\107.0.1418.26\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2A1850AA-F620-4ADB-A502-6F6849B33ECA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:76.86 GB) (Free:23.78 GB) (31%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (11/03/2022 07:14:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: avguix.exe, version: 1.226.3.17610, time stamp: 0x59f890a3
Faulting module name: libcef.dll, version: 3.2623.1401.0, time stamp: 0x576c32c7
Exception code: 0x80000003
Fault offset: 0x00a9ccd7
Faulting process id: 0x23bc
Faulting application start time: 0x01d8efd88d47906c
Faulting application path: C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
Faulting module path: C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
Report Id: 72fb7f6d-c91b-4e6f-b04f-a86af0f31027
Faulting package full name:
Faulting package-relative application ID:

Error: (11/03/2022 08:53:40 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SearchApp.exe version 10.0.19041.2130 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1578

Start Time: 01d8ef2032b8b81a

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

Report Id: d7fe1b4a-3124-43be-b2e6-c382c877a74a

Faulting package full name: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: ShellFeedsUI

Hang type: Quiesce

Error: (11/02/2022 08:39:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SearchApp.exe version 10.0.19041.2130 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: a78

Start Time: 01d8ef19670f0d0a

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

Report Id: c94d5538-43bf-4997-a7e8-3e290d4c3217

Faulting package full name: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: ShellFeedsUI

Hang type: Quiesce

Error: (11/02/2022 08:08:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: avguix.exe, version: 1.226.3.17610, time stamp: 0x59f890a3
Faulting module name: libcef.dll, version: 3.2623.1401.0, time stamp: 0x576c32c7
Exception code: 0x80000003
Fault offset: 0x00a9ccd7
Faulting process id: 0x1d58
Faulting application start time: 0x01d8ef16a6317da3
Faulting application path: C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
Faulting module path: C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
Report Id: 127ccbad-306f-437d-8746-a462a610d62b
Faulting package full name:
Faulting package-relative application ID:

Error: (11/02/2022 06:48:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SearchApp.exe version 10.0.19041.2130 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1650

Start Time: 01d8ef0d212501dd

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

Report Id: 71ee3ac3-e2a1-4177-8965-b2f07fd739b9

Faulting package full name: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: ShellFeedsUI

Hang type: Quiesce

Error: (11/02/2022 06:10:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SearchApp.exe version 10.0.19041.2130 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 17bc

Start Time: 01d8eee284da8c57

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

Report Id: 7ad2fd4c-0d6c-490f-b347-100892297f54

Faulting package full name: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: ShellFeedsUI

Hang type: Quiesce

Error: (11/02/2022 06:06:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SearchApp.exe version 10.0.19041.2130 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1138

Start Time: 01d8ef07070cc475

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

Report Id: dbeccbc8-fa1b-4c56-b8e1-f9a4307173ec

Faulting package full name: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: CortanaUI

Hang type: Quiesce

Error: (11/02/2022 01:32:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: avguix.exe, version: 1.226.3.17610, time stamp: 0x59f890a3
Faulting module name: libcef.dll, version: 3.2623.1401.0, time stamp: 0x576c32c7
Exception code: 0x80000003
Fault offset: 0x00a9ccd7
Faulting process id: 0x1e74
Faulting application start time: 0x01d8eedfce44a82e
Faulting application path: C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
Faulting module path: C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
Report Id: dd0ab241-1faa-4bb6-84ca-363e8d959dac
Faulting package full name:
Faulting package-relative application ID:


System errors:
=============
Error: (11/03/2022 07:07:00 PM) (Source: DCOM) (EventID: 10010) (User: E6400)
Description: The server Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe!App.AppXsaksz8g893wmfxp53kxywv7nedj5wtfh.mca did not register with DCOM within the required timeout.

Error: (11/03/2022 06:52:05 PM) (Source: DCOM) (EventID: 10010) (User: E6400)
Description: The server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} did not register with DCOM within the required timeout.

Error: (11/03/2022 06:52:02 PM) (Source: DCOM) (EventID: 10010) (User: E6400)
Description: The server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} did not register with DCOM within the required timeout.

Error: (11/03/2022 06:51:58 PM) (Source: DCOM) (EventID: 10010) (User: E6400)
Description: The server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} did not register with DCOM within the required timeout.

Error: (11/03/2022 06:51:56 PM) (Source: DCOM) (EventID: 10010) (User: E6400)
Description: The server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} did not register with DCOM within the required timeout.

Error: (11/03/2022 06:51:55 PM) (Source: DCOM) (EventID: 10010) (User: E6400)
Description: The server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} did not register with DCOM within the required timeout.

Error: (11/03/2022 06:51:53 PM) (Source: DCOM) (EventID: 10010) (User: E6400)
Description: The server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} did not register with DCOM within the required timeout.

Error: (11/03/2022 06:51:50 PM) (Source: DCOM) (EventID: 10010) (User: E6400)
Description: The server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} did not register with DCOM within the required timeout.


Windows Defender:
================
Date: 2022-11-03 12:19:29
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-11-03 09:43:40
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-11-02 21:02:34
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-11-02 20:30:41
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-11-02 19:31:42
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:

Date: 2022-11-01 18:19:14
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.377.1084.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19700.3
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2022-10-26 20:52:07
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.377.859.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19700.3
Error code: 0x80070102
Error description: The wait operation timed out.

Date: 2022-10-07 15:09:19
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.375.1690.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19600.3
Error code: 0x80070102
Error description: The wait operation timed out.

Date: 2022-10-03 18:27:34
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.375.1451.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19600.3
Error code: 0x80070102
Error description: The wait operation timed out.

Date: 2022-09-23 13:41:46
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.375.854.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19600.3
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

CodeIntegrity:
===============
Date: 2022-11-02 20:22:32
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume1\Program Files\Mozilla Firefox\mozavcodec.dll that did not meet the Microsoft signing level requirements.

Date: 2022-11-02 20:22:29
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume1\Program Files\Mozilla Firefox\mozavutil.dll that did not meet the Microsoft signing level requirements.

Date: 2022-10-19 11:32:48
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume1\Program Files (x86)\Mozilla Firefox\mozavcodec.dll that did not meet the Microsoft signing level requirements.

Date: 2022-10-19 11:32:47
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume1\Program Files (x86)\Mozilla Firefox\mozavutil.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: Dell Inc. A34 06/04/2013
Motherboard: Dell Inc. 0U692R
Processor: Intel® Core™2 Duo CPU P8600 @ 2.40GHz
Percentage of memory in use: 82%
Total physical RAM: 4047.91 MB
Available physical RAM: 705.94 MB
Total Virtual: 8143.91 MB
Available Virtual: 4029.12 MB

==================== Drives ================================

Drive c: (APPS) (Fixed) (Total:76.86 GB) (Free:23.78 GB) (Model: ST9160310AS ATA Device) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:65.99 GB) (Free:44.63 GB) (Model: ST9160310AS ATA Device) NTFS

\\?\Volume{3cfa46bc-0000-0000-0000-103713000000}\ () (Fixed) (Total:0.83 GB) (Free:0.4 GB) NTFS
\\?\Volume{3cfa46bc-0000-0000-0000-206c13000000}\ () (Fixed) (Total:0.44 GB) (Free:0.11 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 149.1 GB) (Disk ID: 3CFA46BC)
Partition 1: (Active) - (Size=76.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=848 MB) - (Type=27)
Partition 3: (Not Active) - (Size=449 MB) - (Type=27)
Partition 4: (Not Active) - (Size=66 GB) - (Type=0F Extended)

==================== End of Addition.txt =======================


Edited by monkeyboyblues, 03 November 2022 - 06:36 PM.

  • 0

Advertisements

#2
RKinner
Posted 03 November 2022 - 10:10 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP

Don't see any malware.  You do have Test Signing turned on which lets it load unsigned drivers.  Is that something you need?

 

You also have removed AVG but unfortunately it left a lot of entries still active and they are causing errors.  

 

You are using Startpage.com for your searches.  Is that something you chose to use or did it get foisted on you?

 

Your Windows search is also acting up so try resetting the search index:

 

https://winbuzzer.co...dows-10-xcxwbt/

You may also want to run the Search troubleshooter which is referenced int he above article.

 

Let's use a fixlist to remove a bunch of AVG entries and a lot of deadwood.  The fix will also check your system files.  Will take about 30 minutes if you have a decent Internet connection and will reboot when done.

 

 
Download the attached fixlist.txt to the same location as FRST
 
Attached File  fixlist.txt   15.43KB   108 downloads
 
Run FRST (make sure you right click on it and Run As Admin!)  and press Fix
A fix log will be generated please post that 
 
Reboot if the fix doesn't reboot it for you
 
Run FRST again but this time make sure Addition.txt is checked and hit Scan.  Post both logs.
 
Assuming it is still slow we can run some more tests and collect some more data.
 
Multiple replies are OK.  Best to post a log as you get it.
 
Get Process Explorer
 
 
Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  
View and check Show Processes From All Users 
 
View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures
 
 
Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  
 
Wait a full minute then:
 
File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.
 
 
Copy the next 2 lines:
 
TASKLIST /SVC  > \junk.txt
notepad \junk.txt
 
Open an Elevated Command Prompt:
Win 7: Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
 
Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply. 
 
 
Get the free version of Speccy:
 
 
(Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving), 
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.
 
First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.
 
 
Latency Monitor:
 
Go to
 
 
Scroll down to
 
System Monitoring Tools
 
and then find
 
LatencyMon 7.0 (or it may be a higher number if they update)
 
Click on Download free home edition
 
Save it then right click and Run As Admin.  It will install and then start the program.  
It will tell you to click on the Start button but there isn't one.  
Instead click on the green arrowhead (looks like a Play button).   Let it run for at least 20 seconds.  Then hit the red box to stop it. 
 
Edit, Copy Report text to Clipboard then move to a REPLY and Ctrl + v to paste the text into a reply.  
 
 
Click on the Drivers Tab.  Click on the column header for "Total execution (ms)" once or twice until the biggest numbers are at the top of the column then take a screen shot (save as type jpg) and attach it.  
Click on the Processes tab then click on the  "Hard Pagefaults" column header once or twice until the big numbers are at the top of the column.  Take a screen shot (save as type jpg) and attach it. 
 

  • 0

#3
monkeyboyblues
Posted 04 November 2022 - 11:16 AM

monkeyboyblues

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 146 posts

I did the "Fix" and then rebooted but no log appeared.

 

The following is the log from the "Scan" I did after the "Fix" and reboot::

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-11-2022
Ran by Admin (administrator) on E6400 (Dell Inc. Latitude E6400) (04-11-2022 12:11:38)
Running from C:\Users\Admin\Downloads\FRST-OlderVersion
Loaded Profiles: Admin
Platform: Microsoft Windows 10 Pro Version 21H1 19043.2130 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe ->) (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE ->) (Dell Inc.) [File not signed] C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(C:\Program Files\DellTPad\Apoint.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(C:\Program Files\DellTPad\Apoint.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11>
(explorer.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(explorer.exe ->) (Dell Inc.) [File not signed] [File is in use] C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(explorer.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <11>
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MpCmdRun.exe <2>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Broadcom Corp -> Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
(services.exe ->) (Broadcom Corp -> Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
(services.exe ->) (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(services.exe ->) (Dell Inc.) [File not signed] C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_e085d3cd5b474ba6\AESTSr64.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_e085d3cd5b474ba6\stacsv64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\NisSrv.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [5712896 2010-02-01] (Dell Inc.) [File not signed] [File is in use]
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] (Samsung Electronics CO., LTD. -> )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-09] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [592240 2011-01-04] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2015-01-29] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4517376 2014-11-11] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [1939968 2014-10-22] (Brother Industries, Ltd.) [File not signed]
HKU\S-1-5-21-2494090995-947898825-4045838511-1003\...\Run: [MicrosoftEdgeAutoLaunch_5EFC0ECB77A7585FE9DCDD0B2E946A2B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3891624 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\sdb2MPC: C:\Windows\System32\spool\prtprocs\x64\sdb2mpc.dll [37376 2012-10-31] (Windows ® Server 2003 DDK provider) [File not signed]
HKLM\...\Print\Monitors\CutePDF Writer Monitor: C:\WINDOWS\SYSTEM32\cpwmon64.dll [89008 2016-01-22] (Acro Software Inc. -> )
HKLM\...\Print\Monitors\sdb2M Langmon: C:\WINDOWS\SYSTEM32\sdb2mlm.dll [34304 2011-09-26] () [File not signed]
HKLM\...\Print\Monitors\sdb2x Langmon: C:\WINDOWS\SYSTEM32\sdb2xlm.dll [34304 2011-09-25] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\107.0.5304.88\Installer\chrmstp.exe [2022-11-03] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{31F6EB2D-A04B-401A-BE3B-0604C2462BA2}] -> MSPACredentialProvider_7.00.33.202204221301.dll
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03E76D3E-AC1D-4455-8EE9-A0031323BE1C} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {07FF35EA-5C86-4A7D-8B61-85537E968680} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {0F2B86FB-2155-4393-B8E2-88EF5027860E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MpCmdRun.exe [1567336 2022-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {15D6CE39-B88A-426E-9531-E17D4F3096FC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MpCmdRun.exe [1567336 2022-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2495F688-B89B-438D-9465-24CEA2D862D5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MpCmdRun.exe [1567336 2022-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {31ED96E7-12E9-4AA3-AE48-AC9C15FEE7AA} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {326FFD04-FDDC-4069-8526-37D28F51DE2C} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-14] (Adobe Inc. -> Adobe)
Task: {3C3FAC5A-E147-48C0-A2D0-335892C70796} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4A3DC197-C032-4B15-BE7B-B217DFD03F39} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-13] (Google LLC -> Google LLC)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {7C424160-6374-4E80-99C3-3BE7FE39B8B8} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {7EEF9173-B582-404A-9CCA-CDC12EF0D38E} - System32\Tasks\{F3035542-602D-49CC-A2A4-4B482E74AC02} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\USWRQITL\DELL_TOUCHPAD----POINTING-ST_A11_R231736[1].exe
Task: {7FA12F49-DE8E-4489-8B11-DA99077410F3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MpCmdRun.exe [1567336 2022-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A880B82B-B0F8-4AB9-8E9D-72EF2B01BDA4} - System32\Tasks\{230103E3-047F-442D-AEE7-2F9D5B3DB970} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Admin\Downloads\IDT_92HDXXX-HD-AUDIO_A04_R302809.exe -d C:\Users\Admin\Downloads
Task: {ADC26AFE-2902-405D-8218-EDC48FC52295} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D3C8E979-F63D-40DA-95DA-5892BBA1082D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-13] (Google LLC -> Google LLC)
Task: {DBDB8660-66C6-4FE7-8487-D30E132E3CB7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-14] (Adobe Inc. -> Adobe)
Task: {F14EEEB6-F872-47F9-9717-F8D8C001C0E9} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{48f90ba7-95c3-4707-9746-91302525f96b}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9992bc72-c55a-4958-a302-4abb522d67bc}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{f3b88faf-88a6-416c-a28f-fcd4d871a462}: [DhcpNameServer] 75.75.75.75 75.75.76.76

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default [2022-11-04]
Edge Notifications: Default -> hxxps://www.facebook.com

FireFox:
========
FF DefaultProfile: bjfvrvhs.default
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\309n7l2u.default-release [2022-11-04]
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bjfvrvhs.default [2022-10-21]
FF Homepage: Mozilla\Firefox\Profiles\bjfvrvhs.default -> hxxps://www.ixquick.com/
FF Extension: (Keywords Everywhere - Keyword Tool) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bjfvrvhs.default\Extensions\[email protected] [2022-10-10]
FF Extension: (Startpage.com — Private Search Engine) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bjfvrvhs.default\Extensions\{20fc2e06-e3e4-4b2b-812b-ab431220cada}.xpi [2020-09-22]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-14] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-14] (Adobe Inc. -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2022-11-04]
CHR Notifications: Default -> hxxps://aloha-news.net; hxxps://newssysstem.net
CHR DefaultSearchURL: Default -> hxxps://www.startpage.com/do/dsearch?query={searchTerms}&cat=web&pl=ext-chrome&language=english&extVersion=1.1.2
CHR DefaultSearchKeyword: Default -> startpage.com
CHR Extension: (TikTok™ for Desktop & Downloader) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdphkkecaejjijafinepmkefiegpkdjf [2022-10-31]
CHR Extension: (Resizing App) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpiobpcinjhhemgobhjghkakdabddmg [2021-02-15]
CHR Extension: (Startpage - English) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgmjlmbojbkmdpofahffgcpkhkngfpef [2021-06-03]
CHR Extension: (Google Docs Offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-02]
CHR Extension: (Desktopify) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlhjgcligpbnjphflfdbmabbmjidnmek [2021-02-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-07]
CHR Extension: (Invite post likers for Facebook™) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\oobofacgjpheigmglnjjlhfolhcamaia [2022-10-19]
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-02-15]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-14] (Adobe Inc. -> Adobe)
R2 AESTFilters; C:\WINDOWS\System32\DriverStore\FileRepository\stwrt64.inf_amd64_e085d3cd5b474ba6\AESTSr64.exe [89600 2009-03-02] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [289792 2014-10-23] (Brother Industries, Ltd.) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224192 2022-09-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 STacSV; C:\WINDOWS\System32\DriverStore\FileRepository\stwrt64.inf_amd64_e085d3cd5b474ba6\STacSV64.exe [244736 2010-03-09] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\NisSrv.exe [3191224 2022-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MsMpEng.exe [133536 2022-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [5088256 2010-02-01] (Dell Inc.) [File not signed]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R3 BCM43XX; C:\WINDOWS\System32\drivers\bcmwl63al.sys [5170176 2019-12-07] (Microsoft Windows -> Broadcom Corporation)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 fanio; C:\Windows\system32\drivers\fanio.sys [23552 2016-06-11] (NGO -> Christian Diefer)
R2 rimmptsk; C:\WINDOWS\System32\drivers\rimmpx64.sys [67584 2009-06-25] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R3 STHDA; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [505856 2010-03-09] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
R1 UimBus; C:\WINDOWS\System32\drivers\UimBus.sys [102576 2015-08-21] (Paragon Software GmbH -> )
R1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uim_devim.sys [25904 2015-08-21] (Paragon Software GmbH -> )
R1 Uim_IM; C:\WINDOWS\System32\drivers\uim_im.sys [701232 2015-08-21] (Paragon Software GmbH -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-11-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [469280 2022-11-02] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-11-02] (Microsoft Windows -> Microsoft Corporation)
S3 btwaudio; \SystemRoot\system32\drivers\btwaudio.sys [X]
S3 btwavdt; \SystemRoot\system32\drivers\btwavdt.sys [X]
S3 btwl2cap; \SystemRoot\system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; \SystemRoot\System32\drivers\btwrchid.sys [X]
U3 idsvc; no ImagePath
S3 TASCAM_US1200_USB; \SystemRoot\System32\Drivers\tus1200u.sys [X]
S3 TASCAM_US1200_WDM; \SystemRoot\system32\drivers\tus1200a.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-11-04 10:19 - 2022-11-04 11:20 - 000024308 _____ C:\Users\Admin\Downloads\Fixlog.txt
2022-11-04 10:13 - 2022-11-04 10:19 - 000007901 _____ C:\Users\Admin\Downloads\fixlist.txt
2022-11-04 08:29 - 2022-11-04 12:03 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-11-03 20:24 - 2022-11-03 20:34 - 000034324 _____ C:\Users\Admin\Downloads\Addition.txt
2022-11-03 20:02 - 2022-11-04 12:11 - 000000000 ____D C:\Users\Admin\Downloads\FRST-OlderVersion
2022-11-03 20:02 - 2022-11-03 20:34 - 000032065 _____ C:\Users\Admin\Downloads\FRST.txt
2022-11-03 20:00 - 2022-11-04 10:18 - 002374656 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2022-10-25 13:28 - 2022-10-25 13:28 - 000000744 _____ C:\Users\Admin\Documents\Desktop - Shortcut.lnk
2022-10-23 18:50 - 2022-10-23 18:50 - 000913167 _____ C:\Users\Admin\Downloads\Tiszai_Luca_Preverbal_2019_net.pdf
2022-10-23 12:14 - 2022-10-23 12:14 - 000848539 _____ C:\Users\Admin\Downloads\Tiszai_Luca_Community_2019_net.pdf
2022-10-23 12:14 - 2022-10-23 12:14 - 000000000 _____ C:\Users\Admin\Downloads\JuxHxgwn.htm
2022-10-23 11:39 - 2022-10-23 11:40 - 000895789 _____ C:\Users\Admin\Downloads\TiszaiConsonante.pdf
2022-10-21 20:48 - 2022-11-04 12:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-10-21 20:48 - 2022-11-04 12:03 - 000000969 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-10-21 20:48 - 2022-10-28 13:51 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-10-21 20:48 - 2022-10-21 20:48 - 000000957 _____ C:\Users\Public\Desktop\Firefox.lnk
2022-10-21 20:38 - 2022-10-21 20:38 - 000351488 _____ (Mozilla) C:\Users\Admin\Downloads\Firefox Installer.exe
2022-10-21 08:13 - 2022-10-27 11:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-10-12 11:36 - 2022-10-12 11:36 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-10-12 11:35 - 2022-10-12 11:35 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-10-12 11:35 - 2022-10-12 11:35 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-10-12 11:33 - 2022-10-12 11:33 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-10-12 11:33 - 2022-10-12 11:33 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-10-12 11:31 - 2022-10-12 11:31 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-10-12 11:30 - 2022-10-12 11:30 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-10-12 10:04 - 2022-10-12 10:04 - 000000000 ___HD C:\$WinREAgent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-11-04 12:51 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-04 12:30 - 2018-08-09 13:24 - 000000000 ____D C:\FRST
2022-11-04 12:07 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-11-04 12:06 - 2022-03-28 18:38 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-11-04 12:04 - 2017-01-07 14:40 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Mozilla
2022-11-04 12:02 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-04 12:00 - 2016-06-10 18:06 - 000000000 ____D C:\Program Files (x86)\Google
2022-11-04 11:59 - 2016-09-20 14:33 - 000000000 ___RD C:\Users\Admin\OneDrive
2022-11-04 11:51 - 2020-09-03 14:18 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-11-04 11:50 - 2020-10-05 16:13 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-04 11:49 - 2019-12-07 05:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-11-04 11:48 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-11-04 11:15 - 2020-09-03 13:31 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-11-04 10:19 - 2020-09-03 14:18 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2022-11-03 19:54 - 2020-09-05 19:44 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-11-03 19:54 - 2020-09-05 19:44 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-11-03 18:53 - 2020-09-03 13:42 - 000000000 ____D C:\Users\Admin
2022-11-03 17:44 - 2020-07-13 18:47 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-11-03 17:44 - 2020-07-13 18:47 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-11-02 13:44 - 2018-06-23 22:18 - 000008051 _____ C:\WINDOWS\BRRBCOM.INI
2022-11-02 13:24 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2022-11-02 09:22 - 2018-04-14 00:23 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-11-01 12:13 - 2022-02-26 13:09 - 000002383 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-11-01 12:13 - 2021-12-16 19:07 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2494090995-947898825-4045838511-1003
2022-11-01 12:13 - 2020-09-03 14:18 - 000003358 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2494090995-947898825-4045838511-1003
2022-10-30 10:19 - 2020-11-06 13:25 - 000000000 ____D C:\Users\Admin\Desktop\iNDEPRENUER
2022-10-27 18:50 - 2017-03-07 20:31 - 000000000 ____D C:\Users\Admin\AppData\Local\ElevatedDiagnostics
2022-10-21 09:42 - 2022-08-02 10:29 - 000050176 ____H C:\Users\Admin\Documents\~WRL3770.tmp
2022-10-14 20:18 - 2020-09-05 19:42 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-10-14 20:18 - 2020-09-05 19:42 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-10-13 07:47 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2022-10-13 07:43 - 2020-09-03 13:56 - 000840602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-10-12 21:59 - 2020-09-03 13:31 - 000310360 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-10-12 21:51 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-10-12 21:51 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-10-12 21:50 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-10-12 21:50 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-10-12 21:50 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-10-12 21:50 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-10-12 21:50 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-10-12 21:49 - 2019-12-07 05:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-10-12 21:49 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-10-12 21:49 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-10-12 12:02 - 2019-12-07 05:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2022-10-12 12:02 - 2019-12-07 05:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2022-10-12 11:34 - 2016-05-12 14:32 - 000415690 __RSH C:\bootmgr
2022-10-12 11:27 - 2020-09-03 13:38 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-10-12 09:46 - 2016-06-12 17:22 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-10-12 09:25 - 2016-06-12 17:22 - 147398024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)



testsigning: ==> 'testsigning' is set. Check for possible unsigned driver <==== ATTENTION
==================== End of FRST.txt ========================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-11-2022
Ran by Admin (04-11-2022 12:57:37)
Running from C:\Users\Admin\Downloads\FRST-OlderVersion
Microsoft Windows 10 Pro Version 21H1 19043.2130 (X64) (2020-09-03 18:21:05)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Admin (S-1-5-21-2494090995-947898825-4045838511-1003 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2494090995-947898825-4045838511-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2494090995-947898825-4045838511-503 - Limited - Disabled)
Guest (S-1-5-21-2494090995-947898825-4045838511-501 - Limited - Disabled)
jadeh (S-1-5-21-2494090995-947898825-4045838511-1002 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2494090995-947898825-4045838511-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Reader XI (11.0.23) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Belarc Advisor 8.4 (HKLM-x32\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
BrLauncher (HKLM-x32\...\{C661197A-6B93-4E37-9E3F-2A1DFCD64234}) (Version: 1.1.15.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{B556F816-FF4D-4BB6-9339-ED28639E2EF3}) (Version: 1.0.2.1 - Brother Industries Ltd.) Hidden
Brother PCFax Driver (HKLM-x32\...\{56BA05BD-7A67-4EF8-85A7-8C6528AEE2AC}) (Version: 1.4.0.0 - Brother Industries Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{A17C3197-24C9-493B-BB9A-A73800A0B61A}) (Version: 1.6.0.1 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{AE0056FC-36C2-4C09-B9BB-9111617914EA}) (Version: 1.0.11.11 - Brother Industries Ltd.) Hidden
BrotherHelpInstaller (HKLM-x32\...\{4E461C2A-EC1C-46D1-AF5B-7FEFD0054AF8}) (Version: 1.0.0.0 - Brother) Hidden
BrSupportTools (HKLM-x32\...\{F8F9EB58-33BA-4FF8-80E7-66D87D2E0C3C}) (Version: 1.0.9.0 - Brother Industries Ltd.) Hidden
CDBurnerXP (64 bit) (HKLM\...\{7B8B3EDE-B54A-4DF5-A689-0042ED2661CC}) (Version: 4.5.6.6059 - Canneverbe Limited)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Common Desktop Agent (HKLM\...\{2DBE349F-FF05-42FE-81A9-2B3A0EC22BBE}) (Version: 1.62.0 - OEM) Hidden
ControlCenter4 (HKLM-x32\...\{9ADB625A-7F6D-4C48-9058-4767A55D5424}) (Version: 4.2.438.1 - Brother Insutries Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{1BAE50D4-5F2A-4E34-BD81-B4555109F7C2}) (Version: 4.2.3.1 - Brother Insutries Ltd.) Hidden
CutePDF Writer 3.1 (HKLM\...\CutePDF Writer Installation) (Version:  3.1 - Acro Software Inc.)
Dell ControlVault Host Components Installer 64 bit (HKLM\...\{55E79447-F6B0-46CB-9F58-F82DAC9C2286}) (Version: 2.1.2.187 - Broadcom Corporation)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1207.101.108 - ALPS ELECTRIC CO., LTD.)
DeviceDetect (HKLM-x32\...\{FF45CD35-CEAA-4B57-81DA-8F215B9249CB}) (Version: 1.4.2.0 - Brother Industries Ltd.) Hidden
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 5.60.48.35 - Dell Inc.)
Easy Photo Scan (HKLM-x32\...\{61D1B0E8-8651-4AF3-8E8F-3EA3C0C9E8F7}) (Version: 1.00.0003 - Seiko Epson Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 107.0.5304.88 - Google LLC)
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
I8kfanGUI V3.1 (x64) (HKLM-x32\...\I8kfanGUI) (Version: 3.1 - Christian Diefer)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6227.0 - IDT)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2869 - Intel Corporation)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 14.5 - Intel)
Microsoft DVD App Installation for Microsoft.WindowsDVDPlayer_2019.6.13291.0_neutral_~_8wekyb3d8bbwe (x64) (HKLM\...\{25E80DAA-FD87-DCE5-202C-CC02F6673002}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 107.0.1418.35 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 107.0.1418.26 - Microsoft Corporation)
Microsoft Office XP Professional with FrontPage (HKLM-x32\...\{90280409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2627.01 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2494090995-947898825-4045838511-1003\...\OneDriveSetup.exe) (Version: 22.217.1016.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 (HKLM-x32\...\{40d3fee2-b257-46c2-bdc0-cb1088d97327}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.27.29016 (HKLM\...\{F07B1E25-5670-4556-9C7F-5A1966C83269}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.27.29016 (HKLM\...\{E493B8F4-E300-43EC-95D0-BDF3711297EA}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 106.0.4 (x64 en-US)) (Version: 106.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 106.0.1 - Mozilla)
NetworkRepairTool (HKLM-x32\...\{4694AD3E-D4A2-4D98-9848-662A0475E872}) (Version: 1.2.11.0 - Brother Insutries Ltd.) Hidden
OpenOffice 4.1.7 (HKLM-x32\...\{A09D951F-4BA3-4383-97B3-D1B91835E779}) (Version: 4.17.9800 - Apache Software Foundation)
Paragon Backup and Recovery™ 14 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PC-FAXReceive (HKLM-x32\...\{DD40894F-7575-4905-90AB-695FD827E358}) (Version: 1.4.24.0 - Brother Insutries Ltd.) Hidden
PCFaxTx (HKLM-x32\...\{63530B2D-3A34-4D79-A52D-F3EB5D99A7C1}) (Version: 1.1.1.1 - Brother Industries Ltd.) Hidden
RemoteSetup (HKLM-x32\...\{BDD8C463-1183-4A91-9EC8-BF68E4ECA9B6}) (Version: 3.9.2.1 - Brother Industries Ltd.) Hidden
RICOH Media Driver ver.2.07.01.01 (HKLM-x32\...\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}) (Version: 2.07.01.01 - RICOH)
ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
Shotcut (HKLM-x32\...\Shotcut) (Version:  - )
Software Updater (HKLM-x32\...\{B307472F-7BD9-4040-9255-CE6D6A1196A3}) (Version: 4.3.1 - SEIKO EPSON CORPORATION)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
StatusMonitor (HKLM-x32\...\{86D16055-3C14-44C6-BCD7-5514B83BAD34}) (Version: 1.12.4.0 - Brother Insutries Ltd.) Hidden
Telegram Desktop (HKU\S-1-5-21-2494090995-947898825-4045838511-1003\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.1 - Telegram FZ-LLC)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
US-1200 drivers (HKLM\...\USB_AUDIO_DEusb-audio.deTascamUS1200) (Version:  - )
UsbRepairTool (HKLM-x32\...\{523276A4-5779-4105-9163-CA1CF94EC533}) (Version: 1.4.0.0 - Brother Insutries Ltd.) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
XMind 6 (v3.5.2) (HKLM-x32\...\XMind_is1) (Version: 3.5.2.201504270119 - XMind Ltd.)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-11] (Microsoft Corporation)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2016-06-12] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.voxacm160] => C:\WINDOWS\SYSTEM32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.scg726] => C:\WINDOWS\SYSTEM32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\WINDOWS\SYSTEM32\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\SYSTEM32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lame] => C:\WINDOWS\SYSTEM32\lame.ax [245760 2005-08-01] () [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\WINDOWS\SYSTEM32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [File not signed]
HKLM\...\Drivers32: [vidc.mpg4] => C:\WINDOWS\SYSTEM32\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp42] => C:\WINDOWS\SYSTEM32\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\WINDOWS\SYSTEM32\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\WINDOWS\SYSTEM32\xvidvfw.dll [139264 2004-07-03] () [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\WINDOWS\SYSTEM32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SYSTEM32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SYSTEM32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP62] => C:\WINDOWS\SYSTEM32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.LAGS] => C:\WINDOWS\SYSTEM32\lagarith.dll [216064 2011-12-07] () [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2009-02-27 16:38 - 2009-02-27 16:38 - 000139264 _____ () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2018-06-23 22:19 - 2005-04-22 13:36 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll
2016-06-15 11:20 - 2011-09-26 01:27 - 000034304 _____ () [File not signed] C:\WINDOWS\System32\sdb2mlm.dll
2016-06-15 11:20 - 2011-09-25 03:14 - 000034304 _____ () [File not signed] C:\WINDOWS\System32\sdb2xlm.dll
2016-06-10 18:44 - 2010-02-01 23:20 - 000060928 _____ (Broadcom Corporation) [File not signed] [File is in use] C:\Program Files\Dell\DW WLAN Card\bcmwlrmt.dll
2016-06-10 18:44 - 2010-02-01 23:21 - 000073728 _____ (Broadcom Corporation) [File not signed] C:\WINDOWS\SYSTEM32\wltrynt.dll
2014-11-13 18:55 - 2014-11-13 18:55 - 000461824 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrMonitor.dll
2010-09-29 17:07 - 2010-09-29 17:07 - 000180224 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BroSNMP.dll
2011-02-28 11:32 - 2011-02-28 11:32 - 000208896 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrFirmUpdateCheck.dll
2013-10-10 21:55 - 2013-10-10 21:55 - 002040320 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
2015-01-29 16:46 - 2015-01-29 16:46 - 000137728 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2014-09-09 09:38 - 2014-09-09 09:38 - 000083968 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2014-09-09 09:38 - 2014-09-09 09:38 - 017974784 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
2014-09-09 09:39 - 2014-09-09 09:39 - 000080896 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcLUsa.dll
2018-06-23 22:19 - 2016-11-01 11:27 - 000090112 _____ (Brother Industries, Ltd.) [File not signed] C:\WINDOWS\system32\BrNetSti.dll
2016-06-15 11:22 - 2012-10-31 02:12 - 000037376 _____ (Windows ® Server 2003 DDK provider) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\sdb2mpc.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2013-04-16] (Belarc, Inc. -> Belarc, Inc.)
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation) [File not signed]
Handler-x32: http - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: http - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: https - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: https - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: msdaipp - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: msdaipp - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2018-09-25 20:01 - 000000842 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2494090995-947898825-4045838511-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\Desktop\4Slow Motion.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{33692514-9F66-477D-B585-0B100C838916}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CE5BA17F-170C-4D81-BF86-081CB9604A0F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F7E174D5-0472-484B-8C6B-0C211E136CB3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{35C84583-330A-43AE-8C58-C2CB9EC910AF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0A8C659A-D2C7-498F-BE09-75C8AA1A8865}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{8DE3E9E8-DC49-4014-AF85-EFD14F28E6D1}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{4E0A4BC7-CFF1-48E4-8559-955CD478F34A}] => (Allow) LPort=54925
FirewallRules: [{4DF1B6A4-2305-407F-BA77-0B631F20D4BB}] => (Allow) c:\program files (x86)\pc-faxreceive\brengineprocess.exe (Brother Industries, Ltd.) [File not signed]
FirewallRules: [{A006EDAC-06DF-4D88-88A1-E6F571D4ECA3}] => (Allow) c:\program files (x86)\pc-faxreceive\brengineprocess.exe (Brother Industries, Ltd.) [File not signed]
FirewallRules: [{039CB3D8-6302-4D9C-8F7B-40340CE29955}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B5CDD456-7239-4141-BB0C-A84D3677B259}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B9BC198F-1F5D-4220-A4F7-EEC3384CA341}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\107.0.1418.26\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2A1850AA-F620-4ADB-A502-6F6849B33ECA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:76.86 GB) (Free:23.71 GB) (31%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (11/04/2022 12:30:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Microsoft.Photos.exe version 2022.30070.26007.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1a6c

Start Time: 01d8f06a08d63e52

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2022.30070.26007.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

Report Id: 98a49342-b2f2-4498-a2b9-e18d5e3fddc9

Faulting package full name: Microsoft.Windows.Photos_2022.30070.26007.0_x64__8wekyb3d8bbwe

Faulting package-relative application ID: App

Hang type: Quiesce

Error: (11/03/2022 07:14:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: avguix.exe, version: 1.226.3.17610, time stamp: 0x59f890a3
Faulting module name: libcef.dll, version: 3.2623.1401.0, time stamp: 0x576c32c7
Exception code: 0x80000003
Fault offset: 0x00a9ccd7
Faulting process id: 0x23bc
Faulting application start time: 0x01d8efd88d47906c
Faulting application path: C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
Faulting module path: C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
Report Id: 72fb7f6d-c91b-4e6f-b04f-a86af0f31027
Faulting package full name:
Faulting package-relative application ID:

Error: (11/03/2022 08:53:40 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SearchApp.exe version 10.0.19041.2130 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1578

Start Time: 01d8ef2032b8b81a

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

Report Id: d7fe1b4a-3124-43be-b2e6-c382c877a74a

Faulting package full name: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: ShellFeedsUI

Hang type: Quiesce

Error: (11/02/2022 08:39:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SearchApp.exe version 10.0.19041.2130 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: a78

Start Time: 01d8ef19670f0d0a

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

Report Id: c94d5538-43bf-4997-a7e8-3e290d4c3217

Faulting package full name: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: ShellFeedsUI

Hang type: Quiesce

Error: (11/02/2022 08:08:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: avguix.exe, version: 1.226.3.17610, time stamp: 0x59f890a3
Faulting module name: libcef.dll, version: 3.2623.1401.0, time stamp: 0x576c32c7
Exception code: 0x80000003
Fault offset: 0x00a9ccd7
Faulting process id: 0x1d58
Faulting application start time: 0x01d8ef16a6317da3
Faulting application path: C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
Faulting module path: C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
Report Id: 127ccbad-306f-437d-8746-a462a610d62b
Faulting package full name:
Faulting package-relative application ID:

Error: (11/02/2022 06:48:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SearchApp.exe version 10.0.19041.2130 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1650

Start Time: 01d8ef0d212501dd

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

Report Id: 71ee3ac3-e2a1-4177-8965-b2f07fd739b9

Faulting package full name: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: ShellFeedsUI

Hang type: Quiesce

Error: (11/02/2022 06:10:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SearchApp.exe version 10.0.19041.2130 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 17bc

Start Time: 01d8eee284da8c57

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

Report Id: 7ad2fd4c-0d6c-490f-b347-100892297f54

Faulting package full name: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: ShellFeedsUI

Hang type: Quiesce

Error: (11/02/2022 06:06:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SearchApp.exe version 10.0.19041.2130 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1138

Start Time: 01d8ef07070cc475

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

Report Id: dbeccbc8-fa1b-4c56-b8e1-f9a4307173ec

Faulting package full name: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: CortanaUI

Hang type: Quiesce


System errors:
=============
Error: (11/04/2022 11:59:21 AM) (Source: DCOM) (EventID: 10010) (User: E6400)
Description: The server Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe!App.AppXsaksz8g893wmfxp53kxywv7nedj5wtfh.mca did not register with DCOM within the required timeout.

Error: (11/04/2022 11:51:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The luafv service failed to start due to the following error:
This driver has been blocked from loading

Error: (11/04/2022 11:21:57 AM) (Source: DCOM) (EventID: 10010) (User: E6400)
Description: The server Microsoft.Windows.ContentDeliveryManager_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy!App.AppXyvyv4mghdjas8j88defq0w1hc410kvzt.mca did not register with DCOM within the required timeout.

Error: (11/03/2022 07:07:00 PM) (Source: DCOM) (EventID: 10010) (User: E6400)
Description: The server Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe!App.AppXsaksz8g893wmfxp53kxywv7nedj5wtfh.mca did not register with DCOM within the required timeout.

Error: (11/03/2022 06:52:05 PM) (Source: DCOM) (EventID: 10010) (User: E6400)
Description: The server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} did not register with DCOM within the required timeout.

Error: (11/03/2022 06:52:02 PM) (Source: DCOM) (EventID: 10010) (User: E6400)
Description: The server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} did not register with DCOM within the required timeout.

Error: (11/03/2022 06:51:58 PM) (Source: DCOM) (EventID: 10010) (User: E6400)
Description: The server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} did not register with DCOM within the required timeout.

Error: (11/03/2022 06:51:56 PM) (Source: DCOM) (EventID: 10010) (User: E6400)
Description: The server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} did not register with DCOM within the required timeout.


Windows Defender:
================
Date: 2022-11-04 08:47:57
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-11-03 12:19:29
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-11-03 09:43:40
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-11-02 21:02:34
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-11-02 20:30:41
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:

Date: 2022-11-01 18:19:14
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.377.1084.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19700.3
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2022-10-26 20:52:07
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.377.859.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19700.3
Error code: 0x80070102
Error description: The wait operation timed out.

Date: 2022-10-07 15:09:19
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.375.1690.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19600.3
Error code: 0x80070102
Error description: The wait operation timed out.

Date: 2022-10-03 18:27:34
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.375.1451.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19600.3
Error code: 0x80070102
Error description: The wait operation timed out.

Date: 2022-09-23 13:41:46
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.375.854.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19600.3
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

CodeIntegrity:
===============
Date: 2022-11-02 20:22:32
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume1\Program Files\Mozilla Firefox\mozavcodec.dll that did not meet the Microsoft signing level requirements.

Date: 2022-11-02 20:22:29
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume1\Program Files\Mozilla Firefox\mozavutil.dll that did not meet the Microsoft signing level requirements.

Date: 2022-10-19 11:32:48
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume1\Program Files (x86)\Mozilla Firefox\mozavcodec.dll that did not meet the Microsoft signing level requirements.

Date: 2022-10-19 11:32:47
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume1\Program Files (x86)\Mozilla Firefox\mozavutil.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: Dell Inc. A34 06/04/2013
Motherboard: Dell Inc. 0U692R
Processor: Intel® Core™2 Duo CPU P8600 @ 2.40GHz
Percentage of memory in use: 81%
Total physical RAM: 4047.91 MB
Available physical RAM: 750.87 MB
Total Virtual: 8143.91 MB
Available Virtual: 4002.74 MB

==================== Drives ================================

Drive c: (APPS) (Fixed) (Total:76.86 GB) (Free:23.71 GB) (Model: ST9160310AS ATA Device) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:65.99 GB) (Free:44.63 GB) (Model: ST9160310AS ATA Device) NTFS

\\?\Volume{3cfa46bc-0000-0000-0000-103713000000}\ () (Fixed) (Total:0.83 GB) (Free:0.4 GB) NTFS
\\?\Volume{3cfa46bc-0000-0000-0000-206c13000000}\ () (Fixed) (Total:0.44 GB) (Free:0.11 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 149.1 GB) (Disk ID: 3CFA46BC)
Partition 1: (Active) - (Size=76.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=848 MB) - (Type=27)
Partition 3: (Not Active) - (Size=449 MB) - (Type=27)
Partition 4: (Not Active) - (Size=66 GB) - (Type=0F Extended)

==================== End of Addition.txt =======================


  • 0

#4
RKinner
Posted 04 November 2022 - 01:23 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP

Looks like it may have timed out rather than completing as it did not get around to clearing the alarms before the reboot.

 

Fixlog is at: C:\Users\Admin\Downloads\Fixlog.txt.  Can you please post it?


  • 0

#5
monkeyboyblues
Posted 04 November 2022 - 04:15 PM

monkeyboyblues

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 146 posts

Fix result of Farbar Recovery Scan Tool (x64) Version: 04-11-2022
Ran by Admin (04-11-2022 10:19:54) Run:1
Running from C:\Users\Admin\Downloads
Loaded Profiles: Admin
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-10-31] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-10-31] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-2494090995-947898825-4045838511-1003\...\Run: [MicrosoftEdgeAutoLaunch_5EFC0ECB77A7585FE9DCDD0B2E946A2B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3891624 2022-10-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2494090995-947898825-4045838511-1003\...\Run: [GoogleChromeAutoLaunch_A5B343D047FD8BD2F268B0EA0F8DBD7C] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [3217176 2022-10-26] (Google LLC -> Google LLC)
Lsa: [Notification Packages] scecli "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
Task: {241DE746-00E5-48F9-9AF1-C988CE3C0D89} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (No File)
Task: {3700C63B-5EB8-4B85-A280-FE8B7D257EC9} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (No File)
Task: {3755493B-8642-4A68-AF9F-F787ACB752D5} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (No File)
Task: {3B78CDC3-2C96-46D7-837A-E9C96BC2D4CB} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2287472 2022-05-24] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {45DC34F0-04C3-4B74-9CD4-5D0C4FC2B5A6} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (No File)
Task: {7571DF58-458F-4222-A0B1-CBE2C1C7A4B4} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (No File)
Task: {79D63C81-35B2-46A3-9B77-6770925A1C7D} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (No File)
Task: {8046BC1F-E1F8-4A48-B9E7-41E45AA2D3AD} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (No File)
Task: {858A0D97-E482-465D-888D-B999EDC10D68} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (No File)
Task: {90A3DA29-6DCE-4AB1-BB6B-AA178F8A06DF} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (No File)
Task: {94190FDA-B410-4BCE-ACD0-8CB85A6E0F04} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (No File)
Task: {98C88774-C977-4AA0-A1BC-B8A5D201D64C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (No File)
Task: {9DFB6922-93F2-4644-B773-F5655BB2A0F6} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (No File)
Task: {A060F7BD-C8B0-44CF-A9FC-395D00C727E2} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {A21DA9C6-2ECC-4B36-8A71-60009A9632C5} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (No File)
Task: {A38731AE-0347-4979-AE17-9530C898BE7D} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (No File)
Task: {B4961E1B-F09D-47E4-9068-F94596A60F53} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (No File)
Task: {B957A03C-659E-405A-A771-48787F7135E9} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (No File)
Task: {BC44CE4E-8493-4630-9BC3-06BBA86B706F} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (No File)
Task: {C6DBF053-00DC-4791-9111-7666AF62D189} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (No File)
Task: {CB531407-13FF-442C-B5D6-EC8E8CB7DE1A} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (No File)
Task: {D742D6BF-24AC-40CC-B792-BB9AC755EF65} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (No File)
Task: {E054FEAA-99C0-4997-9BEB-58B2BD6D5D7E} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (No File)
Task: {E332D4E4-D60E-4362-B31B-A17C38E77B27} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (No File)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
FirewallRules: [{51DDEE1E-22B2-4D85-8D06-48ED181D0720}] => (Allow) E:\Network\EpsonNetSetup\ENEasyApp.exe => No File
FirewallRules: [{B7FBF0DF-FA7E-4F78-AAA0-E1002B119398}] => (Allow) E:\Network\EpsonNetSetup\ENEasyApp.exe => No File
FirewallRules: [{8A46E546-8071-438B-ACB0-C3EA746974E9}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe => No File
FirewallRules: [{0C286CAD-1205-442D-B0BB-FFF717E716CF}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe => No File
FirewallRules: [{3BDC4358-789A-4D3D-8EE7-51636159FF50}] => (Allow) C:\Program Files\PreSonus\Studio One 3\Studio One.exe => No File
FirewallRules: [{C4265F33-FC3D-4288-9D2F-D0CFA046C2D4}] => (Allow) C:\Program Files (x86)\Dell\Dell Printer Manager\uninstall.exe => No File
FirewallRules: [{1647560B-AE52-4A98-B9B5-4099F72BF5A2}] => (Allow) C:\Program Files (x86)\Dell\Dell Printer Manager\uninstall.exe => No File
FirewallRules: [{F291C2B2-3437-490D-BBFC-956C51E065D2}] => (Allow) C:\Program Files (x86)\Dell\Dell B1160w Mono Laser Printer\TORDER\uninstall.exe => No File
FirewallRules: [{5FC54622-E36B-4C3E-88ED-3855D9232B5A}] => (Allow) C:\Program Files (x86)\Dell\Dell B1160w Mono Laser Printer\TORDER\uninstall.exe => No File
FirewallRules: [{3AD2B4F6-8713-485C-90C9-9FCDE91A1EFA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{87C22761-FE5C-4347-ACFE-E2B71B09D3FA}] => (Allow) C:\Program Files\PreSonus\Studio One 3\Studio One.exe => No File
FirewallRules: [{450D4299-B455-4B7F-924E-A738C871E9A4}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe => No File
FirewallRules: [{6A419DF9-5A6A-435F-BEF2-DE53CBA4B70F}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe => No File
FirewallRules: [{BBEB3DA7-CC67-41E6-99FF-4DD192D70F89}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => No File
FirewallRules: [{0AAC38FC-9084-4CEF-87EF-38E70871593A}] => (Allow) C:\Program Files (x86)\BeAnywhere Support Express\GetSupportService\BASupSrvc.exe (N-ABLE TECHNOLOGIES LTD -> N-able Take Control)
FirewallRules: [{1B582306-1A03-4580-A736-979B40D46A80}] => (Allow) C:\Program Files (x86)\BeAnywhere Support Express\GetSupportService\BASupSrvc.exe (N-ABLE TECHNOLOGIES LTD -> N-able Take Control)
C:\Program Files (x86)\AVG
CMD: DISM /Online /Cleanup-Image /RestoreHealth
CMD: SFC /scannow
CMD: findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot:


*****************

"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AvgUi" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AvgUi" => removed successfully
"HKU\S-1-5-21-2494090995-947898825-4045838511-1003\Software\Microsoft\Windows\CurrentVersion\Run\\MicrosoftEdgeAutoLaunch_5EFC0ECB77A7585FE9DCDD0B2E946A2B" => removed successfully
"HKU\S-1-5-21-2494090995-947898825-4045838511-1003\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_A5B343D047FD8BD2F268B0EA0F8DBD7C" => removed successfully
HKLM\System\CurrentControlSet\Control\Lsa\\"Notification Packages"="scecli" => value restored successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{241DE746-00E5-48F9-9AF1-C988CE3C0D89}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{241DE746-00E5-48F9-9AF1-C988CE3C0D89}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW1" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3700C63B-5EB8-4B85-A280-FE8B7D257EC9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3700C63B-5EB8-4B85-A280-FE8B7D257EC9}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PeriodicScanRetry" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{3755493B-8642-4A68-AF9F-F787ACB752D5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3755493B-8642-4A68-AF9F-F787ACB752D5}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RecordingRestart" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{3B78CDC3-2C96-46D7-837A-E9C96BC2D4CB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B78CDC3-2C96-46D7-837A-E9C96BC2D4CB}" => removed successfully
C:\WINDOWS\System32\Tasks\AVG\Overseer => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG\Overseer" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{45DC34F0-04C3-4B74-9CD4-5D0C4FC2B5A6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45DC34F0-04C3-4B74-9CD4-5D0C4FC2B5A6}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\UpdateRecordPath" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7571DF58-458F-4222-A0B1-CBE2C1C7A4B4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7571DF58-458F-4222-A0B1-CBE2C1C7A4B4}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURDiscovery" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{79D63C81-35B2-46A3-9B77-6770925A1C7D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{79D63C81-35B2-46A3-9B77-6770925A1C7D}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\MediaCenterRecoveryTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8046BC1F-E1F8-4A48-B9E7-41E45AA2D3AD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8046BC1F-E1F8-4A48-B9E7-41E45AA2D3AD}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RegisterSearch" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{858A0D97-E482-465D-888D-B999EDC10D68}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{858A0D97-E482-465D-888D-B999EDC10D68}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscovery" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{90A3DA29-6DCE-4AB1-BB6B-AA178F8A06DF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{90A3DA29-6DCE-4AB1-BB6B-AA178F8A06DF}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ehDRMInit" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{94190FDA-B410-4BCE-ACD0-8CB85A6E0F04}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94190FDA-B410-4BCE-ACD0-8CB85A6E0F04}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate_scheduled" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{98C88774-C977-4AA0-A1BC-B8A5D201D64C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98C88774-C977-4AA0-A1BC-B8A5D201D64C}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\mcupdate => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9DFB6922-93F2-4644-B773-F5655BB2A0F6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9DFB6922-93F2-4644-B773-F5655BB2A0F6}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURActivate" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A060F7BD-C8B0-44CF-A9FC-395D00C727E2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A060F7BD-C8B0-44CF-A9FC-395D00C727E2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A21DA9C6-2ECC-4B36-8A71-60009A9632C5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A21DA9C6-2ECC-4B36-8A71-60009A9632C5}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrScheduleTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A38731AE-0347-4979-AE17-9530C898BE7D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A38731AE-0347-4979-AE17-9530C898BE7D}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\SqlLiteRecoveryTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B4961E1B-F09D-47E4-9068-F94596A60F53}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B4961E1B-F09D-47E4-9068-F94596A60F53}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ReindexSearchRoot" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B957A03C-659E-405A-A771-48787F7135E9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B957A03C-659E-405A-A771-48787F7135E9}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\DispatchRecoveryTasks" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BC44CE4E-8493-4630-9BC3-06BBA86B706F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BC44CE4E-8493-4630-9BC3-06BBA86B706F}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrRecoveryTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C6DBF053-00DC-4791-9111-7666AF62D189}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C6DBF053-00DC-4791-9111-7666AF62D189}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ActivateWindowsSearch" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CB531407-13FF-442C-B5D6-EC8E8CB7DE1A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB531407-13FF-442C-B5D6-EC8E8CB7DE1A}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ConfigureInternetTimeService" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D742D6BF-24AC-40CC-B792-BB9AC755EF65}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D742D6BF-24AC-40CC-B792-BB9AC755EF65}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E054FEAA-99C0-4997-9BEB-58B2BD6D5D7E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E054FEAA-99C0-4997-9BEB-58B2BD6D5D7E}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\InstallPlayReady" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E332D4E4-D60E-4362-B31B-A17C38E77B27}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E332D4E4-D60E-4362-B31B-A17C38E77B27}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW2" => removed successfully
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{51DDEE1E-22B2-4D85-8D06-48ED181D0720}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B7FBF0DF-FA7E-4F78-AAA0-E1002B119398}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8A46E546-8071-438B-ACB0-C3EA746974E9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0C286CAD-1205-442D-B0BB-FFF717E716CF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3BDC4358-789A-4D3D-8EE7-51636159FF50}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C4265F33-FC3D-4288-9D2F-D0CFA046C2D4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1647560B-AE52-4A98-B9B5-4099F72BF5A2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F291C2B2-3437-490D-BBFC-956C51E065D2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5FC54622-E36B-4C3E-88ED-3855D9232B5A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3AD2B4F6-8713-485C-90C9-9FCDE91A1EFA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{87C22761-FE5C-4347-ACFE-E2B71B09D3FA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{450D4299-B455-4B7F-924E-A738C871E9A4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6A419DF9-5A6A-435F-BEF2-DE53CBA4B70F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BBEB3DA7-CC67-41E6-99FF-4DD192D70F89}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0AAC38FC-9084-4CEF-87EF-38E70871593A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1B582306-1A03-4580-A736-979B40D46A80}" => removed successfully
C:\Program Files (x86)\AVG => moved successfully

========= DISM /Online /Cleanup-Image /RestoreHealth =========


Fixing is terminated due to reaching maximum fixing time of 60 minutes. <==== ATTENTION

 


  • 0

#6
RKinner
Posted 04 November 2022 - 05:13 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP

The fix timed out.  Do you have a good internet connection?  A bad connection can make things take a long time.

 

Let's see if we can run SFC /scannow manually.

 

Search for CMD

 

It will find Command Prompt.  Right click and Run As Admin.

 

Type:  

SFC  /scannow

 (I use two spaces so you can be sure to see where one space goes.)

 

hit Enter.  Normally takes about 10-15 minutes.

 

When it finishes it will say:

 

 
When it finishes it will say one of the following:
 
Windows did not find any integrity violations (a good thing)
Windows Resource Protection found corrupt files and repaired them (a good thing)
Windows Resource Protection found corrupt files but was unable to fix some (or all) of them (not a good thing)
 
If you get the last result then type:
findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  %UserProfile%\desktop\junk.txt 
 
 
Hit Enter.  Then type::
 
notepad %UserProfile%\desktop\junk.txt 
 
Hit Enter. 
 
 Copy the text from notepad and paste it into a reply.
 
 
Now let's see if DISM will run:
 
Type:  
DISM  /Online  /Cleanup-Image  /RestoreHealth
Hit Enter.  Normally this only takes 10-15 minutes but a bad connection or a super slow computer can take much longer.  It will appear to stop for long periods then start moving again.  Be patient.
 
Go ahead with the other instructions.  (process explorer, speccy, etc)

  • 0

#7
monkeyboyblues
Posted 04 November 2022 - 06:40 PM

monkeyboyblues

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 146 posts

Ran the CMD and it stated that it fixed the corrupt files!

 

The computer is now working better!!  Thanks man!

 

Should I still run the DISM?


  • 0

#8
monkeyboyblues
Posted 04 November 2022 - 07:25 PM

monkeyboyblues

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 146 posts

It's still lagging a bit here and there but it is way better......


  • 0

#9
RKinner
Posted 04 November 2022 - 07:36 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP

Yes, run DISM next then the rest of the programs.  We can speed it up quite a bit.


  • 0

#10
monkeyboyblues
Posted 04 November 2022 - 09:22 PM

monkeyboyblues

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 146 posts

When I ran FRST "Fix It", I was multi-tasking on the computer.  Perhaps that caused it to stop working and perhaps I shouldn't have done that.

 

Should I re-run that as well or just continue forward?


  • 0

Advertisements

#11
monkeyboyblues
Posted 05 November 2022 - 08:42 AM

monkeyboyblues

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 146 posts

Process    CPU    Private Bytes    Working Set    PID    Description    Company Name    Verified Signer
System Idle Process    46.79    60 K    8 K    0            
MsMpEng.exe    18.58    264,216 K    225,064 K    3684            
procexp64.exe    18.82    36,396 K    72,712 K    2316    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
dwm.exe    7.57    71,184 K    51,204 K    568    Desktop Window Manager    Microsoft Corporation    (Verified) Microsoft Windows
csrss.exe    2.06    2,400 K    5,244 K    588            
System    2.06    196 K    152 K    4            
Interrupts    < 0.01    0 K    0 K    n/a    Hardware Interrupts and DPCs        
firefox.exe    < 0.01    248,040 K    204,540 K    8276    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
msedge.exe    0.69    131,580 K    166,596 K    3116    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
firefox.exe    1.38    131,280 K    147,016 K    8012    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
svchost.exe    < 0.01    6,604 K    15,864 K    480    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
firefox.exe    1.38    376,020 K    88,232 K    7788    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
explorer.exe    < 0.01    105,984 K    172,672 K    5748    Windows Explorer    Microsoft Corporation    (Verified) Microsoft Windows
BCMWLTRY.EXE    < 0.01    41,540 K    21,840 K    3932    DW WLAN Card Wireless Network Controller    Dell Inc.    (No signature was present in the subject) Dell Inc.
ApMsgFwd.exe    < 0.01    1,640 K    6,720 K    7156    ApMsgFwd    Alps Electric Co., Ltd.    (Verified) Alps Electric Co., LTD.
svchost.exe        4,852 K    11,580 K    2176    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
lsass.exe    < 0.01    7,804 K    18,028 K    644    Local Security Authority Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
BrotherHelp.exe    < 0.01    2,444 K    11,956 K    7444    Brother Help Application    Brother Industries, Ltd.    (No signature was present in the subject) Brother Industries, Ltd.
BrYNSvc.exe        6,400 K    12,340 K    7152    BrYNCSvc    Brother Industries, Ltd.    (No signature was present in the subject) Brother Industries, Ltd.
WLTRAY.EXE    < 0.01    40,396 K    22,368 K    5192    DW WLAN Card Wireless Network Tray Applet    Dell Inc.    (No signature was present in the subject) Dell Inc.
svchost.exe    < 0.01    8,748 K    13,188 K    1716    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
firefox.exe    < 0.01    35,008 K    36,632 K    9652    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
BrStMonW.exe        14,440 K    16,896 K    580    Status Monitor Application    Brother Industries, Ltd.    (No signature was present in the subject) Brother Industries, Ltd.
Apoint.exe    < 0.01    2,776 K    14,600 K    6948    Alps Pointing-device Driver    Alps Electric Co., Ltd.    (Verified) Alps Electric Co., LTD.
csrss.exe    < 0.01    2,264 K    5,104 K    496            
svchost.exe    < 0.01    3,668 K    20,728 K    5420    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
services.exe    0.69    5,484 K    8,992 K    636            
MpCmdRun.exe    < 0.01    2,080 K    892 K    7796    Microsoft Malware Protection Command Line Utility    Microsoft Corporation    (Verified) Microsoft Windows Publisher
msedge.exe        143,540 K    116,868 K    6692    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
msedge.exe        24,904 K    43,612 K    2344    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
svchost.exe    < 0.01    14,316 K    33,388 K    852    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    1,516 K    5,548 K    1104    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
msedge.exe        8,748 K    12,324 K    8724    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
firefox.exe    < 0.01    28,324 K    31,156 K    2124    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
svchost.exe    < 0.01    53,364 K    53,228 K    2068    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
stacsv64.exe    < 0.01    2,224 K    9,316 K    2384    IDT PC Audio    IDT, Inc.    (Verified) Microsoft Windows Hardware Compatibility Publisher
msedge.exe    < 0.01    181,128 K    204,372 K    8296    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
msedge.exe        8,668 K    17,820 K    1360    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
msedge.exe    < 0.01    21,292 K    46,384 K    7836    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
msedge.exe    < 0.01    10,012 K    15,088 K    6836    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
svchost.exe    < 0.01    3,588 K    11,048 K    4276    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
spoolsv.exe    < 0.01    10,324 K    14,576 K    2976    Spooler SubSystem App    Microsoft Corporation    (Verified) Microsoft Windows
WUDFHost.exe        1,708 K    5,492 K    772    Windows Driver Foundation - User-mode Driver Framework Host Process    Microsoft Corporation    (Verified) Microsoft Windows
WUDFHost.exe        1,708 K    6,724 K    836    Windows Driver Foundation - User-mode Driver Framework Host Process    Microsoft Corporation    (Verified) Microsoft Windows
WLTRYSVC.EXE        1,004 K    4,288 K    3572    DW WLAN Card Wireless Network Service    Dell Inc.    (No signature was present in the subject) Dell Inc.
winlogon.exe        2,532 K    9,800 K    716    Windows Logon Application    Microsoft Corporation    (Verified) Microsoft Windows
wininit.exe        1,460 K    6,192 K    572            
UserOOBEBroker.exe        2,172 K    9,448 K    6908    User OOBE Broker    Microsoft Corporation    (Verified) Microsoft Windows
TextInputHost.exe        11,200 K    24,876 K    5804        Microsoft Corporation    (Verified) Microsoft Windows
taskhostw.exe        7,608 K    17,668 K    1128    Host Process for Windows Tasks    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        5,152 K    16,372 K    5884    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        8,668 K    15,484 K    972    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        9,196 K    24,680 K    5088    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,604 K    8,528 K    5936    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6,276 K    22,256 K    944    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        7,188 K    15,276 K    3576    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        29,188 K    33,708 K    4044    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,252 K    8,320 K    2108    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,976 K    9,452 K    3648    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,704 K    20,084 K    5156    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        30,588 K    47,876 K    3972    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,404 K    6,944 K    1892    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,960 K    14,972 K    6660    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,312 K    5,460 K    2088    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        9,132 K    17,972 K    2744    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,460 K    13,832 K    3336    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,116 K    11,636 K    1580    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,012 K    7,108 K    2620    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,880 K    12,656 K    7192    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        12,836 K    13,644 K    3824    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,448 K    8,500 K    2044    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        15,992 K    14,692 K    1548    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,232 K    8,220 K    1848    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,492 K    8,824 K    7912            
svchost.exe        2,676 K    9,404 K    1624    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,532 K    7,596 K    60    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,044 K    7,508 K    3260    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,444 K    14,220 K    3348    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,692 K    7,664 K    2528            
svchost.exe        4,716 K    19,448 K    4060    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,772 K    6,240 K    3632    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,388 K    9,300 K    2456    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,568 K    9,548 K    1184    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,072 K    7,652 K    3516    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,340 K    10,896 K    6488            
svchost.exe        3,276 K    16,032 K    6036    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        11,552 K    19,492 K    6008    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,764 K    7,756 K    2428            
svchost.exe        2,044 K    7,480 K    1640    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        8,988 K    26,480 K    4148    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        5,292 K    17,476 K    2480    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6,636 K    15,408 K    1260    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,692 K    11,204 K    5500    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,340 K    5,552 K    2280    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,776 K    10,972 K    1596    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,888 K    8,988 K    1516    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,628 K    13,320 K    2736    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,604 K    5,844 K    6516    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,844 K    7,276 K    5036    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,068 K    8,688 K    4356    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,308 K    4,980 K    4260    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,616 K    5,740 K    3884    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,676 K    6,392 K    3680    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,288 K    5,216 K    3876    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,812 K    9,960 K    2808    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,996 K    7,284 K    2364    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,936 K    7,616 K    2328    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,540 K    6,216 K    1928    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,720 K    6,552 K    1764    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,792 K    7,044 K    1748    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,648 K    5,900 K    1468    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,916 K    7,436 K    1564    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,064 K    7,772 K    1388    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,684 K    7,680 K    1416    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,464 K    6,396 K    1304    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,480 K    12,632 K    1324    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,428 K    10,084 K    1268    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6,132 K    9,348 K    10364    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,616 K    10,480 K    7572    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
sttray64.exe        6,520 K    13,500 K    6216    IDT PC Audio    IDT, Inc.    (Verified) Microsoft Windows Hardware Compatibility Publisher
StartMenuExperienceHost.exe        26,272 K    49,724 K    3188            (Verified) Microsoft Windows
smss.exe        1,104 K    928 K    344            
sihost.exe        6,300 K    26,216 K    5044    Shell Infrastructure Host    Microsoft Corporation    (Verified) Microsoft Windows
ShellExperienceHost.exe        13,004 K    19,480 K    10860    Windows Shell Experience Host    Microsoft Corporation    (Verified) Microsoft Windows
SgrmBroker.exe        4,028 K    6,856 K    5260            
SettingSyncHost.exe        9,500 K    6,556 K    4908    Host Process for Setting Synchronization    Microsoft Corporation    (Verified) Microsoft Windows
SecurityHealthSystray.exe        1,844 K    9,316 K    2416    Windows Security notification icon    Microsoft Corporation    (Verified) Microsoft Windows
SecurityHealthService.exe        4,592 K    15,748 K    4844            
SearchIndexer.exe        34,556 K    39,664 K    5232    Microsoft Windows Search Indexer    Microsoft Corporation    (Verified) Microsoft Windows
SearchApp.exe    Suspended    159,476 K    119,028 K    10580    Search application    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        10,996 K    31,328 K    5688    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        15,300 K    43,544 K    284    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        2,564 K    15,420 K    10608    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        2,136 K    9,612 K    5788    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        9,372 K    16,064 K    6932    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        6,848 K    26,248 K    5348    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
Registry        4,976 K    39,536 K    92            
procexp.exe        4,512 K    12,460 K    9972    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
PhoneExperienceHost.exe        68,964 K    72,488 K    10316    PhoneExperienceHost    Microsoft Corporation    (Verified) Microsoft Corporation
OneDrive.exe    < 0.01    25,160 K    39,476 K    2788    Microsoft OneDrive    Microsoft Corporation    (Verified) Microsoft Corporation
NisSrv.exe        5,456 K    11,260 K    6332            
msedge.exe        19,584 K    31,064 K    2592    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
msedge.exe        21,140 K    43,536 K    10612    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
msedge.exe        15,296 K    31,352 K    10708    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
msedge.exe        102,960 K    84,396 K    2708    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
msedge.exe        48,732 K    91,120 K    1820    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
msedge.exe        20,484 K    37,108 K    10380    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
msedge.exe        28,556 K    54,712 K    8912    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
msedge.exe        90,100 K    96,048 K    2356    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
msedge.exe        2,156 K    6,800 K    7708    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
MpCopyAccelerator.exe        2,708 K    6,028 K    9760            
Microsoft.Photos.exe    Suspended    50,180 K    36,216 K    4744            (No signature was present in the subject)
Memory Compression        912 K    85,528 K    2216            
HostStorageService.exe        1,412 K    5,084 K    3060    Host Storage Application    Broadcom Corporation    (Verified) Broadcom Corp
HostControlService.exe        1,996 K    5,740 K    3036    Host Control Application    Broadcom Corporation    (Verified) Broadcom Corp
hidfind.exe        1,268 K    5,520 K    7376    Alps Pointing-device Driver    Alps Electric Co., Ltd.    (Verified) Alps Electric Co., LTD.
GoogleCrashHandler64.exe        1,876 K    1,080 K    792    Google Crash Handler    Google LLC    (Verified) Google LLC
GoogleCrashHandler.exe        1,756 K    1,216 K    1736    Google Crash Handler    Google LLC    (Verified) Google LLC
fontdrvhost.exe        5,392 K    8,500 K    828    Usermode Font Driver Host    Microsoft Corporation    (Verified) Microsoft Windows
fontdrvhost.exe        1,508 K    3,656 K    844    Usermode Font Driver Host    Microsoft Corporation    (Verified) Microsoft Windows
firefox.exe        80,768 K    59,672 K    6348    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
firefox.exe        36,384 K    23,884 K    8256    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
firefox.exe        20,160 K    12,664 K    7712    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
firefox.exe        25,980 K    14,996 K    10472    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
firefox.exe        25,924 K    20,032 K    10460    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
firefox.exe        25,920 K    20,036 K    10204    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
dllhost.exe        5,060 K    12,432 K    6924    COM Surrogate    Microsoft Corporation    (Verified) Microsoft Windows
dasHost.exe        3,900 K    12,104 K    2240    Device Association Framework Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
ctfmon.exe        4,744 K    21,424 K    5168    CTF Loader    Microsoft Corporation    (Verified) Microsoft Windows
conhost.exe        6,692 K    7,920 K    7436    Console Window Host    Microsoft Corporation    (Verified) Microsoft Windows
BrCtrlCntr.exe        2,128 K    9,892 K    3936    ControlCenter Main Process    Brother Industries, Ltd.    (No signature was present in the subject) Brother Industries, Ltd.
BrCcUxSys.exe        1,896 K    9,368 K    7892    ControlCenter UX System    Brother Industries, Ltd.    (No signature was present in the subject) Brother Industries, Ltd.
armsvc.exe        1,620 K    5,536 K    3316    Adobe Acrobat Update Service    Adobe Inc.    (Verified) Adobe Inc.
ApntEx.exe        1,548 K    6,756 K    7408    Alps Pointing-device Driver for Windows NT/2000/XP/Vista    Alps Electric Co., Ltd.    (Verified) Alps Electric Co., LTD.
AESTSr64.exe        748 K    3,156 K    3832    Andrea filters APO access service (64-bit)    Andrea Electronics Corporation    (Verified) Microsoft Windows Hardware Compatibility Publisher


 


  • 0

#12
monkeyboyblues
Posted 05 November 2022 - 08:43 AM

monkeyboyblues

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 146 posts

Process    CPU    Private Bytes    Working Set    PID    Description    Company Name    Verified Signer
System Idle Process    46.79    60 K    8 K    0            
MsMpEng.exe    18.58    264,216 K    225,064 K    3684            
procexp64.exe    18.82    36,396 K    72,712 K    2316    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
dwm.exe    7.57    71,184 K    51,204 K    568    Desktop Window Manager    Microsoft Corporation    (Verified) Microsoft Windows
csrss.exe    2.06    2,400 K    5,244 K    588            
System    2.06    196 K    152 K    4            
Interrupts    < 0.01    0 K    0 K    n/a    Hardware Interrupts and DPCs        
firefox.exe    < 0.01    248,040 K    204,540 K    8276    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
msedge.exe    0.69    131,580 K    166,596 K    3116    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
firefox.exe    1.38    131,280 K    147,016 K    8012    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
svchost.exe    < 0.01    6,604 K    15,864 K    480    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
firefox.exe    1.38    376,020 K    88,232 K    7788    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
explorer.exe    < 0.01    105,984 K    172,672 K    5748    Windows Explorer    Microsoft Corporation    (Verified) Microsoft Windows
BCMWLTRY.EXE    < 0.01    41,540 K    21,840 K    3932    DW WLAN Card Wireless Network Controller    Dell Inc.    (No signature was present in the subject) Dell Inc.
ApMsgFwd.exe    < 0.01    1,640 K    6,720 K    7156    ApMsgFwd    Alps Electric Co., Ltd.    (Verified) Alps Electric Co., LTD.
svchost.exe        4,852 K    11,580 K    2176    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
lsass.exe    < 0.01    7,804 K    18,028 K    644    Local Security Authority Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
BrotherHelp.exe    < 0.01    2,444 K    11,956 K    7444    Brother Help Application    Brother Industries, Ltd.    (No signature was present in the subject) Brother Industries, Ltd.
BrYNSvc.exe        6,400 K    12,340 K    7152    BrYNCSvc    Brother Industries, Ltd.    (No signature was present in the subject) Brother Industries, Ltd.
WLTRAY.EXE    < 0.01    40,396 K    22,368 K    5192    DW WLAN Card Wireless Network Tray Applet    Dell Inc.    (No signature was present in the subject) Dell Inc.
svchost.exe    < 0.01    8,748 K    13,188 K    1716    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
firefox.exe    < 0.01    35,008 K    36,632 K    9652    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
BrStMonW.exe        14,440 K    16,896 K    580    Status Monitor Application    Brother Industries, Ltd.    (No signature was present in the subject) Brother Industries, Ltd.
Apoint.exe    < 0.01    2,776 K    14,600 K    6948    Alps Pointing-device Driver    Alps Electric Co., Ltd.    (Verified) Alps Electric Co., LTD.
csrss.exe    < 0.01    2,264 K    5,104 K    496            
svchost.exe    < 0.01    3,668 K    20,728 K    5420    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
services.exe    0.69    5,484 K    8,992 K    636            
MpCmdRun.exe    < 0.01    2,080 K    892 K    7796    Microsoft Malware Protection Command Line Utility    Microsoft Corporation    (Verified) Microsoft Windows Publisher
msedge.exe        143,540 K    116,868 K    6692    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
msedge.exe        24,904 K    43,612 K    2344    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
svchost.exe    < 0.01    14,316 K    33,388 K    852    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    1,516 K    5,548 K    1104    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
msedge.exe        8,748 K    12,324 K    8724    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
firefox.exe    < 0.01    28,324 K    31,156 K    2124    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
svchost.exe    < 0.01    53,364 K    53,228 K    2068    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
stacsv64.exe    < 0.01    2,224 K    9,316 K    2384    IDT PC Audio    IDT, Inc.    (Verified) Microsoft Windows Hardware Compatibility Publisher
msedge.exe    < 0.01    181,128 K    204,372 K    8296    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
msedge.exe        8,668 K    17,820 K    1360    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
msedge.exe    < 0.01    21,292 K    46,384 K    7836    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
msedge.exe    < 0.01    10,012 K    15,088 K    6836    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
svchost.exe    < 0.01    3,588 K    11,048 K    4276    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
spoolsv.exe    < 0.01    10,324 K    14,576 K    2976    Spooler SubSystem App    Microsoft Corporation    (Verified) Microsoft Windows
WUDFHost.exe        1,708 K    5,492 K    772    Windows Driver Foundation - User-mode Driver Framework Host Process    Microsoft Corporation    (Verified) Microsoft Windows
WUDFHost.exe        1,708 K    6,724 K    836    Windows Driver Foundation - User-mode Driver Framework Host Process    Microsoft Corporation    (Verified) Microsoft Windows
WLTRYSVC.EXE        1,004 K    4,288 K    3572    DW WLAN Card Wireless Network Service    Dell Inc.    (No signature was present in the subject) Dell Inc.
winlogon.exe        2,532 K    9,800 K    716    Windows Logon Application    Microsoft Corporation    (Verified) Microsoft Windows
wininit.exe        1,460 K    6,192 K    572            
UserOOBEBroker.exe        2,172 K    9,448 K    6908    User OOBE Broker    Microsoft Corporation    (Verified) Microsoft Windows
TextInputHost.exe        11,200 K    24,876 K    5804        Microsoft Corporation    (Verified) Microsoft Windows
taskhostw.exe        7,608 K    17,668 K    1128    Host Process for Windows Tasks    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        5,152 K    16,372 K    5884    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        8,668 K    15,484 K    972    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        9,196 K    24,680 K    5088    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,604 K    8,528 K    5936    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6,276 K    22,256 K    944    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        7,188 K    15,276 K    3576    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        29,188 K    33,708 K    4044    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,252 K    8,320 K    2108    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,976 K    9,452 K    3648    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,704 K    20,084 K    5156    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        30,588 K    47,876 K    3972    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,404 K    6,944 K    1892    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,960 K    14,972 K    6660    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,312 K    5,460 K    2088    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        9,132 K    17,972 K    2744    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,460 K    13,832 K    3336    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,116 K    11,636 K    1580    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,012 K    7,108 K    2620    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,880 K    12,656 K    7192    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        12,836 K    13,644 K    3824    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,448 K    8,500 K    2044    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        15,992 K    14,692 K    1548    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,232 K    8,220 K    1848    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,492 K    8,824 K    7912            
svchost.exe        2,676 K    9,404 K    1624    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,532 K    7,596 K    60    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,044 K    7,508 K    3260    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,444 K    14,220 K    3348    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,692 K    7,664 K    2528            
svchost.exe        4,716 K    19,448 K    4060    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,772 K    6,240 K    3632    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,388 K    9,300 K    2456    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,568 K    9,548 K    1184    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,072 K    7,652 K    3516    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,340 K    10,896 K    6488            
svchost.exe        3,276 K    16,032 K    6036    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        11,552 K    19,492 K    6008    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,764 K    7,756 K    2428            
svchost.exe        2,044 K    7,480 K    1640    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        8,988 K    26,480 K    4148    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        5,292 K    17,476 K    2480    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6,636 K    15,408 K    1260    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,692 K    11,204 K    5500    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,340 K    5,552 K    2280    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,776 K    10,972 K    1596    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,888 K    8,988 K    1516    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,628 K    13,320 K    2736    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,604 K    5,844 K    6516    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,844 K    7,276 K    5036    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,068 K    8,688 K    4356    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,308 K    4,980 K    4260    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,616 K    5,740 K    3884    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,676 K    6,392 K    3680    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,288 K    5,216 K    3876    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,812 K    9,960 K    2808    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,996 K    7,284 K    2364    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,936 K    7,616 K    2328    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,540 K    6,216 K    1928    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,720 K    6,552 K    1764    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,792 K    7,044 K    1748    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,648 K    5,900 K    1468    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,916 K    7,436 K    1564    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,064 K    7,772 K    1388    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,684 K    7,680 K    1416    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,464 K    6,396 K    1304    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,480 K    12,632 K    1324    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,428 K    10,084 K    1268    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6,132 K    9,348 K    10364    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,616 K    10,480 K    7572    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
sttray64.exe        6,520 K    13,500 K    6216    IDT PC Audio    IDT, Inc.    (Verified) Microsoft Windows Hardware Compatibility Publisher
StartMenuExperienceHost.exe        26,272 K    49,724 K    3188            (Verified) Microsoft Windows
smss.exe        1,104 K    928 K    344            
sihost.exe        6,300 K    26,216 K    5044    Shell Infrastructure Host    Microsoft Corporation    (Verified) Microsoft Windows
ShellExperienceHost.exe        13,004 K    19,480 K    10860    Windows Shell Experience Host    Microsoft Corporation    (Verified) Microsoft Windows
SgrmBroker.exe        4,028 K    6,856 K    5260            
SettingSyncHost.exe        9,500 K    6,556 K    4908    Host Process for Setting Synchronization    Microsoft Corporation    (Verified) Microsoft Windows
SecurityHealthSystray.exe        1,844 K    9,316 K    2416    Windows Security notification icon    Microsoft Corporation    (Verified) Microsoft Windows
SecurityHealthService.exe        4,592 K    15,748 K    4844            
SearchIndexer.exe        34,556 K    39,664 K    5232    Microsoft Windows Search Indexer    Microsoft Corporation    (Verified) Microsoft Windows
SearchApp.exe    Suspended    159,476 K    119,028 K    10580    Search application    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        10,996 K    31,328 K    5688    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        15,300 K    43,544 K    284    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        2,564 K    15,420 K    10608    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        2,136 K    9,612 K    5788    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        9,372 K    16,064 K    6932    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        6,848 K    26,248 K    5348    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
Registry        4,976 K    39,536 K    92            
procexp.exe        4,512 K    12,460 K    9972    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
PhoneExperienceHost.exe        68,964 K    72,488 K    10316    PhoneExperienceHost    Microsoft Corporation    (Verified) Microsoft Corporation
OneDrive.exe    < 0.01    25,160 K    39,476 K    2788    Microsoft OneDrive    Microsoft Corporation    (Verified) Microsoft Corporation
NisSrv.exe        5,456 K    11,260 K    6332            
msedge.exe        19,584 K    31,064 K    2592    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
msedge.exe        21,140 K    43,536 K    10612    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
msedge.exe        15,296 K    31,352 K    10708    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
msedge.exe        102,960 K    84,396 K    2708    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
msedge.exe        48,732 K    91,120 K    1820    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
msedge.exe        20,484 K    37,108 K    10380    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
msedge.exe        28,556 K    54,712 K    8912    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
msedge.exe        90,100 K    96,048 K    2356    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
msedge.exe        2,156 K    6,800 K    7708    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
MpCopyAccelerator.exe        2,708 K    6,028 K    9760            
Microsoft.Photos.exe    Suspended    50,180 K    36,216 K    4744            (No signature was present in the subject)
Memory Compression        912 K    85,528 K    2216            
HostStorageService.exe        1,412 K    5,084 K    3060    Host Storage Application    Broadcom Corporation    (Verified) Broadcom Corp
HostControlService.exe        1,996 K    5,740 K    3036    Host Control Application    Broadcom Corporation    (Verified) Broadcom Corp
hidfind.exe        1,268 K    5,520 K    7376    Alps Pointing-device Driver    Alps Electric Co., Ltd.    (Verified) Alps Electric Co., LTD.
GoogleCrashHandler64.exe        1,876 K    1,080 K    792    Google Crash Handler    Google LLC    (Verified) Google LLC
GoogleCrashHandler.exe        1,756 K    1,216 K    1736    Google Crash Handler    Google LLC    (Verified) Google LLC
fontdrvhost.exe        5,392 K    8,500 K    828    Usermode Font Driver Host    Microsoft Corporation    (Verified) Microsoft Windows
fontdrvhost.exe        1,508 K    3,656 K    844    Usermode Font Driver Host    Microsoft Corporation    (Verified) Microsoft Windows
firefox.exe        80,768 K    59,672 K    6348    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
firefox.exe        36,384 K    23,884 K    8256    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
firefox.exe        20,160 K    12,664 K    7712    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
firefox.exe        25,980 K    14,996 K    10472    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
firefox.exe        25,924 K    20,032 K    10460    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
firefox.exe        25,920 K    20,036 K    10204    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
dllhost.exe        5,060 K    12,432 K    6924    COM Surrogate    Microsoft Corporation    (Verified) Microsoft Windows
dasHost.exe        3,900 K    12,104 K    2240    Device Association Framework Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
ctfmon.exe        4,744 K    21,424 K    5168    CTF Loader    Microsoft Corporation    (Verified) Microsoft Windows
conhost.exe        6,692 K    7,920 K    7436    Console Window Host    Microsoft Corporation    (Verified) Microsoft Windows
BrCtrlCntr.exe        2,128 K    9,892 K    3936    ControlCenter Main Process    Brother Industries, Ltd.    (No signature was present in the subject) Brother Industries, Ltd.
BrCcUxSys.exe        1,896 K    9,368 K    7892    ControlCenter UX System    Brother Industries, Ltd.    (No signature was present in the subject) Brother Industries, Ltd.
armsvc.exe        1,620 K    5,536 K    3316    Adobe Acrobat Update Service    Adobe Inc.    (Verified) Adobe Inc.
ApntEx.exe        1,548 K    6,756 K    7408    Alps Pointing-device Driver for Windows NT/2000/XP/Vista    Alps Electric Co., Ltd.    (Verified) Alps Electric Co., LTD.
AESTSr64.exe        748 K    3,156 K    3832    Andrea filters APO access service (64-bit)    Andrea Electronics Corporation    (Verified) Microsoft Windows Hardware Compatibility Publisher


 


  • 0

#13
monkeyboyblues
Posted 05 November 2022 - 08:43 AM

monkeyboyblues

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 146 posts

Process    CPU    Private Bytes    Working Set    PID    Description    Company Name    Verified Signer
System Idle Process    46.79    60 K    8 K    0            
MsMpEng.exe    18.58    264,216 K    225,064 K    3684            
procexp64.exe    18.82    36,396 K    72,712 K    2316    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
dwm.exe    7.57    71,184 K    51,204 K    568    Desktop Window Manager    Microsoft Corporation    (Verified) Microsoft Windows
csrss.exe    2.06    2,400 K    5,244 K    588            
System    2.06    196 K    152 K    4            
Interrupts    < 0.01    0 K    0 K    n/a    Hardware Interrupts and DPCs        
firefox.exe    < 0.01    248,040 K    204,540 K    8276    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
msedge.exe    0.69    131,580 K    166,596 K    3116    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
firefox.exe    1.38    131,280 K    147,016 K    8012    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
svchost.exe    < 0.01    6,604 K    15,864 K    480    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
firefox.exe    1.38    376,020 K    88,232 K    7788    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
explorer.exe    < 0.01    105,984 K    172,672 K    5748    Windows Explorer    Microsoft Corporation    (Verified) Microsoft Windows
BCMWLTRY.EXE    < 0.01    41,540 K    21,840 K    3932    DW WLAN Card Wireless Network Controller    Dell Inc.    (No signature was present in the subject) Dell Inc.
ApMsgFwd.exe    < 0.01    1,640 K    6,720 K    7156    ApMsgFwd    Alps Electric Co., Ltd.    (Verified) Alps Electric Co., LTD.
svchost.exe        4,852 K    11,580 K    2176    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
lsass.exe    < 0.01    7,804 K    18,028 K    644    Local Security Authority Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
BrotherHelp.exe    < 0.01    2,444 K    11,956 K    7444    Brother Help Application    Brother Industries, Ltd.    (No signature was present in the subject) Brother Industries, Ltd.
BrYNSvc.exe        6,400 K    12,340 K    7152    BrYNCSvc    Brother Industries, Ltd.    (No signature was present in the subject) Brother Industries, Ltd.
WLTRAY.EXE    < 0.01    40,396 K    22,368 K    5192    DW WLAN Card Wireless Network Tray Applet    Dell Inc.    (No signature was present in the subject) Dell Inc.
svchost.exe    < 0.01    8,748 K    13,188 K    1716    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
firefox.exe    < 0.01    35,008 K    36,632 K    9652    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
BrStMonW.exe        14,440 K    16,896 K    580    Status Monitor Application    Brother Industries, Ltd.    (No signature was present in the subject) Brother Industries, Ltd.
Apoint.exe    < 0.01    2,776 K    14,600 K    6948    Alps Pointing-device Driver    Alps Electric Co., Ltd.    (Verified) Alps Electric Co., LTD.
csrss.exe    < 0.01    2,264 K    5,104 K    496            
svchost.exe    < 0.01    3,668 K    20,728 K    5420    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
services.exe    0.69    5,484 K    8,992 K    636            
MpCmdRun.exe    < 0.01    2,080 K    892 K    7796    Microsoft Malware Protection Command Line Utility    Microsoft Corporation    (Verified) Microsoft Windows Publisher
msedge.exe        143,540 K    116,868 K    6692    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
msedge.exe        24,904 K    43,612 K    2344    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
svchost.exe    < 0.01    14,316 K    33,388 K    852    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    1,516 K    5,548 K    1104    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
msedge.exe        8,748 K    12,324 K    8724    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
firefox.exe    < 0.01    28,324 K    31,156 K    2124    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
svchost.exe    < 0.01    53,364 K    53,228 K    2068    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
stacsv64.exe    < 0.01    2,224 K    9,316 K    2384    IDT PC Audio    IDT, Inc.    (Verified) Microsoft Windows Hardware Compatibility Publisher
msedge.exe    < 0.01    181,128 K    204,372 K    8296    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
msedge.exe        8,668 K    17,820 K    1360    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
msedge.exe    < 0.01    21,292 K    46,384 K    7836    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
msedge.exe    < 0.01    10,012 K    15,088 K    6836    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
svchost.exe    < 0.01    3,588 K    11,048 K    4276    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
spoolsv.exe    < 0.01    10,324 K    14,576 K    2976    Spooler SubSystem App    Microsoft Corporation    (Verified) Microsoft Windows
WUDFHost.exe        1,708 K    5,492 K    772    Windows Driver Foundation - User-mode Driver Framework Host Process    Microsoft Corporation    (Verified) Microsoft Windows
WUDFHost.exe        1,708 K    6,724 K    836    Windows Driver Foundation - User-mode Driver Framework Host Process    Microsoft Corporation    (Verified) Microsoft Windows
WLTRYSVC.EXE        1,004 K    4,288 K    3572    DW WLAN Card Wireless Network Service    Dell Inc.    (No signature was present in the subject) Dell Inc.
winlogon.exe        2,532 K    9,800 K    716    Windows Logon Application    Microsoft Corporation    (Verified) Microsoft Windows
wininit.exe        1,460 K    6,192 K    572            
UserOOBEBroker.exe        2,172 K    9,448 K    6908    User OOBE Broker    Microsoft Corporation    (Verified) Microsoft Windows
TextInputHost.exe        11,200 K    24,876 K    5804        Microsoft Corporation    (Verified) Microsoft Windows
taskhostw.exe        7,608 K    17,668 K    1128    Host Process for Windows Tasks    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        5,152 K    16,372 K    5884    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        8,668 K    15,484 K    972    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        9,196 K    24,680 K    5088    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,604 K    8,528 K    5936    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6,276 K    22,256 K    944    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        7,188 K    15,276 K    3576    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        29,188 K    33,708 K    4044    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,252 K    8,320 K    2108    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,976 K    9,452 K    3648    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,704 K    20,084 K    5156    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        30,588 K    47,876 K    3972    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,404 K    6,944 K    1892    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,960 K    14,972 K    6660    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,312 K    5,460 K    2088    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        9,132 K    17,972 K    2744    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,460 K    13,832 K    3336    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,116 K    11,636 K    1580    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,012 K    7,108 K    2620    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,880 K    12,656 K    7192    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        12,836 K    13,644 K    3824    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,448 K    8,500 K    2044    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        15,992 K    14,692 K    1548    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,232 K    8,220 K    1848    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,492 K    8,824 K    7912            
svchost.exe        2,676 K    9,404 K    1624    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,532 K    7,596 K    60    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,044 K    7,508 K    3260    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,444 K    14,220 K    3348    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,692 K    7,664 K    2528            
svchost.exe        4,716 K    19,448 K    4060    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,772 K    6,240 K    3632    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,388 K    9,300 K    2456    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,568 K    9,548 K    1184    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,072 K    7,652 K    3516    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,340 K    10,896 K    6488            
svchost.exe        3,276 K    16,032 K    6036    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        11,552 K    19,492 K    6008    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,764 K    7,756 K    2428            
svchost.exe        2,044 K    7,480 K    1640    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        8,988 K    26,480 K    4148    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        5,292 K    17,476 K    2480    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6,636 K    15,408 K    1260    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,692 K    11,204 K    5500    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,340 K    5,552 K    2280    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,776 K    10,972 K    1596    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,888 K    8,988 K    1516    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,628 K    13,320 K    2736    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,604 K    5,844 K    6516    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,844 K    7,276 K    5036    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,068 K    8,688 K    4356    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,308 K    4,980 K    4260    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,616 K    5,740 K    3884    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,676 K    6,392 K    3680    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,288 K    5,216 K    3876    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,812 K    9,960 K    2808    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,996 K    7,284 K    2364    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,936 K    7,616 K    2328    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,540 K    6,216 K    1928    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,720 K    6,552 K    1764    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,792 K    7,044 K    1748    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,648 K    5,900 K    1468    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,916 K    7,436 K    1564    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,064 K    7,772 K    1388    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,684 K    7,680 K    1416    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,464 K    6,396 K    1304    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,480 K    12,632 K    1324    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,428 K    10,084 K    1268    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6,132 K    9,348 K    10364    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,616 K    10,480 K    7572    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
sttray64.exe        6,520 K    13,500 K    6216    IDT PC Audio    IDT, Inc.    (Verified) Microsoft Windows Hardware Compatibility Publisher
StartMenuExperienceHost.exe        26,272 K    49,724 K    3188            (Verified) Microsoft Windows
smss.exe        1,104 K    928 K    344            
sihost.exe        6,300 K    26,216 K    5044    Shell Infrastructure Host    Microsoft Corporation    (Verified) Microsoft Windows
ShellExperienceHost.exe        13,004 K    19,480 K    10860    Windows Shell Experience Host    Microsoft Corporation    (Verified) Microsoft Windows
SgrmBroker.exe        4,028 K    6,856 K    5260            
SettingSyncHost.exe        9,500 K    6,556 K    4908    Host Process for Setting Synchronization    Microsoft Corporation    (Verified) Microsoft Windows
SecurityHealthSystray.exe        1,844 K    9,316 K    2416    Windows Security notification icon    Microsoft Corporation    (Verified) Microsoft Windows
SecurityHealthService.exe        4,592 K    15,748 K    4844            
SearchIndexer.exe        34,556 K    39,664 K    5232    Microsoft Windows Search Indexer    Microsoft Corporation    (Verified) Microsoft Windows
SearchApp.exe    Suspended    159,476 K    119,028 K    10580    Search application    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        10,996 K    31,328 K    5688    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        15,300 K    43,544 K    284    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        2,564 K    15,420 K    10608    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        2,136 K    9,612 K    5788    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        9,372 K    16,064 K    6932    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        6,848 K    26,248 K    5348    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
Registry        4,976 K    39,536 K    92            
procexp.exe        4,512 K    12,460 K    9972    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
PhoneExperienceHost.exe        68,964 K    72,488 K    10316    PhoneExperienceHost    Microsoft Corporation    (Verified) Microsoft Corporation
OneDrive.exe    < 0.01    25,160 K    39,476 K    2788    Microsoft OneDrive    Microsoft Corporation    (Verified) Microsoft Corporation
NisSrv.exe        5,456 K    11,260 K    6332            
msedge.exe        19,584 K    31,064 K    2592    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
msedge.exe        21,140 K    43,536 K    10612    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
msedge.exe        15,296 K    31,352 K    10708    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
msedge.exe        102,960 K    84,396 K    2708    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
msedge.exe        48,732 K    91,120 K    1820    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
msedge.exe        20,484 K    37,108 K    10380    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
msedge.exe        28,556 K    54,712 K    8912    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
msedge.exe        90,100 K    96,048 K    2356    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
msedge.exe        2,156 K    6,800 K    7708    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
MpCopyAccelerator.exe        2,708 K    6,028 K    9760            
Microsoft.Photos.exe    Suspended    50,180 K    36,216 K    4744            (No signature was present in the subject)
Memory Compression        912 K    85,528 K    2216            
HostStorageService.exe        1,412 K    5,084 K    3060    Host Storage Application    Broadcom Corporation    (Verified) Broadcom Corp
HostControlService.exe        1,996 K    5,740 K    3036    Host Control Application    Broadcom Corporation    (Verified) Broadcom Corp
hidfind.exe        1,268 K    5,520 K    7376    Alps Pointing-device Driver    Alps Electric Co., Ltd.    (Verified) Alps Electric Co., LTD.
GoogleCrashHandler64.exe        1,876 K    1,080 K    792    Google Crash Handler    Google LLC    (Verified) Google LLC
GoogleCrashHandler.exe        1,756 K    1,216 K    1736    Google Crash Handler    Google LLC    (Verified) Google LLC
fontdrvhost.exe        5,392 K    8,500 K    828    Usermode Font Driver Host    Microsoft Corporation    (Verified) Microsoft Windows
fontdrvhost.exe        1,508 K    3,656 K    844    Usermode Font Driver Host    Microsoft Corporation    (Verified) Microsoft Windows
firefox.exe        80,768 K    59,672 K    6348    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
firefox.exe        36,384 K    23,884 K    8256    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
firefox.exe        20,160 K    12,664 K    7712    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
firefox.exe        25,980 K    14,996 K    10472    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
firefox.exe        25,924 K    20,032 K    10460    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
firefox.exe        25,920 K    20,036 K    10204    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
dllhost.exe        5,060 K    12,432 K    6924    COM Surrogate    Microsoft Corporation    (Verified) Microsoft Windows
dasHost.exe        3,900 K    12,104 K    2240    Device Association Framework Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
ctfmon.exe        4,744 K    21,424 K    5168    CTF Loader    Microsoft Corporation    (Verified) Microsoft Windows
conhost.exe        6,692 K    7,920 K    7436    Console Window Host    Microsoft Corporation    (Verified) Microsoft Windows
BrCtrlCntr.exe        2,128 K    9,892 K    3936    ControlCenter Main Process    Brother Industries, Ltd.    (No signature was present in the subject) Brother Industries, Ltd.
BrCcUxSys.exe        1,896 K    9,368 K    7892    ControlCenter UX System    Brother Industries, Ltd.    (No signature was present in the subject) Brother Industries, Ltd.
armsvc.exe        1,620 K    5,536 K    3316    Adobe Acrobat Update Service    Adobe Inc.    (Verified) Adobe Inc.
ApntEx.exe        1,548 K    6,756 K    7408    Alps Pointing-device Driver for Windows NT/2000/XP/Vista    Alps Electric Co., Ltd.    (Verified) Alps Electric Co., LTD.
AESTSr64.exe        748 K    3,156 K    3832    Andrea filters APO access service (64-bit)    Andrea Electronics Corporation    (Verified) Microsoft Windows Hardware Compatibility Publisher


 


  • 0

#14
monkeyboyblues
Posted 05 November 2022 - 08:52 AM

monkeyboyblues

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 146 posts

Image Name                     PID Services                                    
========================= ======== ============================================
System Idle Process              0 N/A                                         
System                           4 N/A                                         
Registry                        92 N/A                                         
smss.exe                       344 N/A                                         
csrss.exe                      496 N/A                                         
wininit.exe                    572 N/A                                         
csrss.exe                      588 N/A                                         
services.exe                   636 N/A                                         
lsass.exe                      644 KeyIso, SamSs, VaultSvc                     
winlogon.exe                   716 N/A                                         
fontdrvhost.exe                828 N/A                                         
WUDFHost.exe                   836 N/A                                         
fontdrvhost.exe                844 N/A                                         
svchost.exe                    852 BrokerInfrastructure, DcomLaunch, PlugPlay,
                                   Power, SystemEventsBroker                   
svchost.exe                    972 RpcEptMapper, RpcSs                         
svchost.exe                     60 LSM                                         
dwm.exe                        568 N/A                                         
WUDFHost.exe                   772 N/A                                         
svchost.exe                   1104 CoreMessagingRegistrar                      
svchost.exe                   1184 NcbService                                  
svchost.exe                   1260 Schedule                                    
svchost.exe                   1268 SEMgrSvc                                    
svchost.exe                   1304 DispBrokerDesktopSvc                        
svchost.exe                   1324 ProfSvc                                     
svchost.exe                   1388 CertPropSvc                                 
svchost.exe                   1416 DisplayEnhancementService                   
svchost.exe                   1468 hidserv                                     
svchost.exe                   1548 EventLog                                    
svchost.exe                   1564 SCardSvr                                    
svchost.exe                   1580 TimeBrokerSvc                               
svchost.exe                   1624 UserManager                                 
svchost.exe                   1716 stisvc                                      
svchost.exe                   1748 FontCache                                   
svchost.exe                   1764 nsi                                         
svchost.exe                   1892 Dhcp                                        
svchost.exe                   1848 CscService                                  
svchost.exe                   1928 DeviceAssociationService                    
svchost.exe                   1640 EventSystem                                 
svchost.exe                   2068 SysMain                                     
svchost.exe                   2088 Themes                                      
svchost.exe                   2108 Dnscache                                    
svchost.exe                   2176 NlaSvc                                      
Memory Compression            2216 N/A                                         
dasHost.exe                   2240 N/A                                         
svchost.exe                   2328 SENS                                        
svchost.exe                   2364 AudioEndpointBuilder                        
stacsv64.exe                  2384 STacSV                                      
svchost.exe                   2456 netprofm                                    
svchost.exe                   2620 WinHttpAutoProxySvc                         
svchost.exe                   3348 Audiosrv                                    
svchost.exe                   3516 RmSvc                                       
svchost.exe                   3576 StateRepository                             
svchost.exe                   3632 DusmSvc                                     
svchost.exe                   3648 Wcmsvc                                      
svchost.exe                   3824 BFE, mpssvc                                 
svchost.exe                    480 WlanSvc                                     
svchost.exe                   2736 ShellHWDetection                            
svchost.exe                   2744 Winmgmt                                     
svchost.exe                   2808 iphlpsvc                                    
spoolsv.exe                   2976 Spooler                                     
HostControlService.exe        3036 Credential Vault Host Control Service       
HostStorageService.exe        3060 Credential Vault Host Storage               
svchost.exe                   3260 LanmanWorkstation                           
armsvc.exe                    3316 AdobeARMservice                             
svchost.exe                   3336 CryptSvc                                    
WLTRYSVC.EXE                  3572 wltrysvc                                    
MsMpEng.exe                   3684 WinDefend                                   
AESTSr64.exe                  3832 AESTFilters                                 
svchost.exe                   3876 TrkWks                                      
svchost.exe                   3884 SstpSvc                                     
svchost.exe                   3680 fdPHost                                     
svchost.exe                   3972 DiagTrack                                   
svchost.exe                   4044 DPS                                         
svchost.exe                   4060 WpnService                                  
svchost.exe                   2044 LanmanServer                                
BCMWLTRY.EXE                  3932 N/A                                         
svchost.exe                   4260 WdiServiceHost                              
svchost.exe                   4276 RasMan                                      
svchost.exe                   4356 FDResPub                                    
sihost.exe                    5044 N/A                                         
svchost.exe                   5088 CDPUserSvc_47fe7                            
svchost.exe                   4148 WpnUserService_47fe7                        
taskhostw.exe                 1128 N/A                                         
svchost.exe                   5036 TabletInputService                          
svchost.exe                   5156 TokenBroker                                 
ctfmon.exe                    5168 N/A                                         
explorer.exe                  5748 N/A                                         
svchost.exe                   5884 CDPSvc                                      
svchost.exe                   5420 cbdhsvc_47fe7                               
svchost.exe                   5500 StorSvc                                     
svchost.exe                   2480 OneSyncSvc_47fe7,                           
                                   PimIndexMaintenanceSvc_47fe7,               
                                   UnistoreSvc_47fe7, UserDataSvc_47fe7        
SearchIndexer.exe             5232 WSearch                                     
GoogleCrashHandler.exe        1736 N/A                                         
GoogleCrashHandler64.exe       792 N/A                                         
TextInputHost.exe             5804 N/A                                         
StartMenuExperienceHost.e     3188 N/A                                         
RuntimeBroker.exe             5348 N/A                                         
svchost.exe                    944 UsoSvc                                      
RuntimeBroker.exe              284 N/A                                         
SgrmBroker.exe                5260 SgrmBroker                                  
NisSrv.exe                    6332 WdNisSvc                                    
svchost.exe                   6488 wscsvc                                      
svchost.exe                   6660 LicenseManager                              
SettingSyncHost.exe           4908 N/A                                         
SecurityHealthSystray.exe     2416 N/A                                         
WLTRAY.EXE                    5192 N/A                                         
SecurityHealthService.exe     4844 SecurityHealthService                       
sttray64.exe                  6216 N/A                                         
Apoint.exe                    6948 N/A                                         
OneDrive.exe                  2788 N/A                                         
ApMsgFwd.exe                  7156 N/A                                         
svchost.exe                   1516 Appinfo                                     
hidfind.exe                   7376 N/A                                         
ApntEx.exe                    7408 N/A                                         
conhost.exe                   7436 N/A                                         
svchost.exe                   7572 PcaSvc                                      
BrotherHelp.exe               7444 N/A                                         
BrCtrlCntr.exe                3936 N/A                                         
BrYNSvc.exe                   7152 BrYNSvc                                     
svchost.exe                   7192 lfsvc                                       
BrCcUxSys.exe                 7892 N/A                                         
svchost.exe                   5936 SSDPSRV                                     
RuntimeBroker.exe             6932 N/A                                         
dllhost.exe                   6924 N/A                                         
svchost.exe                   6516 WdiSystemHost                               
msedge.exe                    3116 N/A                                         
msedge.exe                    7708 N/A                                         
msedge.exe                    6692 N/A                                         
msedge.exe                    6836 N/A                                         
msedge.exe                    2344 N/A                                         
msedge.exe                    8724 N/A                                         
firefox.exe                   8276 N/A                                         
firefox.exe                   7788 N/A                                         
firefox.exe                   7712 N/A                                         
firefox.exe                   8256 N/A                                         
firefox.exe                   6348 N/A                                         
firefox.exe                   8012 N/A                                         
UserOOBEBroker.exe            6908 N/A                                         
msedge.exe                    1360 N/A                                         
svchost.exe                   1596 BthAvctpSvc                                 
BrStMonW.exe                   580 N/A                                         
ShellExperienceHost.exe      10860 N/A                                         
RuntimeBroker.exe            10608 N/A                                         
svchost.exe                   2428 WaaSMedicSvc                                
svchost.exe                   6036 InstallService                              
firefox.exe                   9652 N/A                                         
MpCopyAccelerator.exe         9760 N/A                                         
svchost.exe                  10364 DsSvc                                       
firefox.exe                   2124 N/A                                         
firefox.exe                  10472 N/A                                         
firefox.exe                  10460 N/A                                         
PhoneExperienceHost.exe      10316 N/A                                         
RuntimeBroker.exe             5788 N/A                                         
svchost.exe                   2280 lmhosts                                     
SearchApp.exe                10580 N/A                                         
Microsoft.Photos.exe          4744 N/A                                         
RuntimeBroker.exe             5688 N/A                                         
msedge.exe                    1820 N/A                                         
MpCmdRun.exe                  7796 N/A                                         
firefox.exe                   6096 N/A                                         
firefox.exe                   5844 N/A                                         
firefox.exe                   3820 N/A                                         
firefox.exe                   3524 N/A                                         
firefox.exe                   9312 N/A                                         
firefox.exe                   8488 N/A                                         
firefox.exe                  10696 N/A                                         
svchost.exe                  10548 camsvc                                      
firefox.exe                   6540 N/A                                         
firefox.exe                   6060 N/A                                         
firefox.exe                   8504 N/A                                         
firefox.exe                   7356 N/A                                         
firefox.exe                   9820 N/A                                         
audiodg.exe                   6752 N/A                                         
firefox.exe                   7560 N/A                                         
svchost.exe                   9596 AppXSvc                                     
backgroundTaskHost.exe         428 N/A                                         
msedge.exe                    9684 N/A                                         
smartscreen.exe               5576 N/A                                         
cmd.exe                      10596 N/A                                         
conhost.exe                   1000 N/A                                         
firefox.exe                   5376 N/A                                         
backgroundTaskHost.exe        4636 N/A                                         
svchost.exe                   8264 ClipSVC                                     
RuntimeBroker.exe             5400 N/A                                         
tasklist.exe                  7896 N/A                                         
WmiPrvSE.exe                  7720 N/A                                         

 


  • 0

#15
monkeyboyblues
Posted 05 November 2022 - 09:16 AM

monkeyboyblues

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 146 posts

Speccy file attached...


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP