When I turned off my computer last night, everything was fine. Today, the screen is tinted blue and the computer is running much more slowly than normal. I have tried several fixes to no avail (check to make sure night light is not on, check for updated drivers).
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-05-2023
Ran by jhauk (administrator) on DESKTOP-6JBP3L9 (Dell Inc. Inspiron 3670) (20-05-2023 11:32:23)
Running from C:\Users\jhauk\Desktop\FRST64.exe
Loaded Profiles: jhauk
Platform: Microsoft Windows 11 Home Version 22H2 22621.1702 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe <2>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.11600.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\113.0.1774.42\msedgewebview2.exe <6>
(C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe ->) (Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\laclient.exe
(C:\Users\jhauk\AppData\Local\WebEx\WebexHost.exe ->) (Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\jhauk\AppData\Local\WebEx\WebEx64\Meetings\atmgr.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(explorer.exe ->) (Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\jhauk\AppData\Local\WebEx\WebexHost.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\74.0.3.0\crashpad_handler.exe <2>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\74.0.3.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <16>
(Pro Softnet Corporation -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_bglaunch.exe
(Pro Softnet Corporation -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_tray.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(services.exe ->) (Dell Inc -> Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9cf4db1a1fd1b22d\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ffb22091d2be88a5\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ffb22091d2be88a5\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_component.inf_amd64_0219cc1c7085a93f\igfxCUIService.exe
(services.exe ->) (Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel® Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_9c788f1d162b1224\RstMwService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\NisSrv.exe
(services.exe ->) (PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe
(services.exe ->) (Pro Softnet Corporation -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_service.exe
(services.exe ->) (Qualcomm Atheros -> Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_18c775e07a6aaafd\RtkAudUService64.exe <3>
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_444d52e511fbcc11\WavesSysSvc64.exe
(services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.StorePurchaseApp_12301.1401.8.0_x64__8wekyb3d8bbwe\StoreExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.11600.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_18c775e07a6aaafd\RtkAudUService64.exe [1257032 2021-04-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [DellMobileConnectWelcome] => C:\Program Files\Dell\DellMobileConnectDrivers\DellMobileConnectWStartup.exe [313064 2018-10-05] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [320056 2019-12-10] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1668000 2021-06-09] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_444d52e511fbcc11\WavesSvc64.exe [1237696 2020-12-06] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM-x32\...\Run: [IDrive Background process] => C:\Program Files (x86)\IDriveWindows\id_bglaunch.exe [78176 2020-02-18] (Pro Softnet Corporation -> Prosoftnet)
HKLM-x32\...\Run: [IDrive Tray] => C:\Program Files (x86)\IDriveWindows\id_tray.exe [1977696 2020-02-18] (Pro Softnet Corporation -> Prosoftnet)
HKLM-x32\...\Run: [uupdate] => C:\ProgramData\wDcLibs\uhelper.exe [512280 2019-11-28] (Shenzhen Yi Xing Investment Co., Ltd. -> )
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [271496 2017-11-02] (Canon Inc. -> CANON INC.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\74.0.3.0\GoogleDriveFS.exe [53339416 2023-05-02] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\74.0.3.0\GoogleDriveFS.exe [53339416 2023-05-02] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\74.0.3.0\GoogleDriveFS.exe [53339416 2023-05-02] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4362600 2023-03-24] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\Run: [Amazon Music Helper] => C:\Users\jhauk\AppData\Local\Amazon Music\Amazon Music Helper.exe [2361288 2022-06-06] (Amazon.com Services LLC -> Amazon.com Services LLC)
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\Run: [Amazon Music] => C:\Users\jhauk\AppData\Local\Amazon Music\Amazon Music.exe [21368776 2022-06-06] (Amazon.com Services LLC -> Amazon.com Services LLC)
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\jhauk\AppData\Local\WebEx\WebexHost.exe [8045664 2023-05-10] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\Run: [MicrosoftEdgeAutoLaunch_C3B4745A586F470C4B29567DA633CD3C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4152256 2023-05-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\74.0.3.0\GoogleDriveFS.exe [53339416 2023-05-02] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\BJ Print Processor4: C:\Windows\System32\spool\prtprocs\x64\CNBPP4.DLL [84992 2011-08-30] (CANON INC.) [File not signed]
HKLM\...\Windows x64\Print Processors\Canon MP970 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD91.DLL [27648 2007-05-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon TS8300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDFT.DLL [529408 2020-06-21] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\BJ Language Monitor4: C:\WINDOWS\system32\CNBLM4.DLL [267776 2011-08-30] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP970 series: C:\WINDOWS\system32\CNMLM91.DLL [258560 2007-05-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS8300 series: C:\WINDOWS\system32\CNMLMFT.DLL [959488 2020-06-21] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [252416 2012-08-30] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\113.0.5672.127\Installer\chrmstp.exe [2023-05-19] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NotificationTool.lnk [2020-02-13]
ShortcutTarget: NotificationTool.lnk -> C:\Program Files (x86)\Canon\hdAlbum EZ\NotificationTool.exe (Canon Inc. -> CANON INC.)
Startup: C:\Users\jhauk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\firefox.exe - Shortcut.lnk [2019-10-12]
ShortcutTarget: firefox.exe - Shortcut.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01809A38-6C7B-4607-8427-F70DE2A0A5EC} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => C:\WINDOWS\system32\MusNotification.exeDisplay
Task: {0E93E620-1151-49DF-89C0-0D9AC719D645} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [190816 2023-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {155C3E5D-0899-4636-B4E4-9C556E2E219A} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-05-13] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {17E8DDD8-5EA1-4CAB-B807-3F900DFED355} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1C29836D-4150-4C72-A134-BF7A2A93C83A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe/RunOnBattery RebootDialog
Task: {4C26AFD1-5C37-4F8A-BC2C-27E939578E35} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-18] (Google Inc -> Google Inc.)
Task: {5A69FBB8-C69A-49D9-A082-97D43B2DA71A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5F97EC5D-EDA7-4A3F-AD6B-33804542FF75} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\WINDOWS\system32\MusNotification.exeForcedRebootRetry
Task: {74B6C171-B9DF-492B-B1C9-4E2899D30A94} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [157664 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {852C9880-83E8-4533-8B9E-420D084BA3C6} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe/RunOnAC RebootDialog
Task: {8DEBA668-6629-463E-84B8-5019D86E4222} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26513416 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {A4674491-08A6-47BE-BA58-3332619D9FCC} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [157664 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {AD090A67-FCEE-4915-8E84-FAC4933A7E0C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {ADDE2C7E-0006-4546-938F-6B890BF92244} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\Explorer.exe [5067224 2023-05-10] (Microsoft Windows -> Microsoft Corporation)
Task: {CB49F8DA-8115-4736-A6CC-BE1E12E23A4E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
Task: {EDFF0B54-722B-4DB3-93E5-B0A4BC32CA25} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [964632 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4B6147B-D8A5-4D58-AF10-9BFBD26B64A7} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [732064 2023-05-13] (Mozilla Corporation -> Mozilla Foundation)
Task: {F837346F-C0BF-4F9C-AF0F-8F717B9AB619} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26513416 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {FCA6206D-B840-474E-8114-64E82E20DEBF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-18] (Google Inc -> Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{e6d416ea-722e-4537-9bf4-49c06dbe3514}: [DhcpNameServer] 192.168.1.254
Edge:
=======
DownloadDir: C:\Users\jhauk\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\jhauk\AppData\Local\Microsoft\Edge\User Data\Default [2023-05-20]
Edge DownloadDir: Default -> C:\Users\jhauk\Desktop
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\jhauk\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2023-04-30]
Edge Extension: (Edge relevant text changes) - C:\Users\jhauk\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-24]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: ou4ydgfb.default-1553941110074
FF ProfilePath: C:\Users\jhauk\AppData\Roaming\Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074 [2023-05-20]
FF DownloadDir: C:\Users\jhauk\Desktop
FF Homepage: Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074 -> hxxps://www.facebook.com/|hxxps://mail.google.com/mail/u/0/?ui=2#inbox|hxxps://calendar.google.com/calendar/u/0/r/day?tab=mc
FF Notifications: Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074 -> hxxps://www.facebook.com; hxxps://usa.life; hxxps://mail.google.com
FF Extension: (Activist – Soft) - C:\Users\jhauk\AppData\Roaming\Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074\Extensions\[email protected] [2023-03-15]
FF Extension: (F.B Purity - Cleans up Facebook) - C:\Users\jhauk\AppData\Roaming\Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074\Extensions\[email protected] [2023-05-19] [UpdateUrl:hxxps://www.fbpurity.com/FF-FBP-Ext-Updates.json]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\jhauk\AppData\Roaming\Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074\Extensions\[email protected] [2023-05-16]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\jhauk\AppData\Roaming\Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2023-05-15]
FF Extension: (Zoom Scheduler) - C:\Users\jhauk\AppData\Roaming\Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074\Extensions\{bf855ead-d7c3-4c7b-9f88-9a7e75c0efdf}.xpi [2023-04-27]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-05-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2015-10-29] (CANON INC.) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default [2023-05-20]
CHR DownloadDir: C:\Users\jhauk\Desktop
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-04-26]
CHR Extension: (Google Docs Offline) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-20]
CHR Extension: (Mountain River) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\hldnnpdpbcplkacehcbafmncblojlead [2020-05-19]
CHR Extension: (Fluff Busting Purity) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkinhboiljjkhaknpaeaicmdjhagpep [2023-05-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-28]
CHR Profile: C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-02-16]
CHR Profile: C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-02-16]
CHR Extension: (Slides) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-01-21]
CHR Extension: (Docs) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2022-01-21]
CHR Extension: (Google Drive) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-01-21]
CHR Extension: (YouTube) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-01-21]
CHR Extension: (Sheets) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-01-21]
CHR Extension: (Google Docs Offline) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-02-25]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-02-25]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-01-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-21]
CHR Extension: (Gmail) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-01-21]
CHR Profile: C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\System Profile [2023-02-16]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11749376 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [426528 2021-07-13] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3834400 2021-07-13] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [452640 2021-07-13] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe [1020584 2021-07-05] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [47320 2022-10-29] (Dell Inc -> )
R2 IDriveService; C:\Program Files (x86)\IDriveWindows\id_service.exe [334688 2020-02-18] (Pro Softnet Corporation -> Prosoftnet)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [443344 2020-05-25] (Canon Inc. -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9246536 2023-05-19] (Malwarebytes Inc. -> Malwarebytes)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39968 2021-07-17] (Dell Inc -> Dell Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\NisSrv.exe [3216064 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe [133544 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\TunesGo\DriverInstall.exe [107624 2018-12-13] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
S3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [42376 2020-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
R1 googledrivefs31092; C:\WINDOWS\System32\DRIVERS\googledrivefs31092.sys [384600 2023-02-08] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-05-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-02-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsl280d858d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9E3CB67C-37A4-4927-B172-62E8C3F8C22A}\MpKslDrv.sys [212264 2023-05-20] (Microsoft Windows -> Microsoft Corporation)
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [27744 2021-03-09] (Daniel Terhell -> Resplendence Software Projects Sp.)
R3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2023-05-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [498944 2023-05-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99608 2023-05-03] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-05-20 11:32 - 2023-05-20 11:36 - 000030168 _____ C:\Users\jhauk\Desktop\FRST.txt
2023-05-20 11:32 - 2023-05-20 11:32 - 002382336 _____ (Farbar) C:\Users\jhauk\Desktop\FRST64.exe
2023-05-20 11:32 - 2023-05-20 11:32 - 000000000 ____D C:\Users\jhauk\Desktop\FRST-OlderVersion
2023-05-20 11:31 - 2023-05-20 11:35 - 000000000 ____D C:\FRST
2023-05-20 08:44 - 2023-05-20 08:44 - 000000000 ____D C:\WINDOWS\Firmware
2023-05-17 14:32 - 2023-05-17 14:32 - 000199469 _____ C:\Users\jhauk\Desktop\MuseScore 3 Shortcuts - Letter.pdf
2023-05-13 07:25 - 2023-05-20 07:12 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-05-10 02:57 - 2023-05-10 02:57 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-05-10 02:57 - 2023-05-10 02:57 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-05-10 02:57 - 2023-05-10 02:57 - 000002065 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-05-10 00:14 - 2023-05-10 00:14 - 000000000 ___HD C:\$WinREAgent
2023-05-02 03:13 - 2023-05-02 03:13 - 011151129 _____ C:\Users\jhauk\Documents\FUNK (2023-05-02).rmgb
2023-05-02 03:13 - 2023-05-02 03:13 - 001159141 _____ C:\Users\jhauk\Documents\aukerman20190730 (2023-05-02).rmgb
2023-05-01 07:37 - 2023-05-20 11:21 - 000000000 ____D C:\Users\jhauk\AppData\Local\Malwarebytes
2023-05-01 00:26 - 2023-05-01 00:26 - 011151053 _____ C:\Users\jhauk\Documents\FUNK (2023-05-01).rmgb
2023-05-01 00:26 - 2023-05-01 00:26 - 001158353 _____ C:\Users\jhauk\Documents\aukerman20190730 (2023-05-01).rmgb
2023-04-30 01:57 - 2023-04-30 01:57 - 011151054 _____ C:\Users\jhauk\Documents\FUNK (2023-04-30).rmgb
2023-04-25 02:20 - 2023-04-25 02:20 - 011150142 _____ C:\Users\jhauk\Documents\FUNK (2023-04-25).rmgb
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-05-20 11:36 - 2019-03-18 10:16 - 000000000 ____D C:\ProgramData\IDrive
2023-05-20 11:30 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-05-20 11:26 - 2019-03-18 09:34 - 000000000 ____D C:\Program Files (x86)\Google
2023-05-20 11:25 - 2023-02-18 17:35 - 000852164 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-05-20 11:25 - 2022-05-07 01:22 - 000000000 ____D C:\WINDOWS\INF
2023-05-20 11:23 - 2022-02-09 23:17 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-05-20 11:22 - 2019-03-18 09:23 - 000000000 ___SD C:\Users\jhauk\AppData\Roaming\Microsoft\Credentials
2023-05-20 11:21 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-05-20 11:21 - 2022-05-07 01:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-05-20 11:18 - 2023-02-18 18:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-05-20 11:18 - 2023-02-18 17:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-05-20 11:18 - 2022-05-07 01:24 - 000000000 ___HD C:\Program Files\WindowsApps.tmp
2023-05-20 11:18 - 2020-08-05 02:33 - 000012288 ___SH C:\DumpStack.log.tmp
2023-05-20 09:37 - 2022-05-07 01:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-05-20 09:11 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\registration
2023-05-20 09:04 - 2020-06-20 06:07 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-05-20 09:02 - 2022-05-07 01:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-05-20 08:45 - 2022-05-07 01:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-05-20 07:56 - 2023-01-25 07:38 - 000000000 ____D C:\Users\jhauk\AppData\Local\WebEx
2023-05-20 07:12 - 2019-03-18 09:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-05-20 02:06 - 2020-06-08 06:52 - 000000000 ____D C:\Users\jhauk\Documents\Outlook Files
2023-05-20 02:06 - 2019-03-18 18:50 - 000000000 ____D C:\Users\jhauk\Documents\Bren
2023-05-20 02:05 - 2019-04-03 00:54 - 000000000 ____D C:\Users\jhauk\AppData\Roaming\Microsoft\Excel
2023-05-19 18:27 - 2019-03-18 12:25 - 000000000 ____D C:\Users\jhauk\AppData\Local\D3DSCache
2023-05-19 17:52 - 2022-05-10 17:14 - 000000000 ____D C:\Program Files (x86)\Steam
2023-05-19 01:24 - 2019-04-03 00:42 - 000000000 ____D C:\Users\jhauk\AppData\Roaming\Microsoft\Word
2023-05-19 00:24 - 2020-02-13 14:56 - 000000000 ____D C:\ProgramData\CanonIJPLM
2023-05-19 00:13 - 2019-03-18 09:35 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-05-17 13:46 - 2023-02-18 18:00 - 000003714 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-05-17 13:46 - 2023-02-18 18:00 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-05-17 00:29 - 2019-03-18 09:30 - 000000000 ____D C:\ProgramData\Packages
2023-05-14 07:24 - 2019-04-02 08:43 - 000000000 ____D C:\Program Files\Microsoft Office
2023-05-13 15:29 - 2019-03-18 09:43 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-05-12 19:58 - 2023-02-18 18:00 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-05-12 19:58 - 2023-02-18 18:00 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-05-12 09:18 - 2019-03-18 09:26 - 000000000 ____D C:\Users\jhauk\AppData\Local\Packages
2023-05-12 03:30 - 2019-03-18 10:23 - 000000000 ____D C:\Users\jhauk\Desktop\Brenda
2023-05-10 08:37 - 2019-03-19 05:21 - 000000000 ____D C:\Users\Aukerman\Desktop\John
2023-05-10 08:37 - 2019-03-18 18:57 - 000000000 ____D C:\Users\jhauk\Desktop\John
2023-05-10 04:12 - 2021-08-16 14:32 - 000000000 ____D C:\Users\jhauk\AppData\LocalLow\IGDump
2023-05-10 03:32 - 2023-02-18 17:28 - 000542744 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-05-10 03:28 - 2022-05-07 01:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-05-10 03:28 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\UUS
2023-05-10 03:28 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-05-10 03:28 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-05-10 03:28 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\SystemResources
2023-05-10 03:28 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-05-10 03:28 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-05-10 03:28 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-05-10 03:28 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2023-05-10 03:28 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\setup
2023-05-10 03:28 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-05-10 03:28 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-05-10 03:28 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-05-10 03:28 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-05-10 03:27 - 2022-05-07 01:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-05-10 03:27 - 2022-05-07 01:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-05-10 03:27 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-05-10 03:27 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-05-10 03:27 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\Provisioning
2023-05-10 03:27 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-05-10 03:27 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-05-10 02:40 - 2019-03-19 06:00 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-05-10 02:37 - 2019-03-19 06:00 - 159583304 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-05-10 00:35 - 2023-02-18 17:33 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-05-04 03:53 - 2019-04-02 23:10 - 000000000 ____D C:\Users\jhauk\AppData\Roaming\Microsoft\Office
2023-05-04 00:10 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2023-05-03 07:26 - 2021-01-22 07:13 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-05-03 00:11 - 2018-11-21 03:18 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-05-02 15:45 - 2021-02-03 14:32 - 000002063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2023-05-02 03:13 - 2019-07-30 07:16 - 004664320 _____ C:\Users\jhauk\Documents\aukerman20190730.rmgc
2023-05-02 03:13 - 2019-04-08 06:46 - 041019392 _____ C:\Users\jhauk\Documents\FUNK.rmgc
2023-04-26 01:13 - 2019-03-27 11:34 - 000000000 ____D C:\Users\jhauk\Desktop\Lou Ann - Choruses; Print-Scan, save to comp., doc. (pdf)
2023-04-22 09:59 - 2021-10-07 09:41 - 000000000 ____D C:\Users\jhauk\AppData\Local\CrashDumps
==================== Files in the root of some directories ========
2021-01-18 13:44 - 2021-01-18 13:44 - 000000171 _____ () C:\Users\jhauk\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-05-2023
Ran by jhauk (20-05-2023 11:39:35)
Running from C:\Users\jhauk\Desktop
Microsoft Windows 11 Home Version 22H2 22621.1702 (X64) (2023-02-18 22:01:33)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1015540938-3996997567-1391499832-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1015540938-3996997567-1391499832-503 - Limited - Disabled)
Guest (S-1-5-21-1015540938-3996997567-1391499832-501 - Limited - Disabled)
jhauk (S-1-5-21-1015540938-3996997567-1391499832-1001 - Administrator - Enabled) => C:\Users\jhauk
WDAGUtilityAccount (S-1-5-21-1015540938-3996997567-1391499832-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
4K Video Downloader 4.8 (HKLM\...\{2FA2F521-494C-4E8F-8C30-3D3E81590413}) (Version: 4.8.0.2852 - Open Media LLC)
AceMoney (HKLM-x32\...\AceMoney_is1) (Version: - MechCAD Software)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 23.001.20174 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Amazon Music (HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\Amazon Amazon Music) (Version: 9.1.0.2339 - Amazon.com Services LLC)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version: - )
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.10.2 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: - )
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.30.1.52 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.5.5.3 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.3.0 - Canon Inc.)
Canon MP970 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP970_series) (Version: - )
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.5.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.5.2 - Canon Inc.)
Canon TS8300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS8300_series) (Version: 1.02 - Canon Inc.)
Cisco Webex Meetings (HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\ActiveTouchMeetingClient) (Version: 43.1.0 - Cisco Webex LLC)
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 5.59 - NCH Software)
Dell Update for Windows Universal (HKLM\...\{F68DA8E2-38B6-47A7-AB62-BFE8B740F792}) (Version: 4.7.0 - Dell Inc.)
Dynamic Application Loader Host Interface Service (HKLM\...\{3252E69D-9075-40FD-A9EF-F6D96091B5BF}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 113.0.5672.127 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 74.0.3.0 - Google LLC)
hdAlbum EZ (HKLM-x32\...\{014BBF3C-D9C4-4FD0-857D-E7DDC95263C0}) (Version: 1.7.1.6 - Canon Inc.)
IDrive version 6.7.3.6 (HKLM-x32\...\IDrive_is1) (Version: 6.7.3.6 - Pro Softnet Corp)
Intel® Chipset Device Software (HKLM\...\{148D6ED8-24B8-443D-9C5B-5D6BF506671B}) (Version: 10.1.17903.8106 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{70281077-96c3-4f75-938c-dc4746110c00}) (Version: 10.1.17903.8106 - Intel® Corporation)
Intel® Icls (HKLM\...\{4625C928-49BB-44DC-92E3-B9EC0972C72D}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® LMS (HKLM\...\{C6577DC3-0C37-48BF-817B-54941E2A9D5F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1932.12.0.1298 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{8A47F310-D3B6-4894-AE24-5E997B13999B}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{D80FDFD4-0702-4950-A949-CC2AE3B36F23}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Driver (HKLM\...\{434309ED-354E-460C-B241-0803232C7CC9}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® OEM Extension (HKLM\...\{FEB772C1-919E-4145-9691-AFFAC915496F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.8141 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.5.9.1040 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{6B487AA5-94E3-4B20-A1AF-2FA0CEA5BD13}) (Version: 17.5.9.1040 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.56.87.0 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.56.87.0 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{05817e4d-5f15-49b4-afec-7edb31fc7dd6}) (Version: 1.56.87.0 - Intel Corporation) Hidden
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{C81FD018-F151-460F-B4F9-0D58039503E2}) (Version: 17.2.4.9002 - Intel Corporation)
Jihosoft Phone Transfer version 3.4.2.0 (HKLM-x32\...\{116B8806-B959-4600-8591-35E60440BD3D}_is1) (Version: 3.4.2.0 - HONGKONG JIHO CO., LIMITED)
LatencyMon 7.20 (HKLM\...\LatencyMon_is1) (Version: 7.20 - Resplendence Software Projects Sp.)
Logitech Options (HKLM\...\LogiOptions) (Version: 8.54.161 - Logitech)
Malwarebytes version 4.5.28.266 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.28.266 - Malwarebytes)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.16327.20248 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 113.0.1774.50 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 113.0.1774.42 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{43D501A5-E5E3-46EC-8F33-9E15D2A2CBD5}) (Version: 5.70.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{92418797-A53F-4B3E-A56A-F8B739B6F1FF}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{B12E6B2E-1E47-4D58-A45E-AA92A5F8F8FD}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24215 (HKLM\...\{EF1EC6A9-17DE-3DA9-B040-686A1E8A8B04}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24215 (HKLM\...\{50A2BC33-C9CD-3BF1-A8FF-53C10A0B183C}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30135 (HKLM-x32\...\{b7a2b241-3f54-4d7d-94d1-8ce0146e03c7}) (Version: 14.29.30135.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30135 (HKLM-x32\...\{77EB1EA9-8E1B-459D-8CDC-1984D0FF15B6}) (Version: 14.29.30135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30135 (HKLM-x32\...\{36A1E79B-581A-4FE5-843D-84C2D3C9431E}) (Version: 14.29.30135 - Microsoft Corporation) Hidden
Movavi Screen Recorder Studio 10 (HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\Movavi Screen Recorder Studio 10) (Version: 10.2.0 - Movavi)
Movavi Video Editor Plus 2022 (HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\Movavi Video Editor Plus 2022) (Version: 22.1.0 - Movavi)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 113.0.1 (x64 en-US)) (Version: 113.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0.2 - Mozilla)
MusicTime Deluxe (HKLM-x32\...\MusicTime Deluxe 4.0.4) (Version: 4.0.4 - Passport)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16327.20248 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Printer Registration (HKLM-x32\...\Canon EISRegistration) (Version: 1.7.5 - Canon Inc.)
Qualcomm WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.18362.31252 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8791.1 - Realtek Semiconductor Corp.)
RootsMagic 7.6.1.0 (HKLM-x32\...\{D6286873-A757-4A4D-A6EF-0081B3EE32CA}_is1) (Version: RootsMagic 7.6.1.0 - RootsMagic, Inc.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Switch Sound File Converter (HKLM-x32\...\Switch) (Version: 10.40 - NCH Software)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{FBA3961B-D1DF-493C-BC1F-E67D3B832895}) (Version: 2.56.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 - Microsoft Corporation)
vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
VSDC Free Video Editor version 6.3.9.49 (HKLM\...\VSDC Free Video Editor_is1) (Version: 6.3.9.49 - Flash-Integro LLC)
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Web Launch Recorder (HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\WebLaunchRecorder) (Version: 2.0 - )
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22391 - Microsoft Corporation)
Windows 11 Installation Assistant (HKLM-x32\...\{115DF11E-4B4C-4EA9-9A79-00DB0C7EF02D}) (Version: 1.4.19041.2063 - Microsoft Corporation)
Windows PC Health Check (HKLM\...\{804A0628-543B-4984-896C-F58BF6A54832}) (Version: 3.7.2204.15001 - Microsoft Corporation)
Windows PC Health Check (HKLM\...\{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Wondershare TunesGo ( Version 9.7.3 ) (HKLM-x32\...\{0B31C808-8274-460D-8846-C711D40544A0}_is1) (Version: 9.7.3 - Wondershare)
Youtube Downloader HD v. 4.4.2 (HKLM-x32\...\Youtube Downloader HD_is1) (Version: - YoutubeDownloaderHD.com)
Zoom (HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\ZoomUMX) (Version: 5.9.3 (3169) - Zoom Video Communications, Inc.)
Packages:
=========
Audacity 2 -> C:\Program Files\WindowsApps\42109FactoriaDatacenter.Audacity2_2.3.2.0_neutral__zaf1c6h4vqsbt [2019-05-29] (Repackagerexpress.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_3.1.5.0_x64__kgqvnymyfvs32 [2023-04-25] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2521.1.0_x64__kgqvnymyfvs32 [2023-05-17] (king.com)
Canon Office Printer Utility -> C:\Program Files\WindowsApps\34791E63.CanonOfficePrinterUtility_12.7.0.0_x64__6e5tt8cgb93ep [2023-04-21] (Canon Inc.)
Corel PaintShop Pro -> C:\Program Files\WindowsApps\CorelCorporation.PaintShopPro_25.1.32.0_x64__wbjqpk9xt50t4 [2022-12-03] (Corel Corporation)
Cut Video App -> C:\Program Files\WindowsApps\AnywaySoftInc.CutVideoApp_1.2.6.0_x64__0qkrc2qacwvfm [2023-04-21] (AnywaySoft, Inc.)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.10.4.0_x64__htrsf667h5kn2 [2023-02-18] (Dell Inc)
Downloader for YouTube. Free Coverter to MP3, MP4 & AVI. -> C:\Program Files\WindowsApps\13240GoodBuzzMedia.DownloaderforYouTube.FreeCovert_1.1.17.0_x64__pkybfkfh0fpqa [2020-11-03] (Good Buzz Media)
Express Burn CD and DVD Burner Free -> C:\Program Files\WindowsApps\NCHSoftware.ExpressBurnFree_11.0.9.0_x86__7kedsbyvzns34 [2023-05-20] (NCH Software)
Free Instant Youtube Downloader -> C:\Program Files\WindowsApps\356E5ED5.FreeInstantYoutubeDownloader_1.5.2.0_x64__n9erwrkheyjxe [2020-02-05] (Prospera Software Inc.) [MS Ad]
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2021-11-13] (INTEL CORP)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12128.2.57059.0_x64__nzyj5cx40ttqa [2023-03-30] (Apple Inc.) [Startup Task]
Libby, by OverDrive -> C:\Program Files\WindowsApps\2FA138F6.LibbybyOverDrive_1.4.2.0_x64__daecb9042jmvt [2023-04-21] (OverDrive Inc.)
Media Player -> C:\Program Files\WindowsApps\YellowElephantProductions.MediaPlayerS_1.280.40.0_x64__p3e1zgp7z7szg [2023-05-20] (Yellow Elephant Productions)
Media Suite Essentials for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.MediaSuiteEssentialsforDell_2.6.4028.0_x86__mcezb6ze687jp [2020-03-27] (CYBERLINK CORPORATION.)
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1809.1.0_x64__8wekyb3d8bbwe [2021-11-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1809.1.0_x86__8wekyb3d8bbwe [2021-11-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-11-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-11-13] (Microsoft Corporation) [MS Ad]
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2303.28003.0_x64__8wekyb3d8bbwe [2023-05-20] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.39.0_x64__8wekyb3d8bbwe [2023-05-20] (Microsoft Corp.)
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.19.8301.0_x64__8wekyb3d8bbwe [2023-05-18] (Microsoft Studios)
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2023-05-20] (Microsoft Corporation)
ms-resource:app_name_ms_todo -> C:\Program Files\WindowsApps\Microsoft.Todos_2.96.61291.0_x64__8wekyb3d8bbwe [2023-05-20] (Microsoft Corporation) [Startup Task]
ms-resource:AppName -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2023-04-21] (Microsoft Corporation)
ms-resource:System_Item_Title_IntelGraphicsControlPanel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4779.0_x64__8j3eq9eme6ctt [2023-04-13] (INTEL CORP) [Startup Task]
MuseScore 3 -> C:\Program Files\WindowsApps\64051MuseScoreBVBA.MuseScoreNotationSoftware_3.3.4.0_x64__pz631wrhsw9tj [2022-09-06] (MuseScore BVBA)
My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_2.2.4.0_x64__htrsf667h5kn2 [2023-02-23] (Dell Inc)
OpenShot Video Editor - MS Store Port -> C:\Program Files\WindowsApps\37559StorePorts.OpenShotVideoEditor-MSStorePort_1.1.2.0_x64__gbs9e2cxjv4vj [2020-02-22] (Store Ports)
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2023-05-20] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-05-20] (Microsoft Corporation)
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_3.27.25.0_x64__nfy108tqq3p12 [2023-05-20] (Thumbmunkeys Ltd)
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2023-04-21] (Plex)
Power Media Player for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerMediaPlayerforDell_14.2.4925.0_x86__mcezb6ze687jp [2022-08-12] (CYBERLINK CORPORATION.)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.575.424.0_x86__55nm5eh3cm0pr [2023-05-20] (ROBLOX Corporation)
Screen Recorder Lite -> C:\Program Files\WindowsApps\YellowElephantProductions.ScreenRecorderLite_1.244.115.0_x64__p3e1zgp7z7szg [2023-05-20] (Yellow Elephant Productions) [Startup Task]
SHARE.it -> C:\Program Files\WindowsApps\30608Paradox.SHAREit81_1.7.18.0_x64__ghshvk1r7eapp [2019-04-30] (SHAREit Technologies Co.Ltd) [MS Ad]
Slack -> C:\Program Files\WindowsApps\91750D7E.Slack_4.32.122.0_x64__8she8kybcnzg4 [2023-05-20] (Slack Technologies Inc.) [Startup Task]
Ultra Screen Recorder -> C:\Program Files\WindowsApps\D5BE6627.UltraScreenRecorder_2.0.9.0_x86__9pm2v9747qaaa [2021-03-29] (CompuClever Systems Inc.)
VideoPad Video Editor Free -> C:\Program Files\WindowsApps\NCHSoftware.VideoPadVideoEditorFree_13.0.7.0_x86__7kedsbyvzns34 [2023-05-20] (NCH Software)
VLC -> C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a [2023-05-20] (VideoLAN)
Waves MaxxAudio Pro for Dell -> C:\Program Files\WindowsApps\WavesAudio.WavesMaxxAudioProforDell_1.1.131.0_x64__fh4rh281wavaa [2023-05-20] (Waves Audio)
Zalo Desktop -> C:\Program Files\WindowsApps\VNGOnline.Zalofordesktop_19.8.1.0_x64__z59ddpn1nx8g0 [2023-05-20] (VNG Online)
ZAPYA -> C:\Program Files\WindowsApps\EBAC32FB.ZAPYA_1.2.6.0_x86__7pjp2xjm0bc9w [2023-04-21] (邻动(北京)技术有限公司)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ 0001IDSIcon1] -> {0FA6DCC0-CF0B-427D-A8AF-97C466AB5769} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2020-02-18] (Pro Softnet Corporation -> Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers: [ 0001IDSIcon2] -> {66357BBE-D2E5-453C-95FF-8102EB32419D} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2020-02-18] (Pro Softnet Corporation -> Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers: [ 0001IDSIcon3] -> {904E6336-8B13-43FA-B4C3-5B62C1C91971} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2020-02-18] (Pro Softnet Corporation -> Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\74.0.3.0\drivefsext.dll [2023-05-02] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\74.0.3.0\drivefsext.dll [2023-05-02] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\74.0.3.0\drivefsext.dll [2023-05-02] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\74.0.3.0\drivefsext.dll [2023-05-02] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-02-25] () [File not signed] [File is in use]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\74.0.3.0\drivefsext.dll [2023-05-02] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2020-02-18] () [File not signed]
ContextMenuHandlers2: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2020-02-18] () [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-03] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-02-25] () [File not signed] [File is in use]
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\74.0.3.0\drivefsext.dll [2023-05-02] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2020-02-18] () [File not signed]
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\74.0.3.0\drivefsext.dll [2023-05-02] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\cui_component.inf_amd64_0219cc1c7085a93f\igfxDTCM.dll [2018-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-03] (Malwarebytes Inc. -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [msacm.voxacm160] => C:\WINDOWS\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.scg726] => C:\WINDOWS\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\WINDOWS\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lame] => C:\WINDOWS\system32\lame.ax [245760 2005-08-01] () [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\WINDOWS\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [File not signed]
HKLM\...\Drivers32: [vidc.mpg4] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp42] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\WINDOWS\system32\xvidvfw.dll [139264 2004-07-03] () [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\WINDOWS\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP62] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.LAGS] => C:\WINDOWS\system32\lagarith.dll [216064 2011-12-07] () [File not signed]
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-02-23 19:04 - 2020-02-18 13:19 - 000834048 _____ () [File not signed] C:\Program Files (x86)\IDriveWindows\sqlite3.dll
2021-05-27 10:29 - 2021-05-27 10:29 - 000144896 _____ () [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\libssh2.dll
2021-05-27 10:29 - 2021-05-27 10:29 - 000077824 _____ () [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\zlib.dll
2021-06-27 16:45 - 2016-10-21 16:06 - 000318976 _____ (CANON INC) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\scchmpm.dll
2021-06-27 16:45 - 2017-06-27 10:59 - 000219648 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\cnmpu2.dll
2021-06-27 16:45 - 2017-11-02 15:36 - 000008192 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_ENU.DLL
2021-06-27 16:45 - 2017-11-02 15:36 - 000104960 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_IMG.dll
2011-08-30 08:06 - 2011-08-30 08:06 - 000267776 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNBLM4.DLL
2019-03-19 05:52 - 2012-08-30 11:18 - 000252416 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2019-03-18 09:21 - 2011-08-30 08:06 - 000084992 _____ (CANON INC.) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\CNBPP4.DLL
2019-02-25 15:15 - 2019-02-25 15:15 - 000126976 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll
2020-12-01 01:14 - 2020-12-01 01:14 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Interop.dll
2021-05-27 10:29 - 2021-05-27 10:29 - 000355840 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\LIBCURL.dll
2021-05-27 10:29 - 2021-05-27 10:29 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\LIBEAY32.dll
2021-05-27 10:29 - 2021-05-27 10:29 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\SSLEAY32.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-03-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-04-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-04-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-04-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-04-28] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\oldnational.com -> hxxps://www.oldnational.com
IE trusted site: HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\pnc.com -> hxxps://www.onlinebanking.pnc.com
IE trusted site: HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\sharepoint.com -> hxxps://anderson0-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-11 19:38 - 2018-04-11 19:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2021-07-12 06:56 - 2021-07-12 06:56 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\Control Panel\Desktop\\Wallpaper -> c:\users\jhauk\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\2022 09 30 (1).jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "DellMobileConnectWelcome"
HKLM\...\StartupApproved\Run: => "WavesSvc"
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\StartupApproved\Run: => "Zalo"
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\StartupApproved\Run: => "GarminExpress"
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_C3B4745A586F470C4B29567DA633CD3C"
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\StartupApproved\Run: => "Amazon Music Helper"
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\StartupApproved\Run: => "Steam"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C969EE14-DF4D-4FA1-B141-DD46589DE147}] => (Allow) LPort=34000
FirewallRules: [{219FADE3-AB6A-4BAF-8B7E-0A25FDD611A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\My Singing Monsters\MySingingMonsters.exe () [File not signed]
FirewallRules: [{57DA26D0-DFCD-4BA7-81CC-12FC7C00F7EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\My Singing Monsters\MySingingMonsters.exe () [File not signed]
FirewallRules: [{5BB1E956-7286-4823-ADC7-D7385777E5A9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E7740F51-85DE-46F0-89E0-69FA4D4CE253}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A38BC89D-160E-4E61-B9B9-29402C038CE8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7A0FA5F6-58A4-4B03-97B2-B932FDF2539F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{0EB6AD0E-517D-4501-B57A-D1F3C781128D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A17E8691-8314-4A4C-B51E-E8862B5E60BF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EF44B2B3-CF16-4D4B-AD98-044D5988633E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2F77443A-2BBF-4DF0-B3F2-7713C3AF592F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6C8BDF5C-688F-44CC-97D4-5D424F8C21C5}] => (Allow) C:\Users\jhauk\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{0BF25BA8-8276-4A70-9625-7D0BC5C469D6}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{3AA89511-D6C1-4D99-B70B-6B07A506BA62}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{05D6B342-78F3-482C-B53E-0D3E4467F99D}] => (Allow) C:\Users\jhauk\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{482CD256-9F6B-400E-B563-E6821169580F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C2006FCD-AD51-45E0-B4A4-B874E7474F91}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{55DBA7B1-5982-433F-8D38-DE7E7E51F490}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{D545A722-3337-485D-BDC1-704C1A98AB82}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{88D6118D-6A11-4619-897E-735523227F99}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{7023B499-2448-4724-8081-517C15763D1F}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{3F2A6D7E-9815-45CF-B176-9C8BC9FA27E0}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{D8DD128A-FB4A-448A-85E4-37BFF4E1E1A5}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector -> Flash-Integro LLC)
FirewallRules: [TCP Query User{565B4B4A-B93A-4ECA-975E-380E884EDBFF}C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.2.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\openshot-qt.exe] => (Allow) C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.2.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\openshot-qt.exe (0D24FC62-2DEF-4425-A3E6-06E53F20567C -> OpenShot Studios, LLC)
FirewallRules: [UDP Query User{6E23B3D1-7A4F-4AF6-9719-0D263E97DE6D}C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.2.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\openshot-qt.exe] => (Allow) C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.2.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\openshot-qt.exe (0D24FC62-2DEF-4425-A3E6-06E53F20567C -> OpenShot Studios, LLC)
FirewallRules: [{036C20CF-D6E6-4B34-B413-9459073ED26F}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{EFAE7FA9-91D4-4DA9-B435-B080634A4E28}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (6B081F61-C764-4F21-995F-B463D0640577 -> Screenovate Technologies Ltd.)
FirewallRules: [{E9FAE067-76E3-48EB-BAA1-F793EE97358A}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (6B081F61-C764-4F21-995F-B463D0640577 -> Screenovate Technologies Ltd.)
FirewallRules: [{5F8ECEAA-2F19-4852-BE8A-234E5BF4B38D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12128.2.57059.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{B1E32851-EFA0-4E94-993E-E736E18DC987}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12128.2.57059.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{63C1163D-E83C-4884-B059-DA0E299301BC}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12128.2.57059.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{CFC873EF-34F1-4A38-BE1A-55D7FD15236D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12128.2.57059.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{CAFEC075-2022-48FF-8F61-EC65FAA306BE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12128.2.57059.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{444788A5-3F8E-42E2-9B06-BC8B0B04F3E0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12128.2.57059.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{31E36CBC-F082-4A6E-AA96-8B1F96886863}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12128.2.57059.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{3B96BF6A-F490-4600-801C-94732C5651F4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12128.2.57059.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{1E4F745B-2AA1-47F7-94B1-607B25D96ABD}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C17EE267-ABC9-4BD4-8EBC-E4765CD9F3BB}] => (Allow) C:\Program Files\WindowsApps\91750D7E.Slack_4.32.122.0_x64__8she8kybcnzg4\app\Slack.exe (B25A2379-D5D0-455B-826A-BFFC7EBB5713 -> Slack Technologies Inc.)
FirewallRules: [{D646B9C2-F0AD-48AE-97A9-9FD8276B8ADF}] => (Allow) C:\Program Files\WindowsApps\91750D7E.Slack_4.32.122.0_x64__8she8kybcnzg4\app\Slack.exe (B25A2379-D5D0-455B-826A-BFFC7EBB5713 -> Slack Technologies Inc.)
FirewallRules: [{036113C5-30A1-4C83-9FBC-38C6F570D644}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23091.406.2009.3890_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8085AA49-7113-4B24-9461-8ACD55CEF674}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23091.406.2009.3890_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{42F8C093-0F1D-4C17-8841-D76AA7C4F6EF}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\113.0.1774.42\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1D66582E-CF1B-4F1C-AAA8-C833A2BF926E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
20-05-2023 09:00:33 Windows Modules Installer
20-05-2023 09:06:56 Restore Operation
==================== Faulty Device Manager Devices ============
Name: Dell Data Vault Control Device
Description: Dell Data Vault Control Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Dell Technologies
Service: DDDriver
Problem: : The software for this device has been blocked from starting because it is known to have problems with Windows. Contact the hardware vendor for a new driver. (Code 48)
Resolution: Download the latest drivers from the manufacturer, uninstall the current driver, and then install the latest drivers.
==================== Event log errors: ========================
Application errors:
==================
Error: (05/20/2023 11:27:30 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (05/20/2023 11:27:22 AM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Faulting application name: pcdrsysinfosoftware.p5x, version: 6.0.7303.327, time stamp: 0x60e3eb9d
Faulting module name: ucrtbase.dll, version: 10.0.22621.608, time stamp: 0xf5fc15a3
Exception code: 0xc0000409
Fault offset: 0x000000000007f61e
Faulting process id: 0x0x3d44
Faulting application start time: 0x0x1d98b2f831eb646
Faulting application path: C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\pcdrsysinfosoftware.p5x
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: 75d6cf4e-c8f7-4783-b226-24ed5e4c9ae8
Faulting package full name:
Faulting package-relative application ID:
Error: (05/20/2023 11:20:24 AM) (Source: System Restore) (EventID: 8204) (User: )
Description: System restore ended unexpectedly because of power loss or a program error. Additional information: (Windows Modules Installer).
Error: (05/20/2023 09:09:10 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (05/20/2023 09:09:10 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (05/20/2023 09:09:10 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (05/20/2023 09:09:10 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (05/20/2023 09:09:10 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
System errors:
=============
Error: (05/20/2023 11:30:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The DellWAL service failed to start due to the following error:
The system cannot find the file specified.
Error: (05/20/2023 11:30:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The DellWAL service failed to start due to the following error:
The system cannot find the file specified.
Error: (05/20/2023 11:26:06 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-6JBP3L9)
Description: The server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} did not register with DCOM within the required timeout.
Error: (05/20/2023 11:23:02 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Background Intelligent Transfer Service service hung on starting.
Error: (05/20/2023 11:14:08 AM) (Source: Application Popup) (EventID: 875) (User: )
Description: dddriver64Dcsa.sys
Error: (05/20/2023 08:58:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The DellWAL service failed to start due to the following error:
The system cannot find the file specified.
Error: (05/20/2023 08:58:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The DellWAL service failed to start due to the following error:
The system cannot find the file specified.
Error: (05/20/2023 08:56:38 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-6JBP3L9)
Description: The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register with DCOM within the required timeout.
Windows Defender:
================
Date: 2023-05-20 02:07:35
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-05-18 02:09:48
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-05-17 00:28:16
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-05-16 01:49:50
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-05-15 02:32:50
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]
Date: 2023-04-12 08:41:44
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.387.740.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.20200.4
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
CodeIntegrity:
===============
Date: 2023-05-20 11:22:32
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ffb22091d2be88a5\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. 2.21.0 12/03/2021
Motherboard: Dell Inc. 0H4VK7
Processor: Intel® Core i3-8100 CPU @ 3.60GHz
Percentage of memory in use: 30%
Total physical RAM: 24390.97 MB
Available physical RAM: 17030.66 MB
Total Virtual: 25926.97 MB
Available Virtual: 17983.8 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:917.05 GB) (Free:543.19 GB) (Model: ST1000DM010-2EP102) NTFS
Drive g: (Google Drive) (Fixed) (Total:917.05 GB) (Free:516.03 GB) (Model: ST1000DM010-2EP102) FAT32
\\?\Volume{ddeb6c84-810c-46a1-aec6-44f8c7ccad3a}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.27 GB) NTFS
\\?\Volume{df0a5467-a661-4a6f-af6f-55c9d5055271}\ (Image) (Fixed) (Total:11.66 GB) (Free:0.22 GB) NTFS
\\?\Volume{5da840b2-c364-4272-bd43-d66afc350687}\ (DELLSUPPORT) (Fixed) (Total:1.07 GB) (Free:0.21 GB) NTFS
\\?\Volume{7f86ac07-f133-4645-b879-12d32c99ea96}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.56 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 926B0D78)
Partition: GPT.
==================== End of Addition.txt =======================