This topic is locked
A scammer accessed a relative's computer. They installed remote software, so we wanted to make sure that everything was cleared off. Can you please let me know if you see anything questionable on this computer?
Thank you so much for your help!
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-06-2023
Ran by dabooker4 (administrator) on DESKTOP-3L139AI (HP HP Pavilion x360 Convertible 14m-dh0xxx) (26-06-2023 12:08:23)
Running from C:\Users\dabooker4\Pictures\slide\Desktop\FRST64.exe
Loaded Profiles: dabooker4
Platform: Microsoft Windows 11 Home Version 22H2 22621.1848 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\IDriveWindows\id_tray.exe ->) (IDrive, Inc. -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_win.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\tv_x64.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_6eefa7742d2487c3\igfxCUIService.exe ->) (Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_6eefa7742d2487c3\igfxEM.exe
(DriverStore\FileRepository\hpanalyticscomp.inf_amd64_5bf497d20ce7fee9\x64\TouchpointAnalyticsClientService.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_5bf497d20ce7fee9\x64\TouchpointGpuInfo.exe
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_22baab3e5a0042a4\x64\NetworkCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_22baab3e5a0042a4\x64\BridgeCommunication.exe <2>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <8>
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.3.20.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(explorer.exe ->) (ELAN Microelectronics Corporation -> ELAN) [File not signed] C:\Program Files\ELAN\EzTiltPen\EzTiltPenAgent.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek) C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe
(IDrive, Inc. -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_bglaunch.exe
(IDrive, Inc. -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_tray.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <19>
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_5bf497d20ce7fee9\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_22baab3e5a0042a4\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_22baab3e5a0042a4\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_22baab3e5a0042a4\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_22baab3e5a0042a4\x64\SysInfoCap.exe
(services.exe ->) (IDrive, Inc. -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82b77f8c4618e2d0\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ba273d0ffb93e225\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(services.exe ->) (Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_6eefa7742d2487c3\igfxCUIService.exe
(services.exe ->) (Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_667c6615c75bd143\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_14a5bb6045f923bf\IntelCpHDCPSvc.exe
(services.exe ->) (Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_14a5bb6045f923bf\IntelCpHeciSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\Intel® Audio Service\IntelAudioService.exe
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(sihost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.10.1627.0_x64__v10z8vjag6ke6\HP.JumpStarts.exe
(svchost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPQuickDrop_2.5.10921.0_x64__v10z8vjag6ke6\HPQuickDrop.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.3261.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.3261.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.11600.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [EzTiltPenSrvc] => C:\Program Files\ELAN\EzTiltPen\EzTiltPenAgent.exe [238280 2019-04-22] (ELAN Microelectronics Corporation -> ELAN) [File not signed]
HKLM\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [2097600 2018-04-17] (Realtek Semiconductor Corp. -> Realtek)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3503584 2023-01-19] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11327200 2023-06-13] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [IDrive Background process] => C:\Program Files (x86)\IDriveWindows\id_bglaunch.exe [81920 2023-05-12] (IDrive, Inc. -> Prosoftnet)
HKLM-x32\...\Run: [IDrive Tray] => C:\Program Files (x86)\IDriveWindows\id_tray.exe [2000896 2023-05-12] (IDrive, Inc. -> Prosoftnet)
HKU\S-1-5-21-155803508-2790422629-3313700799-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HpseuHostLauncher.exe [536624 2023-05-09] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-155803508-2790422629-3313700799-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [40496032 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-155803508-2790422629-3313700799-1001\...\Run: [MicrosoftEdgeAutoLaunch_D80B4CE3DB3B27F45C5F2DA322C38C31] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4113856 2023-06-22] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [203936 2021-12-24] (Adobe Inc. -> Adobe Systems Inc)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{AC76BA86-0000-0000-7760-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat DC\Esl\Aiod.dll [2022-12-23] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {07525571-8B3F-4407-AC24-372B2979D42F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {173110AA-1DCB-441A-BEE2-FB81DF06942B} - \Driver Support One Agent -> No File <==== ATTENTION
Task: {180DEDD1-CE9D-4DFC-A634-6FBE912D05F0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26557376 2023-06-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {1E5E3ED6-0E68-414B-AC20-AF4E73A5A7F2} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170456 2023-06-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {2663D654-3C87-467D-AD84-B2218AC3BBD5} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.)
Task: {2E8B14F8-4E5B-406D-89DA-7B7ABDED5219} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3503584 2023-01-19] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {334741FD-CBD1-44DB-BFE6-5F30658067DC} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [732064 2023-06-20] (Mozilla Corporation -> Mozilla Foundation)
Task: {3AC072B2-362E-4BB4-8A45-A58430A41865} - System32\Tasks\HP\Consent Manager Launcher => C:\WINDOWS\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start hptouchpointanalyticsservice
Task: {4CCA54CB-7BF8-4FC5-B9D0-876B583C2EEC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26557376 2023-06-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {4F166140-958F-4B2F-A226-3D9C53FD3C4A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [157552 2023-06-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {5171256F-36A3-433B-AF6A-66498BBD066A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5B911297-277C-4AB5-8316-34791A429ECD} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (No File)
Task: {6AFA00E5-0207-400E-876D-26D26CE4CA10} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC Reboot (No File)
Task: {6EBED38D-247E-449B-8E3A-8A22FB196EEB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPPrinterLowInk => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPPrinterLowInk\HPPrinterLowInk.exe [228888 2023-05-30] (HP Inc. -> HP Inc.)
Task: {73BFBDD5-C345-4ED7-80C3-2CF544D22697} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery Reboot (No File)
Task: {7C0CF6D9-6C1B-4D71-A7FE-326F7A34E3BD} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [157552 2023-06-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {7D643195-90AC-44F8-96DE-1126C1D31EB1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [847392 2023-05-30] (HP Inc. -> HP Inc.)
Task: {90FD5D00-65C0-4BF3-8276-88ECDFC4E848} - System32\Tasks\CCleanerSkipUAC - dabooker4 => C:\Program Files\CCleaner\CCleaner.exe [34304928 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {9E6AF0C4-F2BA-417C-8B24-2624C3DCE145} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\RtkAudUService64.exe [1141544 2020-09-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {AC4FC1E0-8CEF-4912-9652-4083C716C380} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {B7609486-0043-480E-B20D-1487E7F97C3C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1135128 2023-05-30] (HP Inc. -> HP Inc.)
Task: {CA24878D-5309-4DDA-A3BE-15356B93859A} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "de70188d-9890-4f6f-aab6-ef36fdb23a80" --version "6.13.10517" --silent
Task: {CBE11770-3E71-4600-8C0C-B28A4F74761E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {D34825AC-1F8F-4444-A6A3-F1753B06C6A9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1135128 2023-05-30] (HP Inc. -> HP Inc.)
Task: {D4B89C1E-FAD4-4E21-9D32-1C40ACC603FC} - System32\Tasks\HPPSDrTelemetryWatch => C:\Program Files (x86)\HP\Diagnostics\TelemetryWatch\PSDrTelemetryWatch.exe [37840 2023-04-11] (HP Inc. -> )
Task: {D71DA98A-6773-41D0-9E75-50E78D3FCDEF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DCEE28E5-0916-42D1-8250-74666B50F5CD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DE8A9746-6953-4F43-8E03-9A3BE05207A9} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-10] (Dropbox, Inc -> Dropbox, Inc.)
Task: {DED3EABF-FA58-4BDC-B55E-3B766091AA24} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [680352 2023-06-20] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {F33CBE76-DB17-4CD7-A8C9-91E35B6342D4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_TH95SDW2JS => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1135128 2023-05-30] (HP Inc. -> HP Inc.)
Task: {F9335DB5-438D-4B07-BB20-6BD224D66C97} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-10] (Dropbox, Inc -> Dropbox, Inc.)
Task: {FD9D80B9-1814-4C15-8747-E79073C8C6BF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2023-05-30] (HP Inc. -> HP Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{9295c88b-cfb6-4e4e-b61a-4426489ba046}: [DhcpNameServer] 172.168.0.5
Tcpip\..\Interfaces\{9a961408-fdb2-4fc5-8b52-029899861853}: [DhcpNameServer] 192.168.1.254
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\dabooker4\AppData\Local\Microsoft\Edge\User Data\Default [2023-06-26]
Edge Extension: (Edge relevant text changes) - C:\Users\dabooker4\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-05-11]
Edge Extension: (Zotero Connector) - C:\Users\dabooker4\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nmhdhpibnnopknkmonacoephklnflpho [2023-06-15]
Edge Profile: C:\Users\dabooker4\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2023-06-26]
FireFox:
========
FF DefaultProfile: tx3osxac.default
FF DefaultProfile: 3x8j7wy8.default
FF ProfilePath: C:\Users\dabooker4\AppData\Roaming\Zotero\Zotero\Profiles\tx3osxac.default [2023-03-15]
FF ProfilePath: C:\Users\dabooker4\AppData\Roaming\Mozilla\Firefox\Profiles\3x8j7wy8.default [2023-03-15]
FF ProfilePath: C:\Users\dabooker4\AppData\Roaming\Mozilla\Firefox\Profiles\u9qoz8yu.default-release [2023-06-26]
FF Extension: (Add-ons Restricted Domains) - C:\Users\dabooker4\AppData\Roaming\Mozilla\Firefox\Profiles\u9qoz8yu.default-release\features\{e3a32af1-9648-4654-8b48-608260649326}\[email protected] [2023-06-22]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-03-05]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-06-14] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR HKU\S-1-5-21-155803508-2790422629-3313700799-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3896288 2023-01-19] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3729888 2023-01-19] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11774392 2023-06-20] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-10] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-10] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2023-06-13] (Dropbox, Inc -> Dropbox, Inc.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1321096 2018-09-28] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_22baab3e5a0042a4\x64\AppHelperCap.exe [860048 2023-05-22] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_22baab3e5a0042a4\x64\DiagsCap.exe [858520 2023-05-22] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_22baab3e5a0042a4\x64\NetworkCap.exe [855488 2023-05-22] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230352 2023-06-15] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_22baab3e5a0042a4\x64\SysInfoCap.exe [859024 2023-05-22] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_5bf497d20ce7fee9\x64\TouchpointAnalyticsClientService.exe [496208 2023-03-16] (HP Inc. -> HP Inc.)
R2 IDriveService; C:\Program Files (x86)\IDriveWindows\id_service.exe [421888 2023-05-12] (IDrive, Inc. -> Prosoftnet)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9266352 2023-06-26] (Malwarebytes Inc. -> Malwarebytes)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [20667704 2023-06-18] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\NisSrv.exe [3232576 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe [133592 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 avast; "C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /svc [X]
S3 avastm; "C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /medsvc [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2023-06-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
R1 JitDriver; C:\WINDOWS\system32\drivers\JitDriver.sys [48160 2022-11-11] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-06-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt11.sys [233216 2023-06-26] (Malwarebytes Inc. -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77752 2023-06-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-06-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181984 2023-06-26] (Malwarebytes Inc. -> Malwarebytes)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2023-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [498944 2023-06-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99568 2023-06-13] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
S3 cpuz153; \??\C:\WINDOWS\temp\cpuz153\cpuz153_x64.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-06-26 12:05 - 2023-06-26 12:08 - 000000000 ____D C:\FRST
2023-06-26 04:11 - 2023-06-26 04:11 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2023-06-26 01:15 - 2023-06-26 01:15 - 000233216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt11.sys
2023-06-26 01:15 - 2023-06-26 01:15 - 000181984 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2023-06-26 00:02 - 2023-06-26 01:16 - 000000000 ____D C:\Users\dabooker4\AppData\Local\Malwarebytes
2023-06-26 00:02 - 2023-06-26 00:02 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-06-26 00:02 - 2023-06-26 00:02 - 000000000 ____D C:\Users\dabooker4\AppData\Local\mbam
2023-06-26 00:00 - 2023-06-26 00:00 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-06-26 00:00 - 2023-06-26 00:00 - 000000000 ____D C:\Program Files\Malwarebytes
2023-06-21 14:03 - 2023-06-21 14:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2023-06-21 14:02 - 2023-06-21 14:02 - 017906464 _____ (Remote Utilities Pty (Cy) Ltd.) C:\Users\dabooker4\Downloads\agent-7.1.7.0(1).exe
2023-06-21 14:02 - 2023-06-21 14:02 - 000000000 ____D C:\Users\dabooker4\AppData\Roaming\Remote Utilities Agent
2023-06-21 14:01 - 2023-06-21 14:01 - 017906464 _____ (Remote Utilities Pty (Cy) Ltd.) C:\Users\dabooker4\Downloads\agent-7.1.7.0.exe
2023-06-20 17:22 - 2023-06-22 14:19 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-06-14 00:55 - 2023-06-14 00:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IDrive
2023-06-13 23:56 - 2023-06-13 23:56 - 000000000 ___HD C:\$WinREAgent
2023-06-13 04:24 - 2023-06-13 04:24 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-06-26 12:00 - 2023-03-15 13:31 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-06-26 11:58 - 2022-05-07 00:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-06-26 11:57 - 2023-03-18 09:50 - 000000000 ____D C:\ProgramData\IDrive
2023-06-26 11:57 - 2022-05-07 00:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-06-26 11:33 - 2022-05-07 00:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-06-26 11:28 - 2022-12-23 01:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-06-26 11:27 - 2023-03-18 10:08 - 000000000 ____D C:\Program Files\TeamViewer
2023-06-26 01:19 - 2022-12-23 01:47 - 000855930 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-06-26 01:19 - 2022-05-07 00:22 - 000000000 ____D C:\WINDOWS\INF
2023-06-26 01:17 - 2021-09-20 18:17 - 000000000 ____D C:\Users\dabooker4\AppData\Local\CrashDumps
2023-06-26 01:16 - 2023-03-15 14:06 - 000000000 ____D C:\Program Files\CCleaner
2023-06-26 01:16 - 2022-05-07 00:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-06-26 01:16 - 2019-09-03 23:32 - 000000000 ____D C:\Users\dabooker4\AppData\Roaming\Dropbox
2023-06-26 01:16 - 2019-09-03 23:30 - 000000000 ____D C:\Users\dabooker4\AppData\Local\Dropbox
2023-06-26 01:16 - 2019-08-28 17:00 - 000000000 ___RD C:\Users\dabooker4\OneDrive
2023-06-26 01:15 - 2023-03-15 15:50 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2023-06-26 01:15 - 2022-12-23 01:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-06-26 01:15 - 2022-05-07 00:24 - 000000000 ____D C:\WINDOWS\ServiceState
2023-06-26 01:15 - 2020-08-12 22:14 - 000012288 ___SH C:\DumpStack.log.tmp
2023-06-26 01:15 - 2019-08-28 16:58 - 000000000 __SHD C:\Users\dabooker4\IntelGraphicsProfiles
2023-06-26 01:15 - 2019-07-13 23:39 - 000000000 ____D C:\Intel
2023-06-26 01:10 - 2022-12-23 01:41 - 000000000 ____D C:\Users\dabooker4
2023-06-26 01:10 - 2022-05-07 00:17 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2023-06-26 01:05 - 2019-08-28 16:58 - 000000000 ____D C:\Users\dabooker4\AppData\Local\Packages
2023-06-26 01:05 - 2019-07-13 23:44 - 000000000 ____D C:\ProgramData\Packages
2023-06-26 00:15 - 2022-05-07 00:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-06-26 00:10 - 2023-03-15 13:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2023-06-26 00:02 - 2022-05-07 00:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-06-25 23:59 - 2020-04-14 18:26 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2023-06-25 23:50 - 2023-03-15 14:06 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-06-23 14:29 - 2019-09-03 23:43 - 000000000 ____D C:\Users\dabooker4\AppData\Roaming\Microsoft\Word
2023-06-23 11:33 - 2020-03-17 01:47 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-06-22 23:40 - 2022-12-23 01:48 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-155803508-2790422629-3313700799-1001
2023-06-22 23:40 - 2022-12-23 01:48 - 000003386 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-155803508-2790422629-3313700799-1001
2023-06-22 23:40 - 2020-08-12 22:15 - 000002398 _____ C:\Users\dabooker4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-06-22 17:06 - 2019-09-03 23:43 - 000000000 ____D C:\Users\dabooker4\AppData\Roaming\Microsoft\Office
2023-06-22 14:25 - 2019-05-10 09:54 - 000000000 ____D C:\Program Files\Microsoft Office
2023-06-22 14:22 - 2021-09-03 17:49 - 000000000 ____D C:\Users\dabooker4\AppData\Local\D3DSCache
2023-06-22 14:19 - 2023-03-15 14:06 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-06-22 14:19 - 2023-03-15 13:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-06-21 14:10 - 2021-08-15 14:19 - 000000000 ____D C:\Users\dabooker4\AppData\Roaming\Microsoft\MMC
2023-06-21 14:03 - 2019-09-03 23:30 - 000000000 ____D C:\Program Files (x86)\Dropbox
2023-06-21 13:59 - 2022-12-23 01:48 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-06-21 13:59 - 2022-10-12 23:16 - 000002121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk
2023-06-21 13:59 - 2022-10-12 23:16 - 000002110 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-06-21 13:50 - 2023-03-15 13:31 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-06-15 15:57 - 2023-05-20 13:51 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2023-06-15 15:55 - 2022-12-23 01:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2023-06-14 23:49 - 2023-03-15 14:06 - 000003474 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-06-14 20:02 - 2022-12-23 01:48 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-06-14 20:02 - 2022-12-23 01:48 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-06-14 00:55 - 2023-03-18 09:50 - 000000000 ____D C:\Program Files (x86)\IDriveWindows
2023-06-14 00:38 - 2022-12-23 01:39 - 000509648 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-06-14 00:37 - 2022-05-07 00:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-06-14 00:37 - 2022-05-07 00:24 - 000000000 ____D C:\WINDOWS\WUModels
2023-06-14 00:37 - 2022-05-07 00:24 - 000000000 ____D C:\WINDOWS\UUS
2023-06-14 00:37 - 2022-05-07 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-06-14 00:37 - 2022-05-07 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-06-14 00:37 - 2022-05-07 00:24 - 000000000 ____D C:\WINDOWS\SystemResources
2023-06-14 00:37 - 2022-05-07 00:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-06-14 00:37 - 2022-05-07 00:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-06-14 00:37 - 2022-05-07 00:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-06-14 00:37 - 2022-05-07 00:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-06-14 00:37 - 2022-05-07 00:17 - 000000000 ____D C:\WINDOWS\servicing
2023-06-14 00:06 - 2019-08-29 23:54 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-06-14 00:04 - 2022-05-07 00:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-06-14 00:04 - 2019-08-29 23:54 - 170078616 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-06-14 00:01 - 2022-12-23 01:40 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-06-13 23:49 - 2019-04-15 10:38 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
==================== Files in the root of some directories ========
2020-04-14 18:23 - 2020-04-14 18:23 - 000000410 _____ () C:\Users\dabooker4\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-06-2023
Ran by dabooker4 (26-06-2023 12:09:35)
Running from C:\Users\dabooker4\Pictures\slide\Desktop
Microsoft Windows 11 Home Version 22H2 22621.1848 (X64) (2022-12-23 06:49:04)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-155803508-2790422629-3313700799-500 - Administrator - Disabled)
dabooker4 (S-1-5-21-155803508-2790422629-3313700799-1001 - Administrator - Enabled) => C:\Users\dabooker4
DefaultAccount (S-1-5-21-155803508-2790422629-3313700799-503 - Limited - Disabled)
Guest (S-1-5-21-155803508-2790422629-3313700799-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-155803508-2790422629-3313700799-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 23.003.20215 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.2.0.18 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1579.3 - AVAST Software) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.13 - Piriform)
Driver Support One (HKLM-x32\...\DSOne) (Version: 2.6.8335.33225 - Driver Support) <==== ATTENTION
Dropbox (HKLM-x32\...\Dropbox) (Version: 176.4.5108 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.761.1 - Dropbox, Inc.) Hidden
Dynamic Application Loader Host Interface Service (HKLM\...\{3252E69D-9075-40FD-A9EF-F6D96091B5BF}) (Version: 1.0.0.0 - Intel Corporation) Hidden
EzTiltPen (HKLM\...\{359DAC8D-CE33-4729-84E9-22D3367A44A9}_is1) (Version: 1.0.0.25 - ELAN microelectronics Crop.)
HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.15.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
IDrive version 6.7.4.45 (HKLM-x32\...\IDrive_is1) (Version: 6.7.4.45 - Pro Softnet Corp)
Intel® Chipset Device Software (HKLM\...\{D4DC16D3-5547-4A3B-A9EB-FF9B4C2EA4A1}) (Version: 10.1.17969.8134 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{3d2240de-3c21-4e14-84b3-1c6cd02bfab4}) (Version: 10.1.17969.8134 - Intel® Corporation)
Intel® Icls (HKLM\...\{4625C928-49BB-44DC-92E3-B9EC0972C72D}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{0854C811-6DAD-441D-AB36-2F73631A04A1}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1914.12.0.1255 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{7715518B-08D0-4754-BB81-FE4FC61DFDF7}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Driver (HKLM\...\{4C230277-5515-4B51-B9E6-97880684B10C}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® OEM Extension (HKLM\...\{FEB772C1-919E-4145-9691-AFFAC915496F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{94979CD2-0904-47DE-A4AC-04F1C4524650}) (Version: 17.2.8.1029 - Intel Corporation)
Malwarebytes version 4.5.31.270 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.31.270 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 114.0.1823.58 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 114.0.1823.58 - Microsoft Corporation)
Microsoft Office Home and Student 2019 - en-us (HKLM\...\HomeStudent2019Retail - en-us) (Version: 16.0.16501.20210 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-155803508-2790422629-3313700799-1001\...\OneDriveSetup.exe) (Version: 23.122.0611.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{43D501A5-E5E3-46EC-8F33-9E15D2A2CBD5}) (Version: 5.70.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{2FAF2A80-5906-467E-8AD2-B83C94383600}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{F85F7FF0-5DFF-4BC0-9045-C9573D1BC11F}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 114.0.2 (x64 en-US)) (Version: 114.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 111.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16501.20152 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16501.20152 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Revo Uninstaller 2.4.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.4.5 - VS Revo Group, Ltd.)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.42.9 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-155803508-2790422629-3313700799-1001\...\ZoomUMX) (Version: 5.8.0 (1324) - Zoom Video Communications, Inc.)
Zotero (HKLM-x32\...\Zotero 5.0.96.3 (x86 en-US)) (Version: 5.0.96.3 - Corporation for Digital Scholarship)
Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-04-14] (Adobe Systems Incorporated)
Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC [2023-06-21] (0)
B&O Audio Control -> C:\Program Files\WindowsApps\AD2F1837.BOAudioControl_1.15.226.0_x64__v10z8vjag6ke6 [2023-03-08] (HP Inc.)
Dropbox -> C:\Program Files (x86)\Dropbox\Client\PackageAssets [2023-06-21] (0)
Energy Star -> C:\Program Files\WindowsApps\AD2F1837.HPInc.EnergyStar_1.2.0.0_x64__v10z8vjag6ke6 [2023-06-15] (HP Inc.)
HP CoolSense -> C:\Program Files\WindowsApps\AD2F1837.HPCoolSense_1.0.6.0_x64__v10z8vjag6ke6 [2019-07-13] (HP Inc.)
HP Impreza Pen -> C:\Program Files\WindowsApps\9FDF1AF1.HPImprezaPen_1.1.12.0_x64__g70az3e2cx9m2 [2020-01-27] (ELAN MICROELECTRONICS CORP.) [Startup Task]
HP JumpStarts -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.10.1627.0_x64__v10z8vjag6ke6 [2021-07-24] (HP Inc.)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_2.2.0.0_x64__v10z8vjag6ke6 [2023-05-15] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.2.74.0_x64__v10z8vjag6ke6 [2023-03-31] (HP Inc.)
HP QuickDrop -> C:\Program Files\WindowsApps\AD2F1837.HPQuickDrop_2.5.10921.0_x64__v10z8vjag6ke6 [2023-03-15] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_146.2.1055.0_x64__v10z8vjag6ke6 [2023-06-15] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.26.74.0_x64__v10z8vjag6ke6 [2023-06-14] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.3.20.0_x64__v10z8vjag6ke6 [2023-06-14] (HP Inc.)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-22] (INTEL CORP)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1037.0_x64__8j3eq9eme6ctt [2023-06-13] (INTEL CORP)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa [2023-06-14] (Apple Inc.) [Startup Task]
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy [2022-03-20] (McAfee LLC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-08-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-08-29] (Microsoft Corporation) [MS Ad]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.39.0_x64__8wekyb3d8bbwe [2023-01-02] (Microsoft Corp.)
Microsoft Office Outlook Desktop Integration -> C:\Program Files\WindowsApps\Microsoft.OutlookDesktopIntegrationServices_16009.11426.10000.0_x64__8wekyb3d8bbwe [2019-09-04] (Microsoft Corporation)
ms-resource:app_name_ms_todo -> C:\Program Files\WindowsApps\Microsoft.Todos_2.97.61391.0_x64__8wekyb3d8bbwe [2023-06-02] (Microsoft Corporation) [Startup Task]
ms-resource:System_Item_Title_IntelGraphicsControlPanel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4979.0_x64__8j3eq9eme6ctt [2023-06-02] (INTEL CORP) [Startup Task]
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-08-19] (Microsoft Corporation)
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.882.2207.0_x64__8wekyb3d8bbwe [2023-06-15] (Microsoft Corporation)
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.882.2207.0_x86__8wekyb3d8bbwe [2023-06-15] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-155803508-2790422629-3313700799-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\dabooker4\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
CustomCLSID: HKU\S-1-5-21-155803508-2790422629-3313700799-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\dabooker4\Dropbox [2019-09-03 23:34]
ShellIconOverlayIdentifiers: [ 0001IDSIcon1] -> {0FA6DCC0-CF0B-427D-A8AF-97C466AB5769} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2023-05-05] (Pro-Softnet Corporation, U.S.A) [File not signed]
ShellIconOverlayIdentifiers: [ 0001IDSIcon2] -> {66357BBE-D2E5-453C-95FF-8102EB32419D} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2023-05-05] (Pro-Softnet Corporation, U.S.A) [File not signed]
ShellIconOverlayIdentifiers: [ 0001IDSIcon3] -> {904E6336-8B13-43FA-B4C3-5B62C1C91971} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2023-05-05] (Pro-Softnet Corporation, U.S.A) [File not signed]
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_59691a4ee8d947dd\OptaneShellExt.dll [2021-10-12] (Intel Corporation -> )
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2023-06-14] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2023-05-05] () [File not signed]
ContextMenuHandlers2: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2023-05-05] () [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-06-26] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_59691a4ee8d947dd\OptaneShellExt.dll [2021-10-12] (Intel Corporation -> )
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2023-05-05] () [File not signed]
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-05-02] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2023-06-14] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-06-26] (Malwarebytes Inc. -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\dabooker4\AppData\Local\Microsoft\Edge\User Data\Snapshots\113.0.1774.57\Default\Web Applications\_crx__hgmdhkeekincapgfbajkcedbekoleged\Clever _ Log in.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=hgmdhkeekincapgfbajkcedbekoleged
ShortcutWithArgument: C:\Users\dabooker4\AppData\Local\Microsoft\Edge\User Data\Snapshots\113.0.1774.57\Default\Web Applications\_crx__adnlfjpnmidfimlkaohpidplnoimahfh\YouTube.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=adnlfjpnmidfimlkaohpidplnoimahfh
ShortcutWithArgument: C:\Users\dabooker4\AppData\Local\Microsoft\Edge\User Data\Snapshots\112.0.1722.48\Default\Web Applications\_crx__hgmdhkeekincapgfbajkcedbekoleged\Clever _ Log in.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=hgmdhkeekincapgfbajkcedbekoleged
ShortcutWithArgument: C:\Users\dabooker4\AppData\Local\Microsoft\Edge\User Data\Snapshots\112.0.1722.48\Default\Web Applications\_crx__adnlfjpnmidfimlkaohpidplnoimahfh\YouTube.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=adnlfjpnmidfimlkaohpidplnoimahfh
ShortcutWithArgument: C:\Users\dabooker4\AppData\Local\Microsoft\Edge\User Data\Snapshots\111.0.1661.62\Default\Web Applications\_crx__hgmdhkeekincapgfbajkcedbekoleged\Clever _ Log in.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=hgmdhkeekincapgfbajkcedbekoleged
ShortcutWithArgument: C:\Users\dabooker4\AppData\Local\Microsoft\Edge\User Data\Snapshots\111.0.1661.62\Default\Web Applications\_crx__adnlfjpnmidfimlkaohpidplnoimahfh\YouTube.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=adnlfjpnmidfimlkaohpidplnoimahfh
ShortcutWithArgument: C:\Users\dabooker4\AppData\Local\Microsoft\Edge\User Data\Default\Web Applications\_crx__hgmdhkeekincapgfbajkcedbekoleged\Clever _ Log in.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=hgmdhkeekincapgfbajkcedbekoleged
ShortcutWithArgument: C:\Users\dabooker4\AppData\Local\Microsoft\Edge\User Data\Default\Web Applications\_crx__adnlfjpnmidfimlkaohpidplnoimahfh\YouTube.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=adnlfjpnmidfimlkaohpidplnoimahfh
==================== Loaded Modules (Whitelisted) =============
2023-03-18 09:50 - 2023-05-05 13:01 - 000834048 _____ () [File not signed] C:\Program Files (x86)\IDriveWindows\sqlite3.dll
2023-06-14 02:40 - 2023-06-14 02:40 - 000138240 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\92b57a70cc452e03f7387dfac3b33e92\Interop.IWshRuntimeLibrary.ni.dll
2023-06-14 02:39 - 2023-06-14 02:39 - 000134656 _____ (hardcodet.net) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\d1c8b1ac4862837e59179721370095fd\Hardcodet.Wpf.TaskbarNotification.ni.dll
2023-06-14 02:40 - 2023-06-14 02:40 - 001701376 _____ (Mark Heath & Contributors) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NAudio\5ed0b4777e2b34445a047d07671e2455\NAudio.ni.dll
2020-04-19 11:31 - 2020-04-19 11:31 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2020-04-19 11:31 - 2020-04-19 11:31 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2023-06-14 02:39 - 2023-06-14 02:39 - 003062272 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\3151dce3e541abb8189355b766fcc43a\Newtonsoft.Json.ni.dll
2023-03-18 09:50 - 2023-05-05 13:01 - 000874496 _____ (Pro-Softnet Corporation, U.S.A) [File not signed] C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll
2023-03-18 09:50 - 2023-05-05 13:01 - 001663488 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\IDriveWindows\SQLite.Interop.dll
2023-06-14 02:39 - 2023-06-14 02:39 - 000793088 _____ (The Apache Software Foundation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\bf2580294587eaedf4e32dfa0cb40f30\log4net.ni.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-155803508-2790422629-3313700799-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-155803508-2790422629-3313700799-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2023-05-30] (HP Inc. -> HP Inc.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-03-04] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2023-05-30] (HP Inc. -> HP Inc.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-06-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-06-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-06-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-06-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-06-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-06-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-06-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-06-20] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-155803508-2790422629-3313700799-1001\...\sharepoint.com -> hxxps://k12mnps-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-18 23:49 - 2023-03-15 14:06 - 000000854 _____ C:\WINDOWS\system32\drivers\etc\hosts
2021-10-09 10:23 - 2021-10-09 10:23 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-155803508-2790422629-3313700799-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\HP Backgrounds\backgroundDefault.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{6C3E2F86-31FA-4710-9F96-6C1E6CC6974E}] => (Allow) C:\hp\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{57DE1A9C-7A73-466A-9638-3F21AA1494DF}] => (Allow) C:\hp\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{E785294A-1659-47B4-9472-84BC7AEAA8CA}] => (Allow) C:\Users\dabooker4\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{2D15BE85-830C-4E12-9570-98196C741CBC}] => (Allow) C:\Users\dabooker4\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{B49B3B1C-DAF9-497C-B599-9385E0B29394}] => (Allow) C:\Users\dabooker4\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{67317F1C-B9EE-4ABE-9538-AB4ED249BCFB}C:\users\dabooker4\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\dabooker4\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{5C6BA16E-0624-498F-BFAB-D277F9A10FD2}C:\users\dabooker4\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\dabooker4\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{2206BFD3-2155-4E86-AD6D-A93DD55AED9A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D67F37D8-68A9-4497-8BED-DBC7F58BAEED}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0C7C638C-94EE-4B03-ACBC-45DB5BEE76F0}] => (Allow) C:\Users\dabooker4\AppData\Local\Temp\7zS2999\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{272D22A9-6603-427F-AD06-E0BA999C41AA}] => (Allow) C:\Users\dabooker4\AppData\Local\Temp\7zS2999\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{996CDC72-AD3B-4038-B995-ED67076CE78C}] => (Allow) C:\hp\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{4A6BA045-2125-494D-8A77-050B8EA9A309}] => (Allow) C:\hp\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{0F85EE9C-62DC-4F81-AF11-B3BB5292E3A5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{D198EAD8-0739-4F87-A89F-F802C54DFEAC}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{2CCBCDF8-8F30-4DAF-A09D-8779EF4CAAA4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{FB0896D1-7989-4C72-89AF-8E6BD78C91F7}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{6BA41D8D-923F-42FE-AEC9-E6C6DA54C91F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{C0AA8E8B-1031-48A6-8701-02CF898AA27D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{C8807C9E-933B-445C-B32C-D7A3B8FDF5ED}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{91FAC5A2-2BC4-427C-83B1-FB61C060F76B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{10B0D94F-9BDA-4134-A054-36828D301551}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23091.410.2053.8773_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{685D39EE-CD2A-4F41-AA25-1C95C84709CC}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23091.410.2053.8773_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4D9B6170-D219-4250-970D-77E06D862AA7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3407.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4F9B934B-2D78-4088-9705-4467BC9916DC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3407.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0F141A20-72FC-4972-8871-A5F31B9F99DF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3407.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4DFAE5EF-C512-4268-A22A-FEDD4813272D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3407.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3BD1574A-152C-4342-9D7E-121A60270642}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5D4695C2-F74F-4359-A0A0-6CC7505664E8}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B40082C2-6C99-46BF-AB14-BAF27A4B93AA}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A813274F-F031-4EC2-B9B1-02D1E7AF24BF}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B5037847-DAD4-44FA-9745-81FA21CE1693}] => (Allow) C:\Users\dabooker4\AppData\Roaming\Remote Utilities Agent\70170\43F629E616\rutserv.exe (Remote Utilities LLC -> Remote Utilities Pty (Cy) Ltd.)
FirewallRules: [{20D1EDFD-1F16-4A10-94E9-1CDE94FEC878}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{91931E3D-3749-4D3A-ACF0-97F248290502}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{03FBC5E9-E81B-4230-A18B-530A1F8642FA}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23119.303.2080.2726_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{ABA696D0-73C7-46D4-A09C-B1849621D8BA}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23119.303.2080.2726_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{679C8EDA-4943-4150-811B-D7CDCB1A7BFF}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\114.0.1823.58\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{86A50751-4C5F-4DDD-865C-64FD9AC53D7D}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A306AFDC-43FB-4648-A508-3EECF943DF7C}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A7B68B2F-F045-45E9-B7AE-0A58BE35D042}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2ED251B8-E5D9-478D-83BA-38353DFA24D7}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:118.03 GB) (Free:38.16 GB) (32%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (06/26/2023 11:33:47 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (06/26/2023 01:15:47 AM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-3L139AI)
Description: Faulting application name: backgroundTaskHost.exe, version: 10.0.22621.1, time stamp: 0x004687c2
Faulting module name: twinapi.appcore.dll, version: 10.0.22621.1778, time stamp: 0x8a05c015
Exception code: 0xc000027b
Fault offset: 0x00000000000c07f3
Faulting process id: 0x0x2f38
Faulting application start time: 0x0x1d9a7f5a2905359
Faulting application path: C:\WINDOWS\system32\backgroundTaskHost.exe
Faulting module path: C:\Windows\System32\twinapi.appcore.dll
Report Id: ede9f9c3-b924-4447-95a7-c997e6dc48bf
Faulting package full name: AD2F1837.HPSystemEventUtility_1.3.20.0_x64__v10z8vjag6ke6
Faulting package-relative application ID: AD2F1837.HPSystemEventUtility
Error: (06/25/2023 11:57:59 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (06/23/2023 11:37:36 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (06/22/2023 02:23:48 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (06/21/2023 02:03:04 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
Error: (06/21/2023 02:03:04 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
Error: (06/21/2023 01:55:50 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
System errors:
=============
Error: (06/26/2023 01:18:00 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3L139AI)
Description: The server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} did not register with DCOM within the required timeout.
Error: (06/26/2023 01:17:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Avast Browser Update Service (avast) service failed to start due to the following error:
The system cannot find the file specified.
Error: (06/26/2023 01:17:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Intel® SGX AESM service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (06/26/2023 01:17:26 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Intel® SGX AESM service to connect.
Error: (06/25/2023 11:50:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Avast Browser Update Service (avast) service failed to start due to the following error:
The system cannot find the file specified.
Error: (06/25/2023 11:50:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Intel® SGX AESM service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (06/25/2023 11:50:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Intel® SGX AESM service to connect.
Error: (06/25/2023 11:48:21 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 2:14:35 PM on 6/23/2023 was unexpected.
Windows Defender:
================
Date: 2023-06-23 12:29:11
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-06-21 14:30:13
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-06-15 15:55:52
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-06-13 23:59:53
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-06-02 11:26:38
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]
Date: 2023-06-11 23:48:32
Description:
Microsoft Defender Antivirus engine has been terminated due to an unexpected error.
Failure Type: Crash
Exception code: 0xc0000005
Resource:
Engine Code: 0
Date: 2023-03-31 11:51:30
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.385.372.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.20100.6
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2023-03-31 11:51:30
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.385.372.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.20100.6
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2023-03-31 11:51:30
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.385.372.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.20100.6
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
CodeIntegrity:
===============
Date: 2023-06-26 00:02:27
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2023-06-22 14:20:22
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-06-11 23:48:39
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\fcon.dll because the set of per-page image hashes could not be found on the system.
Date: 2023-06-05 23:49:48
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-05-22 07:35:55
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: Insyde F.07 07/03/2019
Motherboard: HP 85C4
Processor: Intel® Core™ i5-8265U CPU @ 1.60GHz
Percentage of memory in use: 81%
Total physical RAM: 8013.43 MB
Available physical RAM: 1499.66 MB
Total Virtual: 12109.43 MB
Available Virtual: 4317.7 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:118.03 GB) (Free:38.16 GB) (Model: SAMSUNG MZNLN128HAHQ-000H1) NTFS
\\?\Volume{a93fde6b-0feb-4090-a310-ac8681fc6550}\ () (Fixed) (Total:0.93 GB) (Free:0.07 GB) NTFS
\\?\Volume{03b8f40e-c8e2-4b67-9453-ed6c5f854f74}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: A50E1C7D)
Partition: GPT.
==================== End of Addition.txt =======================
Sign In
Create Account
