Defender found a virus. See attached. What are the ramifications of this virus? Should I quarantine or remove?
Some sites have been slower the last few weeks in Firefox and Edge.
In Firefox only, sometimes I get just the top bar of the page with the various tabs. Sometimes the page is blank. I have to press F5 to see the whole page. Sometimes I have to press F5 several times before the page displays. Sometimes I get Secure Connection Failed. Example: after logging into https://www.discover.com/. I prefer Firefox because I made a bunch of security setting changes years ago - things like not saving passwords.
Edge consistently displays the pages, it’s just slow.
I have cleared cache and cookies in both browsers.
3/25/23 Update: Yesterday I used the Defender option to delete the virus. I now have a problem with the Windows search box at the bottom left of the screen and the search box in File Explorer. In both cases, I start typing, it doesn't find anything, and it deletes what I typed. I don't know what's going on with my internet browsers because I am concerned about security. I unplugged the ethernet cable.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-03-2023
Ran by wayne (administrator) on DESKTOP-3BLPTLN (Dell Inc. XPS 8930) (23-03-2023 09:57:59)
Running from C:\Users\wayne\Desktop
Loaded Profiles: wayne
Platform: Microsoft Windows 10 Pro Version 22H2 19045.2728 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe ->) (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.UserSessionAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\DCF\Dell.DCF.UA.Bradbury.API.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DataManagerSubAgent\Dell.TechHub.DataManager.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DiagnosticsSubAgent\Dell.TechHub.Diagnostics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe
(C:\Program Files\Intel\Intel® Ready Mode Technology\IRMTService.exe ->) (Intel® RMT -> Intel Corporation) C:\Program Files\Intel\Intel® Ready Mode Technology\IRMTLyncHelper.LycnConsole.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCopyAccelerator.exe
(C:\Users\wayne\AppData\Local\WebEx\WebexHost.exe ->) (Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\wayne\AppData\Local\WebEx\WebEx64\Meetings\atmgr.exe
(Carbonite, Inc.) [File not signed] C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
(drivers\RivetNetworks\Killer\KNDBWMService.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWM.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxEM.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(explorer.exe ->) (Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\wayne\AppData\Local\WebEx\WebexHost.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\excel.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <17>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <16>
(services.exe ->) (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(services.exe ->) (Carbonite, Inc.) [File not signed] C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(services.exe ->) (Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (Dell Inc -> Dell) C:\Program Files\Dell\TechHub\Dell.TechHub.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_d6e4236a0f82e7b4\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9cf4db1a1fd1b22d\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a34e85e556ccdec6\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a34e85e556ccdec6\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_46afe571f647787a\aesm_service.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel® RMT -> Intel Corporation) C:\Program Files\Intel\Intel® Ready Mode Technology\IRMTService.exe
(services.exe ->) (Intuit ESD Test Certificate -> Intuit Inc.) [File not signed] C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe
(services.exe ->) (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdd.inf_amd64_490aa6d1fd969a51\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Qualcomm Atheros, Inc. -> ) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(svchost.exe ->) (CYBERLINK CORPORATION.) C:\Program Files\WindowsApps\DB6EA5DB.Power2GoforDell_11.0.3920.0_x86__mcezb6ze687jp\Power2Go11\CLMLSvc_P2G11.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2212.31.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11102832 2021-08-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617848 2021-08-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1236688 2020-12-04] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11327200 2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort12reminder] => C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [Carbonite Backup] => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [9806848 2023-02-06] (Carbonite, Inc.) [File not signed]
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\111.0.1661.44\Installer\setup.exe [3982272 2023-03-19] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\RunOnce: [ccleaner_update_helper] => C:\Program Files\CCleaner\ccleaner_update_helper.exe [747320 2023-03-20] (PIRIFORM SOFTWARE LIMITED -> Piriform)
HKU\S-1-5-21-3409315567-1698705800-1941238463-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [39159608 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3409315567-1698705800-1941238463-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Software Inc. -> Acresso Corporation)
HKU\S-1-5-21-3409315567-1698705800-1941238463-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\wayne\AppData\Local\WebEx\WebexHost.exe [8040032 2023-03-09] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-3409315567-1698705800-1941238463-1001\...\Run: [MicrosoftEdgeAutoLaunch_926EEA5733A432E098C3CBE889747BD1] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4056016 2023-03-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3409315567-1698705800-1941238463-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\wayne\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3409315567-1698705800-1941238463-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\wayne\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3409315567-1698705800-1941238463-1001\...\RunOnce: [Uninstall 23.038.0219.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\wayne\AppData\Local\Microsoft\OneDrive\23.038.0219.0001" (No File)
HKU\S-1-5-18\...\Policies\system: [DisableLockWorkstation] 0
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\111.0.5563.66\Installer\chrmstp.exe [2023-03-22] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {065663E3-6971-4742-BC1C-1272414065E0} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0919D627-5316-4DC5-BB5D-DABB002371C1} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {09D24C84-6139-44BD-A4D3-59E69579B8B9} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0F2F0846-DF16-409C-BBB9-B159CD245031} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2020-01-29] (Google Inc -> Google Inc.)
Task: {10FDE740-0CDD-40BD-9194-6699E2E2CFD6} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "faa3005b-e1a9-45b6-81f1-3d42dec4aebf" --version "6.10.10347" --silent
Task: {1133A6C0-C2E6-4D98-9373-FEFD3FFC5E8E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {17F9E454-6091-489B-8B1D-C38EA32F2AE9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [286088 2020-06-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {1C01744C-389F-4175-B857-48469762C4DD} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {1EBAC4D6-50D0-45CB-99AB-F5521206027B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {24B304E8-727B-4595-BA57-3C6AA047BD00} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [973744 2022-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {2B722E99-AEAC-4F9D-B255-73719F4962ED} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [718752 2023-03-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {324E99CC-3A1A-413B-9EA6-FB7B141B2A90} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3575D778-6A5C-44CD-B4D1-51E6874C085B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301928 2019-10-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {437D9614-4A9E-48D0-8869-86F7BDA0FC75} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {537CEDC7-F069-4351-93AB-40CF64B68097} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {614F987F-2222-4D3E-A4DA-A27B71D5AA75} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6FA8AC56-C2FE-47EE-97C3-BEFDD379D8AB} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [654456 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {78363BB4-8073-472A-85FC-1C3A4EACEA98} - System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4} => Powershell -noexit -command "&{$carbProgramDataPath = $env:ProgramData + '\Carbonite\Carbonite Backup\';$upgradeExe = 'CarboniteUpgrade.exe';$upgradeFullPath = $carbProgramDataPath + $upgradeExe;$logFile = 'CarboniteUpgrade.log';$logFileFullPath = $carbProgramDataPath + $logFile;$psversion = [string]$psversio (the data entry has 1922 more characters).
Task: {791145AD-68CB-414F-B430-55E4C4B7B3A6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2020-01-29] (Google Inc -> Google Inc.)
Task: {7DF2968F-D41E-444F-B4FB-6043409EF50A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8C9230FE-9BEC-41A2-A367-5872FA2061C8} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-03-22] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {919CECEB-7170-4478-9934-431D1AC181B8} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\FrameworkAgents\SupportAssistInstaller.exe [665952 2023-01-31] (Dell Inc -> Dell Inc.)
Task: {A026800D-147D-47E8-A2B6-65D3F17FA9CA} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A486B1B2-8006-4F73-BB56-F29906D02573} - System32\Tasks\CCleanerSkipUAC - wayne => C:\Program Files\CCleaner\CCleaner.exe [33038648 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {A4CB11C0-B93D-4DB4-B927-963779053F51} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {B30415FB-0BCB-4674-AF68-AFB062E9789A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {BD4CCB20-7E26-4855-8275-841CB8DF88E0} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {E8CBC0E7-4236-4ECE-A28C-2DBF7FD7FDC2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [973744 2022-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {EB9C4D4A-F14B-4958-9B85-9B6E74275626} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [286088 2020-06-16] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4b66e3fa-9d30-4e4a-9794-2c25cdd44655}: [DhcpNameServer] 192.168.1.1
Edge:
=======
DownloadDir: C:\Users\wayne\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\wayne\AppData\Local\Microsoft\Edge\User Data\Default [2023-03-23]
Edge DownloadDir: Default -> C:\Users\wayne\Downloads
Edge Notifications: Default -> hxxps://www.facebook.com; hxxps://www.youtube.com
FireFox:
========
FF DefaultProfile: we737lv3.default
FF ProfilePath: C:\Users\wayne\AppData\Roaming\Mozilla\Firefox\Profiles\we737lv3.default [2020-01-29]
FF ProfilePath: C:\Users\wayne\AppData\Roaming\Mozilla\Firefox\Profiles\fifkm0du.default-release [2023-03-23]
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\wayne\AppData\Roaming\Mozilla\Firefox\Profiles\fifkm0du.default-release\Extensions\[email protected] [2022-08-22]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-02-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2020-02-18] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\wayne\AppData\Local\Google\Chrome\User Data\Default [2022-01-29]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Slides) - C:\Users\wayne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-01-29]
CHR Extension: (Docs) - C:\Users\wayne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-01-29]
CHR Extension: (Google Drive) - C:\Users\wayne\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-13]
CHR Extension: (YouTube) - C:\Users\wayne\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-01-29]
CHR Extension: (Endpoint Verification) - C:\Users\wayne\AppData\Local\Google\Chrome\User Data\Default\Extensions\callobklhcbilhphinckomhgkigmfocg [2022-01-27]
CHR Extension: (Sheets) - C:\Users\wayne\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-01-29]
CHR Extension: (Google Docs Offline) - C:\Users\wayne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-27]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\wayne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2022-01-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\wayne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-14]
CHR Extension: (Gmail) - C:\Users\wayne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-13]
CHR Profile: C:\Users\wayne\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-02-10]
CHR Profile: C:\Users\wayne\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-02-08]
CHR HomePage: Profile 1 -> hxxp://www.google.com
CHR Extension: (Endpoint Verification) - C:\Users\wayne\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\callobklhcbilhphinckomhgkigmfocg [2023-02-08]
CHR Extension: (Affixa - Gmail Draft Display) - C:\Users\wayne\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ceimgagkkofjoalgojpkdcmhmbljbbaa [2022-01-27]
CHR Extension: (Google Docs Offline) - C:\Users\wayne\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-02-08]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\wayne\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2023-02-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\wayne\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-27]
CHR Profile: C:\Users\wayne\AppData\Local\Google\Chrome\User Data\System Profile [2022-02-10]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 CarboniteService; C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe [8992256 2023-02-06] (Carbonite, Inc.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3054520 2022-04-28] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [458960 2022-11-08] (Dell Inc -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [161488 2022-11-08] (Dell Inc -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [484560 2022-11-08] (Dell Inc -> Dell Technologies Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2017-09-19] (Dell Inc -> Dell Inc.)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [55712 2022-11-07] (Dell Inc -> )
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [22224 2023-01-17] (Dell Inc -> Dell INC.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [47320 2022-11-18] (Dell Inc -> )
R2 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [156064 2022-08-15] (Dell Inc -> Dell)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe [2358800 2022-05-19] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 IntuitUpdateServiceV4; C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [19840 2022-08-24] (Intuit ESD Test Certificate -> Intuit Inc.) [File not signed]
R2 IRMTService; C:\Program Files\Intel\Intel® Ready Mode Technology\IRMTService.exe [183424 2017-08-08] (Intel® RMT -> Intel Corporation)
S3 KAPSService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KAPSService.exe [86200 2022-11-29] (Intel Corporation -> Intel® Corporation)
R2 Killer Analytics Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [2489016 2022-11-29] (Intel Corporation -> Intel)
R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2988248 2022-11-29] (Intel Corporation -> Intel)
R3 KNDBWM; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [86232 2022-11-29] (Intel Corporation -> Intel® Corporation)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
R2 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [188728 2022-01-24] (Qualcomm Atheros, Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [226976 2023-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [160096 2023-01-31] (Dell Inc -> Dell Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvdd.inf_amd64_490aa6d1fd969a51\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvdd.inf_amd64_490aa6d1fd969a51\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R3 BrSerIb; C:\WINDOWS\system32\DRIVERS\BrSerIb.sys [95344 2013-05-22] (Brother Industries, Ltd. -> Brother Industries Ltd.)
R3 BrUsbSIb; C:\WINDOWS\system32\DRIVERS\BrUsbSIb.sys [21872 2013-05-22] (Brother Industries, Ltd. -> Brother Industries Ltd.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R2 CLFCL5.14; C:\WINDOWS\system32\DRIVERS\CLFCL5.14\000.fcl [46848 2017-07-19] (CyberLink Corp. -> CyberLink Corp.)
R3 DBUtilDrv2; C:\WINDOWS\System32\drivers\DBUtilDrv2.sys [24968 2023-03-22] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
S3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [43400 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies)
R3 DellInstrumentation; C:\WINDOWS\System32\drivers\DellInstrumentation.sys [37808 2022-05-20] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys [215088 2022-11-29] (Intel Corporation -> Rivet Networks, LLC.)
R3 MpKsla4a46dfa; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F540545A-022D-485D-9106-DCE531F25CBB}\MpKslDrv.sys [211208 2023-03-23] (Microsoft Windows -> Microsoft Corporation)
R3 ScrHIDDriver3; C:\WINDOWS\System32\drivers\ScrHIDDriver3.sys [63296 2021-10-01] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
S3 USB28xxBGA; C:\WINDOWS\system32\DRIVERS\emBDA64.sys [971160 2019-07-21] (Microsoft Windows Hardware Compatibility Publisher -> eMPIA Technology Corp.)
S3 USB28xxOEM; C:\WINDOWS\system32\DRIVERS\emOEM64.sys [1581464 2019-07-21] (Microsoft Windows Hardware Compatibility Publisher -> eMPIA Technology Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2023-02-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473336 2023-02-14] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99576 2023-02-14] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-03-23 09:57 - 2023-03-23 09:58 - 000036575 _____ C:\Users\wayne\Desktop\FRST.txt
2023-03-23 09:57 - 2023-03-23 09:58 - 000000000 ____D C:\FRST
2023-03-23 09:57 - 2023-03-23 09:57 - 002378752 _____ (Farbar) C:\Users\wayne\Desktop\FRST64.exe
2023-03-23 09:57 - 2023-03-23 09:57 - 000000000 ____D C:\Users\wayne\Desktop\FRST-OlderVersion
2023-03-21 04:56 - 2023-03-21 04:56 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-03-21 04:56 - 2023-03-21 04:56 - 000003476 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-03-21 04:56 - 2023-03-21 04:56 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-03-20 20:35 - 2023-03-20 20:35 - 012213734 _____ C:\Users\wayne\Downloads\love potion #9.mp4
2023-03-19 08:34 - 2023-03-19 08:34 - 000273901 _____ C:\Users\wayne\Downloads\wireless MyBill_03.15.2023.pdf
2023-03-18 08:52 - 2023-03-18 08:52 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3409315567-1698705800-1941238463-1001
2023-03-18 08:52 - 2023-03-18 08:52 - 000002385 _____ C:\Users\wayne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-03-17 09:31 - 2023-03-17 09:31 - 000083675 ____R C:\Users\wayne\Downloads\Tax_Forms.pdf
2023-03-16 14:00 - 2023-03-16 14:00 - 000829952 _____ C:\Users\wayne\Documents\Bykota membership card Mar 2023.pdf
2023-03-15 05:51 - 2023-03-15 05:51 - 000236806 ____R C:\Users\wayne\Downloads\paper-bill-4.pdf
2023-03-15 02:18 - 2023-03-15 02:18 - 000000000 ___HD C:\$WinREAgent
2023-03-13 13:42 - 2023-03-13 13:42 - 000433023 _____ C:\Users\wayne\Downloads\Kenmore Vacuum sales receipt.pdf
2023-03-13 13:39 - 2023-03-13 13:39 - 000099157 _____ C:\Users\wayne\Downloads\Vacuum Replacement Form v2 filled out v2.pdf
2023-03-13 13:32 - 2023-03-13 13:32 - 000058029 _____ C:\Users\wayne\Downloads\Vacuum Replacement Form v2 filled out.pdf
2023-03-13 13:18 - 2023-03-13 13:18 - 000052317 ____R C:\Users\wayne\Downloads\Vacuum Replacement Form v2.pdf
2023-03-09 10:55 - 2023-03-09 10:55 - 000182627 ____R C:\Users\wayne\Downloads\Kern Letter-2.pdf
2023-03-09 10:50 - 2023-03-09 10:50 - 000208472 _____ C:\Users\wayne\Documents\Warren Kern Dad life insurance page 2.pdf
2023-03-09 00:50 - 2023-03-09 00:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2023-03-08 19:08 - 2023-03-08 19:08 - 000172560 ____R C:\Users\wayne\Downloads\GTCC Agenda 3-8-23-2.pdf
2023-03-08 19:04 - 2023-03-08 19:04 - 000172560 ____R C:\Users\wayne\Downloads\GTCC Agenda 3-8-23-1.pdf
2023-03-08 15:46 - 2023-03-08 15:46 - 000172560 ____R C:\Users\wayne\Downloads\GTCC Agenda 3-8-23.pdf
2023-03-07 15:26 - 2023-03-07 15:26 - 000122670 ____R C:\Users\wayne\Downloads\Preliminary_Estimate.pdf
2023-03-07 08:20 - 2023-03-07 08:20 - 000000867 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2023-03-07 08:20 - 2023-03-07 08:20 - 000000855 _____ C:\Users\Public\Desktop\Audacity.lnk
2023-03-04 11:54 - 2023-03-04 11:54 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2023-03-02 14:44 - 2023-03-02 14:45 - 000000000 ____D C:\Users\wayne\Documents\Mom care
2023-03-01 16:40 - 2023-03-01 16:40 - 000106933 ____R C:\Users\wayne\Downloads\16734657220947440194279229451230-1.pdf
2023-03-01 15:44 - 2023-03-09 12:46 - 000000000 ____D C:\Users\wayne\Documents\Virgin Pulse Preventive Health Activity Forms
2023-03-01 13:33 - 2023-03-01 13:33 - 000316223 ____R C:\Users\wayne\Downloads\FR1018G_fillable-1.pdf
2023-03-01 13:33 - 2023-03-01 13:33 - 000182627 ____R C:\Users\wayne\Downloads\Kern Letter-1.pdf
2023-02-28 14:32 - 2023-02-28 14:32 - 000002137 _____ C:\Users\Public\Desktop\Carbonite.lnk
2023-02-28 14:32 - 2023-02-28 14:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carbonite
2023-02-28 07:12 - 2023-02-28 07:12 - 000001501 _____ C:\Users\Public\Desktop\Foxit PDF Reader.lnk
2023-02-28 07:12 - 2023-02-28 07:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PDF Reader
2023-02-27 18:19 - 2023-02-27 18:19 - 001534511 _____ C:\Users\wayne\Documents\Vanguard POA Full Agent Authorization.pdf
2023-02-27 18:18 - 2023-02-27 18:18 - 001534511 ____R C:\Users\wayne\Downloads\Full Agent Authorization.pdf
2023-02-27 17:20 - 2023-02-27 17:20 - 000329503 _____ C:\Users\wayne\Documents\Warren Kern Dad life insurance.pdf
2023-02-27 16:55 - 2023-02-27 16:55 - 000182627 ____R C:\Users\wayne\Downloads\Kern Letter.pdf
2023-02-27 16:54 - 2023-02-27 16:54 - 000316223 ____R C:\Users\wayne\Downloads\FR1018G_fillable.pdf
2023-02-25 13:15 - 2023-02-25 13:15 - 000150742 _____ C:\Users\wayne\Documents\water bill 022523 payment receipt.pdf
2023-02-24 09:52 - 2023-02-24 09:52 - 006477689 _____ C:\Users\wayne\Downloads\BillImage (1).pdf
2023-02-21 16:30 - 2023-02-21 16:30 - 000181045 _____ C:\Users\wayne\Documents\G&L Manual.pdf
2023-02-21 16:29 - 2023-02-21 16:29 - 000181045 ____R C:\Users\wayne\Downloads\glmanual.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-03-23 09:58 - 2020-02-18 17:40 - 000000000 ____D C:\Users\wayne\Documents\Outlook Files
2023-03-23 09:55 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-03-23 09:48 - 2020-11-11 07:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-03-23 09:47 - 2020-08-19 14:25 - 000000000 ____D C:\Users\wayne\AppData\Local\WebEx
2023-03-23 09:32 - 2020-01-29 21:03 - 000000000 ____D C:\Program Files (x86)\Google
2023-03-23 09:28 - 2022-02-08 06:21 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-03-23 09:27 - 2020-01-29 20:55 - 000000000 ____D C:\Users\wayne\AppData\LocalLow\Mozilla
2023-03-23 04:57 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-03-23 04:57 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-03-23 04:56 - 2020-02-15 13:27 - 000000000 ____D C:\Program Files\CCleaner
2023-03-23 03:39 - 2020-11-11 07:39 - 000004168 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{C0754281-BB32-453E-A69E-79A43F797B0D}
2023-03-22 21:49 - 2020-01-21 23:25 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2023-03-22 20:28 - 2020-11-11 07:39 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-03-22 20:28 - 2020-11-11 07:39 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-03-22 16:34 - 2020-01-29 21:03 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-03-22 16:34 - 2020-01-29 21:03 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-03-22 12:39 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2023-03-22 12:25 - 2020-01-21 23:25 - 000000000 ____D C:\ProgramData\NVIDIA
2023-03-22 04:04 - 2020-06-18 16:38 - 000000000 ____D C:\Users\wayne\Documents\Old stuff
2023-03-22 03:47 - 2021-10-05 05:20 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-03-22 03:47 - 2020-02-15 15:22 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-03-22 03:47 - 2020-01-29 20:55 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-03-22 03:47 - 2020-01-29 20:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-03-21 04:56 - 2020-02-15 13:27 - 000000867 _____ C:\Users\Public\Desktop\CCleaner.lnk
2023-03-20 10:19 - 2022-01-25 05:53 - 000000000 ____D C:\Users\wayne\Documents\Mom legal documents
2023-03-19 21:20 - 2020-02-18 17:40 - 000000000 ____D C:\Users\wayne\Documents\DOV
2023-03-19 16:21 - 2021-03-03 18:39 - 000012533 _____ C:\Users\wayne\Documents\Mom rent payments.xlsx
2023-03-19 05:09 - 2020-02-18 17:43 - 000000000 ____D C:\Users\wayne\Documents\recipes
2023-03-19 01:28 - 2020-05-21 23:28 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-03-19 01:28 - 2020-05-21 23:28 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-03-18 08:52 - 2021-12-13 09:50 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3409315567-1698705800-1941238463-1001
2023-03-17 20:06 - 2021-12-29 12:11 - 000000000 ____D C:\Users\wayne\Documents\Mom financial
2023-03-17 04:36 - 2020-01-28 18:06 - 000000000 __SHD C:\Users\wayne\IntelGraphicsProfiles
2023-03-16 21:36 - 2020-11-11 07:44 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-03-16 21:32 - 2021-12-23 03:13 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-03-16 21:32 - 2021-04-24 21:29 - 000451192 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-03-16 21:32 - 2020-11-11 07:39 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-03-16 21:32 - 2020-11-11 07:35 - 000008192 ___SH C:\DumpStack.log.tmp
2023-03-16 21:32 - 2020-01-21 23:22 - 000000000 ____D C:\Intel
2023-03-16 21:30 - 2019-12-07 05:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-03-16 21:30 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-03-16 21:30 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-03-16 21:30 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-03-16 21:30 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-03-16 21:30 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-03-16 21:30 - 2019-12-07 05:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-03-16 14:27 - 2020-02-18 17:40 - 000000000 ___RD C:\Users\wayne\Documents\Nursing Home gigs
2023-03-15 10:13 - 2020-02-22 18:51 - 000000000 ____D C:\Users\wayne\Documents\Turbo Tax backup
2023-03-15 10:13 - 2020-02-15 12:26 - 000000000 ____D C:\Users\wayne\Documents\TurboTax
2023-03-15 02:32 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-03-15 02:27 - 2020-11-11 07:36 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-03-15 02:17 - 2020-01-29 21:04 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-03-15 02:12 - 2020-01-29 21:04 - 153620824 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-03-14 11:56 - 2020-02-18 17:40 - 000000000 ___RD C:\Users\wayne\Documents\Mood Swings
2023-03-14 10:17 - 2020-02-18 17:44 - 000020331 _____ C:\Users\wayne\Documents\Movies.xlsx
2023-03-14 10:14 - 2020-02-18 17:43 - 000000000 ____D C:\Users\wayne\Documents\Taxes
2023-03-12 20:44 - 2020-02-18 17:40 - 000000000 ____D C:\Users\wayne\Documents\Financial
2023-03-09 10:25 - 2020-02-18 17:44 - 000013424 _____ C:\Users\wayne\Documents\concert tickets.xlsx
2023-03-09 00:52 - 2022-06-07 13:33 - 000000000 ____D C:\Users\wayne\AppData\Roaming\DropboxElectron
2023-03-09 00:52 - 2020-02-15 12:55 - 000000000 ____D C:\Users\wayne\AppData\Local\Dropbox
2023-03-09 00:50 - 2020-02-15 12:55 - 000000000 ____D C:\Program Files (x86)\Dropbox
2023-03-07 08:20 - 2021-08-02 06:14 - 000000000 ____D C:\Program Files\Audacity
2023-03-06 18:31 - 2020-01-28 18:06 - 000000000 ____D C:\Users\wayne\AppData\Local\Packages
2023-03-05 08:08 - 2020-01-29 22:29 - 000000000 ____D C:\Users\wayne\AppData\Local\ElevatedDiagnostics
2023-03-04 22:13 - 2020-02-18 17:44 - 000007704 _____ C:\Users\wayne\Documents\Buy stuff.txt
2023-03-04 11:49 - 2020-02-18 17:44 - 000010324 _____ C:\Users\wayne\Documents\Magazine log.xlsx
2023-03-01 13:25 - 2020-02-18 18:07 - 000000841 _____ C:\WINDOWS\Brpfx04a.ini
2023-03-01 05:31 - 2020-02-15 12:55 - 000000938 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2023-03-01 05:31 - 2020-02-15 12:55 - 000000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2023-03-01 02:43 - 2020-11-11 07:39 - 000003998 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2023-03-01 02:43 - 2020-11-11 07:39 - 000003766 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2023-02-28 14:32 - 2020-11-11 07:39 - 000008538 _____ C:\WINDOWS\system32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4}
2023-02-28 14:32 - 2020-02-15 12:56 - 000000000 ____D C:\Users\wayne\AppData\Local\CrashDumps
2023-02-24 16:24 - 2020-02-18 17:40 - 000000000 ___RD C:\Users\wayne\Documents\Erie insurance payments
2023-02-24 10:45 - 2022-11-27 05:20 - 000000000 ___RD C:\Users\wayne\Documents\Credit reports
2023-02-24 09:46 - 2023-02-19 08:04 - 000000000 ____D C:\Users\wayne\Documents\Legal documents
2023-02-22 02:09 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-02-22 02:09 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-02-22 02:09 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-02-21 05:34 - 2020-02-18 15:43 - 000000000 ____D C:\Program Files\Microsoft Office 15
==================== Files in the root of some directories ========
2020-01-29 20:46 - 2020-01-29 20:46 - 000000171 _____ () C:\Users\wayne\AppData\Roaming\1eb766f2-fed1-4d33-9c39-2c8a972fd11f
2020-01-29 20:46 - 2020-01-29 20:46 - 000000304 _____ () C:\Users\wayne\AppData\Roaming\4e93aa11-2d46-4980-a421-0a4ac759e5bf
2020-02-18 12:58 - 2020-02-18 12:58 - 000000171 _____ () C:\Users\wayne\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0
2020-01-29 20:46 - 2020-01-29 20:46 - 000000175 _____ () C:\Users\wayne\AppData\Roaming\fc19ece2-6b3f-4f22-8758-9651ab9ca388
2021-05-31 13:30 - 2021-05-31 13:30 - 000003584 _____ () C:\Users\wayne\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-03-2023
Ran by wayne (23-03-2023 09:59:31)
Running from C:\Users\wayne\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.2728 (X64) (2020-11-11 11:39:58)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3409315567-1698705800-1941238463-500 - Administrator - Disabled) => C:\Users\Administrator.DESKTOP-3BLPTLN
DefaultAccount (S-1-5-21-3409315567-1698705800-1941238463-503 - Limited - Disabled)
Guest (S-1-5-21-3409315567-1698705800-1941238463-501 - Limited - Disabled)
wayne (S-1-5-21-3409315567-1698705800-1941238463-1001 - Administrator - Enabled) => C:\Users\wayne
WDAGUtilityAccount (S-1-5-21-3409315567-1698705800-1941238463-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov)
ActivePresenter (HKLM\...\{A2A40277-D807-4754-95A3-2F294C2C51D3}_is1) (Version: 8.2.3 - Atomi Systems, Inc.)
Amazing Slow Downer (remove only) (HKLM-x32\...\Amazing Slow Downer) (Version: - )
Audacity 3.0.2 (HKLM-x32\...\Audacity_is1) (Version: 3.0.2 - Audacity Team)
Audacity 3.2.5 (64-bit) (HKLM\...\Audacity_is1) (Version: 3.2.5 - Audacity Team)
Brother MFL-Pro Suite MFC-7360N (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
Canon Utilities Digital Photo Professional 4 (HKLM-x32\...\Digital Photo Professional 4 (x64)) (Version: 4.12.0.4 - Canon Inc.)
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.12.0.3 - Canon Inc.)
Carbonite (HKLM-x32\...\{32C96C56-33BC-4BB1-8793-3F1E0AFF26FD}) (Version: 6.4.6 build 27 (Feb-06-2023) - Carbonite)
CCleaner (HKLM\...\CCleaner) (Version: 6.10 - Piriform)
CD Wave Editor version 1.72 (HKLM-x32\...\CD Wave_is1) (Version: 1.72 - )
Cisco Webex Meetings (HKU\S-1-5-21-3409315567-1698705800-1941238463-1001\...\ActiveTouchMeetingClient) (Version: 42.4.1 - Cisco Webex LLC)
Dell Customer Connect (HKLM-x32\...\{04A41EBC-AB30-4574-A14D-E0CDFE31AB70}) (Version: 1.5.1.0 - Dell Inc.)
Dell Digital Delivery Services (HKLM-x32\...\{CF95CED4-3A1E-4486-B7FA-428C25D617ED}) (Version: 5.0.64.0 - Dell Inc.)
Dell Mobile Connect Driver (HKLM\...\{6F9CB82D-BC34-4FC1-B90D-AFFAC5C85E7B}) (Version: 4.1.7498 - Screenovate Technologies Ltd.)
Dell OS Recovery Tool (HKLM-x32\...\{1A236038-C023-4397-87EB-10127699BD10}) (Version: 2.3.6094.0 - Dell) Hidden
Dell OS Recovery Tool (HKLM-x32\...\{f50dbbb3-b883-4f60-b5bf-6f221599f767}) (Version: 2.3.6094 - Dell Inc.)
Dell SupportAssist (HKLM\...\{82B84211-71FD-4AB7-87D1-68568646860F}) (Version: 3.13.2.14 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{5B678BC6-D551-458B-893D-B442B21ECD21}) (Version: 5.5.4.16189 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{dc44ee3f-d6c1-444d-a660-b0f1ac90b51d}) (Version: 5.5.4.16189 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{DC9B5977-7B0A-4A86-A55E-72488C990E6E}) (Version: 5.5.5.16458 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{6b7b873a-87ed-446e-96e4-74aa2bc926bb}) (Version: 5.5.5.16458 - Dell Inc.)
Dell Update for Windows Universal (HKLM\...\{E5C8AC27-6F8A-4D9C-A239-8673A6CA9570}) (Version: 4.7.1 - Dell Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 169.4.5684 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.733.1 - Dropbox, Inc.) Hidden
DVDFab (x64) 11.0.7.4 (18/02/2020) (HKLM-x32\...\DVDFab 11(x64)) (Version: 11.0.7.4 - DVDFab Software Inc.)
DVDFab 10.0.7.8 (16/01/2018) (HKLM-x32\...\DVDFab 10) (Version: 10.0.7.8 - Fengtao Software Inc.)
DVDFab 11.0.7.4 (18/02/2020) (HKLM-x32\...\DVDFab 11) (Version: 11.0.7.4 - DVDFab Software Inc.)
DVDFab 12 (29/12/2020) (HKLM-x32\...\DVDFab 12) (Version: 12.0.1.5 - DVDFab Software Inc.)
DVDFab 12 (x64) (26/05/2021) (HKLM-x32\...\DVDFab 12 (x64)) (Version: 12.0.3.1 - DVDFab Software Inc.)
DVDFab 8.0.8.0 Beta (12/03/2011) (HKLM-x32\...\DVDFab 8_is1) (Version: - Fengtao Software Inc.)
Foxit PDF Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 12.1.1.15289 - Foxit Software Inc.)
GlanceGuest version 4.17.1.19 (HKLM-x32\...\{F5AC5408-CC29-47C0-AD53-1BBBF268B364}_is1) (Version: 4.17.1.19 - Glance Networks, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 111.0.5563.66 - Google LLC)
honestech VHS to DVD 5.0 Deluxe (HKLM-x32\...\{44FF002B-5AB3-4447-8F98-614387B63EE6}) (Version: 5.0 - honestech)
Intel® Chipset Device Software (HKLM\...\{00C43022-CFDA-4942-9D3F-04199C91C939}) (Version: 10.1.18121.8164 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{37942a92-9e3f-4d70-9b5c-5955cbc54505}) (Version: 10.1.18121.8164 - Intel® Corporation)
Intel® Management Engine Components (HKLM\...\{1A9FE6B4-801A-4AF0-AEDB-EA49BD80C9F2}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2205.15.0.2623 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{B7F27296-F1AE-46BB-8BD7-5E0EED0EA1AC}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Driver (HKLM\...\{9EB5F95A-335A-414D-BECE-BA2CE114A856}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Ready Mode Technology (HKLM\...\{DBF0CA69-EADE-4CE0-8C09-D200FE80BCDC}) (Version: 1.1.70.534 - Intel Corporation)
Intel® Serial IO (HKLM\...\{75000D29-0D43-467B-84AC-12EB33DA1F14}) (Version: 30.100.1943.2 - Intel Corporation) Hidden
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1943.2 - Intel Corporation)
Intel® Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.63.1155.2 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.63.1155.2 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{5f9b06c7-aa5d-482b-a7e6-5355a325f465}) (Version: 1.63.1155.2 - Intel Corporation) Hidden
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{7EBADAB6-B7AC-4560-85A7-FF345559F193}) (Version: 17.2.6.1027 - Intel Corporation)
Killer Ethernet Performance Driver Suite UWD (HKLM\...\{2D645390-CC15-4330-94C5-A6BE37B267F8}) (Version: 33.22.1182 - Rivet Networks)
Killer Wireless Driver UWD (HKLM\...\{D9007C95-A9B6-41FD-B6DF-B97DFFC4BE84}) (Version: 2.3.1513 - Rivet Networks)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.13058.0 - Waves Audio Ltd.) Hidden
Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.9 (x64) (HKLM\...\{C30ABA3F-32C0-43D1-B3B8-9AEFD58A15D9}) (Version: 48.39.47157 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.9 (x64) (HKLM\...\{FD10B803-97FD-4867-9753-8784BC35D2F8}) (Version: 48.39.47157 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM-x32\...\{a699b48e-5748-4980-ad92-0b61b1d9d718}) (Version: 5.0.17.31213 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.9 (x64) (HKLM\...\{0B4F742D-2D47-4E95-B756-402822D31C48}) (Version: 48.39.47157 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.9 (x64) (HKLM-x32\...\{67950e91-8f8f-4d75-9252-7cca68ccdacc}) (Version: 6.0.9.31619 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 111.0.1661.44 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 111.0.1661.44 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.5529.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3409315567-1698705800-1941238463-1001\...\OneDriveSetup.exe) (Version: 23.043.0226.0001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3409315567-1698705800-1941238463-500\...\OneDriveSetup.exe) (Version: 19.222.1110.0006 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{6ACED991-1E65-4D16-8F6A-1AA1A0B97596}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{7465FCB9-1918-4438-9337-47BAF1902684}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 x64 Additional Runtime - 14.13.26020 (HKLM\...\{C5ECDB9A-D9B0-3107-BA85-1269998A5B3E}) (Version: 14.13.26020 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x64 Minimum Runtime - 14.13.26020 (HKLM\...\{221D6DB4-46E2-333C-B09B-5F49351D0980}) (Version: 14.13.26020 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x86 Additional Runtime - 14.13.26020 (HKLM-x32\...\{895D5198-C5DB-375E-86AB-133F4DAA9FE2}) (Version: 14.13.26020 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.13.26020 (HKLM-x32\...\{8F271F6C-6E7B-3D0A-951B-6E7B694D78BD}) (Version: 14.13.26020 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 111.0.1 (x64 en-US)) (Version: 111.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 109.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nuance PaperPort 12 (HKLM-x32\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
NVIDIA GeForce Experience 3.20.1.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.1.57 - NVIDIA Corporation)
NVIDIA Graphics Driver 526.98 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 526.98 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5529.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5529.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.5529.1000 - Microsoft Corporation) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
Qualcomm 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{E7086B15-806E-4519-A876-DBA9FDDE9A13}) (Version: 11.0.0.10531 - Qualcomm)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9205.1 - Realtek Semiconductor Corp.)
REAPER (x64) (HKLM\...\REAPER) (Version: - )
TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)
TurboTax 2012 WinPerFedFormset (HKLM-x32\...\{89EC099E-958D-462E-972C-385591946978}) (Version: 012.000.2309 - Intuit Inc.) Hidden
TurboTax 2012 WinPerReleaseEngine (HKLM-x32\...\{F014B696-28C5-4554-802F-A15380418F53}) (Version: 012.000.0474 - Intuit Inc.) Hidden
TurboTax 2012 WinPerTaxSupport (HKLM-x32\...\{A8B1F076-965D-4663-A9D4-C2FB58A42AE4}) (Version: 012.000.0186 - Intuit Inc.) Hidden
TurboTax 2012 wmdiper (HKLM-x32\...\{ABBE458D-C10D-4B36-8C95-92DE9D196B1B}) (Version: 012.000.1471 - Intuit Inc.) Hidden
TurboTax 2012 wrapper (HKLM-x32\...\{E83F5F27-43F3-4163-ABE5-F68C989286ED}) (Version: 012.000.0127 - Intuit Inc.) Hidden
TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
TurboTax 2013 WinPerFedFormset (HKLM-x32\...\{0A7DD94B-B746-4FB0-8688-8598C22793A0}) (Version: 013.000.2289 - Intuit Inc.) Hidden
TurboTax 2013 WinPerReleaseEngine (HKLM-x32\...\{2A4EEB5C-3BA6-4299-A87F-783861B567D9}) (Version: 013.000.0522 - Intuit Inc.) Hidden
TurboTax 2013 WinPerTaxSupport (HKLM-x32\...\{358C44FD-6943-4CDD-B947-7F7C4ADC8A8F}) (Version: 013.000.0170 - Intuit Inc.) Hidden
TurboTax 2013 wmdiper (HKLM-x32\...\{57642511-A663-44B7-9EEE-5BCEC1A44A8A}) (Version: 013.000.1478 - Intuit Inc.) Hidden
TurboTax 2013 wrapper (HKLM-x32\...\{606EB5EB-AADF-4E21-B715-1CAD291181D6}) (Version: 013.000.0135 - Intuit Inc.) Hidden
TurboTax 2015 (HKLM-x32\...\TurboTax 2015) (Version: 2015.0 - Intuit, Inc)
TurboTax 2015 WinPerFedFormset (HKLM-x32\...\{08D0C864-211B-4095-8C3E-2D2CAB64CDA9}) (Version: 015.000.2677 - Intuit Inc.) Hidden
TurboTax 2015 WinPerFuegoContent (HKLM-x32\...\{B48A745E-B79A-417F-8775-421EF44C92D1}) (Version: 015.000.0429 - Intuit Inc.) Hidden
TurboTax 2015 WinPerReleaseEngine (HKLM-x32\...\{B0119415-6743-4707-AB4D-1928F5E81FDD}) (Version: 015.000.0572 - Intuit Inc.) Hidden
TurboTax 2015 WinPerTaxSupport (HKLM-x32\...\{BDC1955D-38D6-4747-8B0A-B2B7CFEA1E7D}) (Version: 015.000.0182 - Intuit Inc.) Hidden
TurboTax 2015 wmdiper (HKLM-x32\...\{AC70EF5F-0046-48FD-9AD9-87C711CEB994}) (Version: 015.000.1673 - Intuit Inc.) Hidden
TurboTax 2015 wrapper (HKLM-x32\...\{6FF818ED-865F-4C55-A073-DD6C9CE7B6A8}) (Version: 015.000.0126 - Intuit Inc.) Hidden
TurboTax 2016 (HKLM-x32\...\TurboTax 2016) (Version: 2016.0 - Intuit, Inc)
TurboTax 2016 WinPerFedFormset (HKLM-x32\...\{1D28A880-201A-42DD-891C-875860B17631}) (Version: 016.000.3461 - Intuit Inc.) Hidden
TurboTax 2016 WinPerReleaseEngine (HKLM-x32\...\{FD003E07-4E56-4CFC-9106-B7AAB234398E}) (Version: 016.000.0620 - Intuit Inc.) Hidden
TurboTax 2016 WinPerTaxSupport (HKLM-x32\...\{4DF70C79-FF25-4836-AEFB-899ECF4C6A30}) (Version: 016.000.0183 - Intuit Inc.) Hidden
TurboTax 2016 wmdiper (HKLM-x32\...\{DEA53540-72A1-4511-8508-D0F28B993ACC}) (Version: 016.000.1785 - Intuit Inc.) Hidden
TurboTax 2016 wrapper (HKLM-x32\...\{B6E9FEF8-5EA1-448B-9423-6683F48D5978}) (Version: 016.000.0220 - Intuit Inc.) Hidden
TurboTax 2017 (HKLM-x32\...\TurboTax 2017) (Version: 2017.0 - Intuit, Inc)
TurboTax 2017 WinPerFedFormset (HKLM-x32\...\{EBB7DFDE-A910-4678-8A9F-757B2C8A8158}) (Version: 017.000.3979 - Intuit Inc.) Hidden
TurboTax 2017 WinPerReleaseEngine (HKLM-x32\...\{859EAFFC-3640-430C-B4E2-0E6F75AF6CA9}) (Version: 017.000.0781 - Intuit Inc.) Hidden
TurboTax 2017 WinPerTaxSupport (HKLM-x32\...\{71A541CA-896C-463A-A396-DCFBA148AC48}) (Version: 017.000.0134 - Intuit Inc.) Hidden
TurboTax 2017 wmdiper (HKLM-x32\...\{DA5D74D7-B321-4863-B5B7-52B7EA8FE766}) (Version: 017.000.1828 - Intuit Inc.) Hidden
TurboTax 2017 wrapper (HKLM-x32\...\{7EEF100B-8223-4951-99C5-FEC4CEAB763E}) (Version: 017.000.0126 - Intuit Inc.) Hidden
TurboTax 2018 (HKLM-x32\...\TurboTax 2018) (Version: 2018.0 - Intuit, Inc)
TurboTax 2018 WinPerFedFormset (HKLM-x32\...\{4F5D754A-4CF7-489E-9FC7-DCF124A9C13B}) (Version: 018.000.3420 - Intuit Inc.) Hidden
TurboTax 2018 WinPerReleaseEngine (HKLM-x32\...\{3B81DEB0-2307-4542-A370-47D7B15B4EE5}) (Version: 018.000.0674 - Intuit Inc.) Hidden
TurboTax 2018 WinPerTaxSupport (HKLM-x32\...\{E9FCBA33-DB82-4992-A4FE-3A2D4C974DD7}) (Version: 018.000.0130 - Intuit Inc.) Hidden
TurboTax 2018 wmdiper (HKLM-x32\...\{29519E5A-DA64-4162-ABF6-DA2211E5EC66}) (Version: 018.000.1477 - Intuit Inc.) Hidden
TurboTax 2018 wrapper (HKLM-x32\...\{B29215FE-D5C4-4C2D-BDA1-11EBF3638653}) (Version: 018.000.0109 - Intuit Inc.) Hidden
TurboTax 2019 (HKLM-x32\...\TurboTax 2019) (Version: 2019.0 - Intuit, Inc)
TurboTax 2019 WinPerFedFormset (HKLM-x32\...\{E06C08B0-B8A7-4D16-AC3D-A9B215B4DF33}) (Version: 019.000.3008 - Intuit Inc.) Hidden
TurboTax 2019 WinPerReleaseEngine (HKLM-x32\...\{3B2774BA-9EAF-4AC6-8E06-98EA76831746}) (Version: 019.000.0809 - Intuit Inc.) Hidden
TurboTax 2019 WinPerTaxSupport (HKLM-x32\...\{7A9F6F61-D188-4851-A4B5-1766EB5295C9}) (Version: 019.000.0115 - Intuit Inc.) Hidden
TurboTax 2019 wmdiper (HKLM-x32\...\{EB84136F-C21D-43B7-BAB4-D62D911DCFE7}) (Version: 019.000.1832 - Intuit Inc.) Hidden
TurboTax 2019 wrapper (HKLM-x32\...\{DF0DB405-2E2C-4DFE-A6E7-342E7900F594}) (Version: 019.000.0127 - Intuit Inc.) Hidden
TurboTax 2020 (HKLM-x32\...\TurboTax 2020) (Version: 2020.0 - Intuit, Inc)
TurboTax 2020 WinPerReleaseMsi (HKLM-x32\...\{52E6AD69-FBE7-42C0-9F5B-CD282EB7FD76}) (Version: 020.000.1918 - Intuit Inc.) Hidden
TurboTax 2020 wmdiper (HKLM-x32\...\{D0974894-7971-4976-ADF5-E60D4BDDE35E}) (Version: 020.000.1120 - Intuit Inc.) Hidden
TurboTax 2022 (HKLM-x32\...\{E02EC8E6-200F-4BF9-AF32-572FEA31F457}) (Version: 022.000.0471 - Intuit Inc.)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
vanBasco's Karaoke Player (HKLM-x32\...\VMidi) (Version: - )
VIDBOX VCDE Driver (HKLM-x32\...\VIDBOX VCDE Driver) (Version: 5.2019.0614.0 - VIDBOX Inc.)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
wmdiperStateIS (HKLM-x32\...\{2063D5C5-34CD-441E-90A2-C73844721B68}) (Version: 022.000.0107 - Intuit Inc.) Hidden
Zoom (HKU\S-1-5-21-3409315567-1698705800-1941238463-1001\...\ZoomUMX) (Version: 5.6.1 (617) - Zoom Video Communications, Inc.)
Packages:
=========
Dell Cinema Guide -> C:\Program Files\WindowsApps\DellInc.DellCinemaGuide_1.0.49.0_x64__htrsf667h5kn2 [2023-03-23] (Dell Inc)
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.4.1.0_x64__htrsf667h5kn2 [2022-11-21] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_5.0.64.0_x64__htrsf667h5kn2 [2022-12-05] (Dell Inc)
Dell Mobile Connect 3.3 -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0 [2021-09-19] (Screenovate Technologies) [Startup Task]
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.13.7.0_x64__htrsf667h5kn2 [2023-03-16] (Dell Inc)
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_4.7.5.0_x86__htrsf667h5kn2 [2022-11-28] (Dell Inc)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4628.0_x64__8j3eq9eme6ctt [2023-03-09] (INTEL CORP) [Startup Task]
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1037.0_x64__8j3eq9eme6ctt [2023-03-06] (INTEL CORP)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa [2022-12-15] (Apple Inc.) [Startup Task]
Killer Intelligence Center -> C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_3.1322.1109.0_x64__rh07ty8m5nkag [2023-02-04] (Rivet Networks LLC) [Startup Task]
Media Suite Essentials for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.MediaSuiteEssentialsforDell_2.6.4028.0_x86__mcezb6ze687jp [2020-01-21] (CYBERLINK CORPORATION.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-29] (Microsoft Corporation) [MS Ad]
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.3005.0_x64__8wekyb3d8bbwe [2023-03-18] (Microsoft Corporation)
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-05-03] (Microsoft Corporation)
My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_2.2.4.0_x64__htrsf667h5kn2 [2023-02-22] (Dell Inc)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-15] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-03-09] (NVIDIA Corp.)
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-12-19] (Microsoft Corporation)
Power Media Player BD for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerMediaPlayerBDforDell_14.2.4925.0_x86__mcezb6ze687jp [2022-08-12] (CYBERLINK CORPORATION.)
Power2Go for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.Power2GoforDell_11.0.3920.0_x86__mcezb6ze687jp [2020-01-21] (CYBERLINK CORPORATION.) [Startup Task]
PowerDirector for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerDirectorforDell_15.0.4409.0_x64__mcezb6ze687jp [2020-01-29] (CYBERLINK CORPORATION.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-03-23] (Microsoft Studios) [MS Ad]
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x64__8wekyb3d8bbwe [2023-02-28] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x86__8wekyb3d8bbwe [2023-02-28] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3409315567-1698705800-1941238463-1001_Classes\CLSID\{1019ADC7-17CB-4489-AFD5-6642C7400ACE}\localserver32 -> C:\Users\wayne\AppData\Local\Webex\Webex\Applications\ptOIEx64.exe (Cisco WebEx LLC -> Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-3409315567-1698705800-1941238463-1001_Classes\CLSID\{32E26FD9-F435-4A20-A561-35D4B987CFDC}\InprocServer32 -> C:\Users\wayne\AppData\Local\WebEx\WebEx64\Meetings\atucfobj.dll (Cisco WebEx LLC -> Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-3409315567-1698705800-1941238463-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
CustomCLSID: HKU\S-1-5-21-3409315567-1698705800-1941238463-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\wayne\Dropbox [2020-02-15 12:59]
ShellIconOverlayIdentifiers: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2023-02-06] (Carbonite, Inc.) [File not signed]
ShellIconOverlayIdentifiers: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2023-02-06] (Carbonite, Inc.) [File not signed]
ShellIconOverlayIdentifiers: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2023-02-06] (Carbonite, Inc.) [File not signed]
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_357b728ba88fb99a\OptaneShellExt.dll [2022-12-18] (Intel Corporation -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2023-02-06] (Carbonite, Inc.) [File not signed]
ShellIconOverlayIdentifiers-x32: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2023-02-06] (Carbonite, Inc.) [File not signed]
ShellIconOverlayIdentifiers-x32: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2023-02-06] (Carbonite, Inc.) [File not signed]
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Carbonite] -> {FE8BD682-9A64-4740-A92B-EE7E5F7FA0A5} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2023-02-06] (Carbonite, Inc.) [File not signed]
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers2: [Carbonite] -> {FE8BD682-9A64-4740-A92B-EE7E5F7FA0A5} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2023-02-06] (Carbonite, Inc.) [File not signed]
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_357b728ba88fb99a\OptaneShellExt.dll [2022-12-18] (Intel Corporation -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [Carbonite] -> {FE8BD682-9A64-4740-A92B-EE7E5F7FA0A5} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2023-02-06] (Carbonite, Inc.) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvdd.inf_amd64_490aa6d1fd969a51\nvshext.dll [2023-01-15] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\wayne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDFab 12 (x64)\DVDFab 12 Online.lnk -> hxxp://www.dvdfab.cn/?s=dvdfab12&v=12.0.3.
Shortcut: C:\Users\wayne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDFab 12\DVDFab 12 Online.lnk -> hxxp://www.dvdfab.cn/?s=dvdfab12&v=12.0.1.
Shortcut: C:\Users\wayne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDFab 11 (x64)\DVDFab Online.lnk -> hxxp://www.dvdfab.cn/?s=dvdfab11&p=x64&v=11.0.7.
Shortcut: C:\Users\wayne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDFab 11\DVDFab Online.lnk -> hxxp://www.dvdfab.cn/?s=dvdfab11&v=11.0.7.
Shortcut: C:\Users\wayne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDFab 10\DVDFab Online.lnk -> hxxp://www.dvdfab.cn/?s=dvdfab10&v=10.0.7.
ShortcutWithArgument: C:\Users\wayne\Desktop\Person 1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
==================== Loaded Modules (Whitelisted) =============
2020-02-18 18:00 - 2009-02-27 17:38 - 000139264 ____R () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2020-02-18 18:00 - 2012-09-06 22:02 - 000978944 ____N () [File not signed] C:\Program Files (x86)\ControlCenter4\BrImgProc.dll
2020-02-18 18:00 - 2008-08-18 19:27 - 000122880 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\brlmw03a.dll
2020-02-18 18:00 - 2012-04-23 16:03 - 000380928 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrMonitor.dll
2020-02-18 18:00 - 2012-09-06 22:02 - 000155648 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2020-02-18 18:00 - 2012-07-06 14:33 - 000098304 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2020-02-18 18:00 - 2012-09-06 22:02 - 000131072 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcFcnv.dll
2020-02-18 18:00 - 2012-07-06 14:33 - 017694720 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
2020-02-18 18:00 - 2012-07-17 14:36 - 000090112 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcLUsa.dll
2020-02-18 18:00 - 2012-09-06 22:02 - 000098304 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcSmon.dll
2020-02-18 18:00 - 2012-09-14 09:53 - 000241664 ____R (Brother Industries,LTD.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrImageConversion.dll
2020-02-18 18:00 - 2012-09-14 09:53 - 000098304 ____R (Brother Industries,LTD.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrImgPdf.dll
2020-02-18 18:00 - 2012-09-14 09:53 - 000118784 ____R (Brother Industries,LTD.) [File not signed] C:\Program Files (x86)\ControlCenter4\brTPGSplash.dll
2023-02-06 11:46 - 2023-02-06 11:46 - 002637824 ____R (Carbonite, Inc.) [File not signed] C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll
2023-02-06 11:37 - 2023-02-06 11:37 - 002634240 ____R (Carbonite, Inc.) [File not signed] C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll
2022-07-19 04:28 - 2022-07-15 10:00 - 000094720 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2020-11-11 07:30 - 2020-11-11 07:30 - 000065536 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.6195_none_3b1209fdc9ac7774\vcomp.dll
2018-03-08 07:18 - 2018-03-08 07:18 - 000015360 _____ (NHibernate community) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Iesi.Collections.dll
2020-11-11 20:57 - 2020-11-11 20:57 - 000537088 _____ (NHibernate.info) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\FluentNHibernate.dll
2022-11-07 13:53 - 2022-11-07 13:53 - 001548800 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Dell Digital Delivery Services\SQLite.Interop.dll
2018-02-06 17:25 - 2018-02-06 17:25 - 000176640 _____ (rubicon IT GmbH) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Remotion.Linq.dll
2018-03-23 12:10 - 2018-03-23 12:10 - 000028160 _____ (rubicon IT GmbH) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Remotion.Linq.EagerFetching.dll
2021-02-17 04:19 - 2021-02-17 04:19 - 000124928 _____ (Stateless Contributors) [File not signed] [File is in use] C:\Program Files\Dell\SupportAssistAgent\bin\stateless.dll
2021-12-17 05:45 - 2021-12-17 05:45 - 000258048 _____ (The Apache Software Foundation) [File not signed] [File is in use] C:\Program Files\Dell\SupportAssistAgent\bin\log4net.dll
2016-12-18 08:55 - 2016-12-18 08:55 - 000097280 _____ (Tunnel Vision Laboratories, LLC) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Antlr3.Runtime.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
SearchScopes: HKU\S-1-5-21-3409315567-1698705800-1941238463-1001 -> DefaultScope {567FB402-7351-428E-B932-86AAF28B5D92} URL =
SearchScopes: HKU\S-1-5-21-3409315567-1698705800-1941238463-1001 -> {567FB402-7351-428E-B932-86AAF28B5D92} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2022-02-25] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation) [File not signed]
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2022-02-25] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2020-02-18] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 00:49 - 2019-03-19 00:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3409315567-1698705800-1941238463-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\wayne\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-3409315567-1698705800-1941238463-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\dell\Wallpaper_Pirelli_FINAL.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: Dell Digital Delivery Services => 2
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MozillaMaintenance => 3
HKLM\...\StartupApproved\Run: => "DellMobileConnectWelcome"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "PPort12reminder"
HKLM\...\StartupApproved\Run32: => "PDFHook"
HKLM\...\StartupApproved\Run32: => "PDF5 Registry Controller"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "IndexSearch"
HKLM\...\StartupApproved\Run32: => "PaperPort PTD"
HKU\S-1-5-21-3409315567-1698705800-1941238463-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3409315567-1698705800-1941238463-1001\...\StartupApproved\Run: => "ISUSPM"
HKU\S-1-5-21-3409315567-1698705800-1941238463-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{ABAFCEF4-D5B8-4841-91FD-594836AAA911}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{C27BA65C-082A-4648-B746-6760978DB627}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{716465BB-737A-424F-B360-620A7BA977E5}C:\program files (x86)\dvdfab 11\dvdfab.exe] => (Block) C:\program files (x86)\dvdfab 11\dvdfab.exe (DVDFab Software Inc. -> DVDFab.cn)
FirewallRules: [TCP Query User{4499AC90-EB78-4C7C-80B9-E52C4DF2932C}C:\program files (x86)\dvdfab 11\dvdfab.exe] => (Block) C:\program files (x86)\dvdfab 11\dvdfab.exe (DVDFab Software Inc. -> DVDFab.cn)
FirewallRules: [{CAFE1EFD-292A-42F5-A63E-70266F60573E}] => (Allow) C:\Users\wayne\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{C022A039-75A4-44F0-AF22-073FD38D4964}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5D49E3C1-130C-450A-AE93-3C30AECB6CA2}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7C851C40-79B4-419B-87CC-AFB7A8F9E1CE}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5903190A-ACF9-443B-BCE0-07B32E3EE021}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9C4111EF-79F3-416F-A612-69F84821B889}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{445DA287-03F7-4E7D-8768-511EF6E7C9BA}] => (Block) C:\program files\dvdfab 11\dvdfab64.exe (DVDFab Software Inc. -> DVDFab.cn)
FirewallRules: [{AD838F69-5FB8-4E9E-BE13-C1418F0DD9B5}] => (Block) C:\program files\dvdfab 11\dvdfab64.exe (DVDFab Software Inc. -> DVDFab.cn)
FirewallRules: [UDP Query User{E9AAFBC5-36F5-47CE-BA72-32DEE359BEAF}C:\program files\dvdfab 11\dvdfab64.exe] => (Allow) C:\program files\dvdfab 11\dvdfab64.exe (DVDFab Software Inc. -> DVDFab.cn)
FirewallRules: [TCP Query User{9CDE440C-303F-491C-AFC8-97519384F3EE}C:\program files\dvdfab 11\dvdfab64.exe] => (Allow) C:\program files\dvdfab 11\dvdfab64.exe (DVDFab Software Inc. -> DVDFab.cn)
FirewallRules: [{D4637D4B-64C8-42C7-924D-4CAC8EDB60A4}] => (Block) C:\program files (x86)\dvdfab 10\dvdfab.exe (Fengtao Software Inc. -> FengTao Software Inc.)
FirewallRules: [{F28EFF21-74B5-48FB-A9C3-C25926E802D2}] => (Block) C:\program files (x86)\dvdfab 10\dvdfab.exe (Fengtao Software Inc. -> FengTao Software Inc.)
FirewallRules: [UDP Query User{01887366-C234-4D08-A874-07B9513DB42C}C:\program files (x86)\dvdfab 10\dvdfab.exe] => (Allow) C:\program files (x86)\dvdfab 10\dvdfab.exe (Fengtao Software Inc. -> FengTao Software Inc.)
FirewallRules: [TCP Query User{757C81CE-1816-4F5A-9245-529B4774E715}C:\program files (x86)\dvdfab 10\dvdfab.exe] => (Allow) C:\program files (x86)\dvdfab 10\dvdfab.exe (Fengtao Software Inc. -> FengTao Software Inc.)
FirewallRules: [{B285C607-00F3-486C-895C-DB58BC360FF2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{87078510-5B1C-49B9-BF17-8125E7E0C0E8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{ED376061-DEB0-4728-8D93-E3B898441100}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D6F3CE99-A92D-4DDA-A387-F21269C164F0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4A4BB1AB-B878-4DFE-8C16-61C8414418D7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{32E13F20-F0FE-4625-8D31-714617459C32}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1FE05F2C-7449-4994-B274-885F776CD6F7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5E4DC7AB-537A-4B4E-8175-7579743BAEF4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0870EC10-C374-4F06-9EB9-8255EB8871C4}] => (Allow) C:\Program Files\ATOMI\ActivePresenter\ActivePresenter.exe (ATOMI SYSTEMS, INC. -> Atomi Systems, Inc.)
FirewallRules: [{232FCB41-F5A6-4E03-A34C-DB6A2A671E15}] => (Allow) C:\Program Files\ATOMI\ActivePresenter\rlactivator.exe (ATOMI SYSTEMS, INC. -> Atomi Systems, Inc.)
FirewallRules: [TCP Query User{5F187C4D-F84F-419C-99C5-68DA8F141B29}C:\program files (x86)\dvdfab\dvdfab 12\dvdfab.exe] => (Allow) C:\program files (x86)\dvdfab\dvdfab 12\dvdfab.exe (DVDFab Software Inc. -> DVDFab.cn)
FirewallRules: [UDP Query User{1924F58E-9E41-4100-8355-33FC0D6DF428}C:\program files (x86)\dvdfab\dvdfab 12\dvdfab.exe] => (Allow) C:\program files (x86)\dvdfab\dvdfab 12\dvdfab.exe (DVDFab Software Inc. -> DVDFab.cn)
FirewallRules: [{3C6C69C4-A28F-4ABD-998C-E5E0D534667C}] => (Block) C:\program files (x86)\dvdfab\dvdfab 12\dvdfab.exe (DVDFab Software Inc. -> DVDFab.cn)
FirewallRules: [{15A31A6E-1EC2-4391-A603-09DB71B5647B}] => (Block) C:\program files (x86)\dvdfab\dvdfab 12\dvdfab.exe (DVDFab Software Inc. -> DVDFab.cn)
FirewallRules: [TCP Query User{E95E5238-DC96-45BD-96F5-0D385009F5E5}C:\program files\dvdfab\dvdfab 12\dvdfab64.exe] => (Allow) C:\program files\dvdfab\dvdfab 12\dvdfab64.exe (DVDFab Software Inc. -> DVDFab.cn)
FirewallRules: [UDP Query User{939D2799-E40A-4112-A47A-EB85059374AA}C:\program files\dvdfab\dvdfab 12\dvdfab64.exe] => (Allow) C:\program files\dvdfab\dvdfab 12\dvdfab64.exe (DVDFab Software Inc. -> DVDFab.cn)
FirewallRules: [{99CFE9AC-63C1-4B52-85AA-DFD712D08442}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.) [File not signed]
FirewallRules: [{B598E91F-7F2F-4BE7-8916-FAE965B9D6AA}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.) [File not signed]
FirewallRules: [{36FD7BEE-C20B-4A5F-96B9-3E73D5ED2821}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{420886DB-30BD-4CC0-A94B-0C3BBF9D7B13}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{02182B30-0842-437C-A3E5-56932DCFD7BB}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D4871460-B4AB-4D8F-AF16-21AED44C799E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3EDEE9F9-5D78-42FD-A431-E32BD8B7DFAA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{05E40FE8-E05E-444B-929E-C5CE6851959E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9366718C-A5FB-4E92-B134-7B4C03E64BF6}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{437BCAAC-2E29-455D-AD26-5E8A6DE43270}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4DEFBC45-9AE8-4865-88C8-B1EA4B72E402}] => (Allow) C:\Program Files (x86)\TurboTax\Individual 2022\32bit\CefSharp.BrowserSubprocess.exe (INTUIT INC. -> The CefSharp Authors)
FirewallRules: [{6B80D256-AFDA-43B4-81F2-8507F122809D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{A1C153A2-46F0-4687-B628-1412619411D8}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe (Intuit ESD Test Certificate -> Intuit Inc.) [File not signed]
FirewallRules: [{455CCD8D-FDBC-4C88-B18C-8A20AA7781E4}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit ESD Test Certificate -> Intuit Inc.) [File not signed]
FirewallRules: [{4B6EC10E-7AD1-4F9D-BCAB-2CDCB8C5F780}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit ESD Test Certificate -> Intuit Inc.) [File not signed]
FirewallRules: [{A6D6CDF9-A7BF-48B7-B851-28FA7A7249BE}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit ESD Test Certificate -> Intuit Inc.) [File not signed]
FirewallRules: [{CDF11AB7-0DA0-4FA4-AAEA-BB8AA454F304}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit ESD Test Certificate -> Intuit Inc.) [File not signed]
FirewallRules: [{FAB73622-99B6-4E2B-A75D-A1C2CDBBEFBC}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit ESD Test Certificate -> Intuit Inc.) [File not signed]
FirewallRules: [{0584E855-449D-4029-B649-9AC56568A870}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\111.0.1661.44\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7A71650E-33AD-4637-BBC6-B04AC89F038C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.95.3409.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6BB77CD3-3CC7-449C-97DD-9124C9D3C1BE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.95.3409.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F58431D5-5006-42F0-B7E7-52DF0EE23C9F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.95.3409.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1FE72531-805C-4E94-B6A8-56CFC5C44A2E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.95.3409.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F3563C0E-5C63-4285-81FD-CCD3B512BF33}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
23-03-2023 09:48:16 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/23/2023 09:18:40 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {f342c4f9-6528-429e-abbd-3e74c951723e}
Error: (03/23/2023 09:05:44 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {f342c4f9-6528-429e-abbd-3e74c951723e}
Error: (03/23/2023 03:04:42 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {f342c4f9-6528-429e-abbd-3e74c951723e}
Error: (03/23/2023 02:41:09 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {f342c4f9-6528-429e-abbd-3e74c951723e}
Error: (03/22/2023 08:39:47 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {f342c4f9-6528-429e-abbd-3e74c951723e}
Error: (03/22/2023 08:29:06 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {f342c4f9-6528-429e-abbd-3e74c951723e}
Error: (03/22/2023 02:28:16 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {f342c4f9-6528-429e-abbd-3e74c951723e}
Error: (03/22/2023 02:16:58 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {f342c4f9-6528-429e-abbd-3e74c951723e}
System errors:
=============
Error: (03/23/2023 07:07:18 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The CarboniteService service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (03/21/2023 10:17:24 AM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.
Error: (03/21/2023 12:07:23 AM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Filter Manager failed to attach to volume '\Device\HarddiskVolume20'. This volume will be unavailable for filtering until a reboot. The final status was 0xc03a001c.
Error: (03/21/2023 12:07:23 AM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Filter Manager failed to attach to volume '\Device\HarddiskVolume20'. This volume will be unavailable for filtering until a reboot. The final status was 0xc03a001c.
Error: (03/21/2023 12:07:23 AM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Filter Manager failed to attach to volume '\Device\HarddiskVolume19'. This volume will be unavailable for filtering until a reboot. The final status was 0xc03a001c.
Error: (03/17/2023 02:56:32 AM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.
Error: (03/16/2023 09:32:21 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (60000 milliseconds) while waiting for the Intel® TPM Provisioning Service service to connect.
Error: (03/13/2023 11:56:24 PM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Filter Manager failed to attach to volume '\Device\HarddiskVolume21'. This volume will be unavailable for filtering until a reboot. The final status was 0xc03a001c.
Windows Defender:
================
Date: 2023-03-22 20:08:07
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-03-21 18:31:50
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-03-20 18:32:14
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-03-19 18:38:13
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-03-18 19:32:21
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
CodeIntegrity:
===============
Date: 2023-02-04 05:30:23
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a34e85e556ccdec6\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. 1.1.24 07/08/2022
Motherboard: Dell Inc. 0T2HR0
Processor: Intel® Core i7-9700 CPU @ 3.00GHz
Percentage of memory in use: 93%
Total physical RAM: 7997.3 MB
Available physical RAM: 524.11 MB
Total Virtual: 18237.3 MB
Available Virtual: 5073.84 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:935.75 GB) (Free:536.9 GB) (Model: PM981a NVMe Samsung 1024GB) NTFS
Drive f: (HP v125w) (Removable) (Total:3.72 GB) (Free:0.96 GB) FAT32
\\?\Volume{40ffad9e-bd22-4251-a8c5-3a46cd3935d3}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.54 GB) NTFS
\\?\Volume{2a0da642-e616-4454-b1aa-3b3ae047c2a2}\ (Image) (Fixed) (Total:14.96 GB) (Free:0.13 GB) NTFS
\\?\Volume{15f465d2-2544-4665-ac5d-56fba0ce1f79}\ (DELLSUPPORT) (Fixed) (Total:1.42 GB) (Free:0.6 GB) NTFS
\\?\Volume{0219a2a5-c34f-4ab6-848a-b021b5b7ae45}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.55 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 953.9 GB) (Disk ID: 7D48CA73)
Partition: GPT.
==========================================================
Disk: 2 (Size: 3.7 GB) (Disk ID: 0CA921CF)
Partition 1: (Not Active) - (Size=3.7 GB) - (Type=FAT32)
==================== End of Addition.txt =======================
Edited by wayneman50, 25 March 2023 - 12:14 PM.