It's still having issues with being slow but the keyboard and popup issues have ceased.
The USB disk still is not working properly but I guess that could be a hardware issue but not sure.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-08-2023 01
Ran by Cassandra Rabius (administrator) on CASEY (HP HP Laptop 14-dq0xxx) (18-08-2023 12:11:59)
Running from C:\Users\Cassandra Rabius\OneDrive\Desktop\FRST64.exe
Loaded Profiles: Cassandra Rabius
Platform: Microsoft Windows 11 Home Version 21H2 22000.2295 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.13900.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\115.0.1901.203\msedgewebview2.exe <6>
(DriverStore\FileRepository\cui_dch.inf_amd64_ba355e1f8cdccc52\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ba355e1f8cdccc52\igfxEM.exe
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_1b947ae46142bb62\x64\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_1b947ae46142bb62\x64\BridgeCommunication.exe
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.3.31.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <9>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\115.0.1901.203\identity_helper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <6>
(SECOMN64.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Sound Research, Corp.) C:\Windows\System32\SECOCL64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_5368297359c68ea4\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_1b947ae46142bb62\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_1b947ae46142bb62\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_1b947ae46142bb62\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_1b947ae46142bb62\x64\SysInfoCap.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ba355e1f8cdccc52\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_2ca0a47853f51398\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a84f31b20764b965\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_fa6c5f4c225d2eae\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_fa6c5f4c225d2eae\IntelCpHeciSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_9d48faf1e1edea3c\RtkAudUService64.exe <2>
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(sihost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> ) C:\Program Files\WindowsApps\AD2F1837.myHP_25.52330.450.0_x64__v10z8vjag6ke6\win32\DesktopExtension.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> ) C:\Program Files\WindowsApps\AD2F1837.myHP_25.52330.450.0_x64__v10z8vjag6ke6\HP.myHP.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Cassandra Rabius\AppData\Local\Microsoft\OneDrive\23.153.0724.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.13900.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_9d48faf1e1edea3c\RtkAudUService64.exe [3454904 2022-04-05] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKU\S-1-5-21-974111299-3066080161-2476872172-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [537136 2023-08-17] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-974111299-3066080161-2476872172-1001\...\Run: [MicrosoftEdgeAutoLaunch_E0387654E8B6AB07DC2B4CA56C9F8317] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4088272 2023-08-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-974111299-3066080161-2476872172-1001\...\MountPoints2: {d87899a2-6622-11ed-adbd-346f249588e6} - "D:\LaunchU3.exe" -a
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\115.0.5790.173\Installer\chrmstp.exe [2023-08-16] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {E562DD07-11F0-4B79-A381-FBEB02743B60} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {88064B92-D2DD-4574-A33C-F42AFDB36CAF} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Cassandra Rabius\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2023-08-18] (ESET, spol. s r.o. -> ESET)
Task: {3039C65E-FE09-49F6-9BE0-6EA36529D364} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Cassandra Rabius\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2023-08-18] (ESET, spol. s r.o. -> ESET)
Task: {4149D30B-7F02-4BF0-BB09-6C5EE9EB3832} - System32\Tasks\GoogleUpdateTaskMachineCore{AC1BE0AE-B37D-48F3-ABEE-C5CAC42665FC} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-19] (Google LLC -> Google LLC)
Task: {C12960B7-16B1-4E8C-8B17-17D7C069E705} - System32\Tasks\GoogleUpdateTaskMachineUA{1A1CE60F-82D7-4D22-94D2-03261D5833DB} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-19] (Google LLC -> Google LLC)
Task: {1C64B289-08C5-40D2-B348-CA9AAB0DE1B4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [702512 2023-07-25] (HP Inc. -> HP Inc.)
Task: {F287E84A-3517-476F-B7F7-814500ADFE64} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2023-07-25] (HP Inc. -> HP Inc.)
Task: {671B345C-F4B4-4F34-8EE7-18EADFEDC921} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1145896 2023-07-25] (HP Inc. -> HP Inc.)
Task: {7B813705-24A3-4516-9578-822EC50ABCB2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1145896 2023-07-25] (HP Inc. -> HP Inc.)
Task: {EB141A5C-CE31-439F-98DB-C3876A5F88DE} - System32\Tasks\HP\Consent Manager Launcher => C:\windows\system32\sc.exe [94208 2021-06-05] (Microsoft Windows -> Microsoft Corporation) -> start hptouchpointanalyticsservice
Task: {91F0682F-A00D-4799-88F8-5A43985DDAB9} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26656848 2023-08-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {A8FB6984-989C-4B94-8F12-BEB045907BB1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26656848 2023-08-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {3B891E40-94D0-4DED-89CD-84670A2F703D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158872 2023-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {77683ADC-B480-440D-9A94-0B02781C6121} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158872 2023-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {5360D318-56FA-482F-B3FE-3349A56AAC31} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [167864 2023-08-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {82D4722F-6778-4A59-8A89-18781E55CE2D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D4607F68-0320-4CB9-8179-75C943FDDDFA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5EB34C91-9C04-4642-BE4C-871DB410E581} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {79CF1AEC-1EA0-4BEA-9412-CCC83732F19A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-11] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 66.94.188.223 66.94.188.222 66.94.188.224
Tcpip\..\Interfaces\{da06c8f6-9b90-48c8-896c-3b29e6fbcf4b}: [DhcpNameServer] 66.94.188.223 66.94.188.222 66.94.188.224
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Cassandra Rabius\AppData\Local\Microsoft\Edge\User Data\Default [2023-08-18]
Edge Notifications: Default -> hxxps://meet.google.com; hxxps://thoalinthal.co.in
Edge Extension: (Edge relevant text changes) - C:\Users\Cassandra Rabius\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-08-08]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-08-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-08-01] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-08-02] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Cassandra Rabius\AppData\Local\Google\Chrome\User Data\Default [2023-08-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Cassandra Rabius\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-19]
CHR Profile: C:\Users\Cassandra Rabius\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-08-18]
CHR Profile: C:\Users\Cassandra Rabius\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-08-18]
CHR Extension: (Google Docs Offline) - C:\Users\Cassandra Rabius\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Cassandra Rabius\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-21]
CHR Profile: C:\Users\Cassandra Rabius\AppData\Local\Google\Chrome\User Data\System Profile [2023-08-18]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11878368 2023-08-04] (Microsoft Corporation -> Microsoft Corporation)
R2 HPAppHelperCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_1b947ae46142bb62\x64\AppHelperCap.exe [888216 2023-06-22] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_1b947ae46142bb62\x64\DiagsCap.exe [887192 2023-06-22] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_1b947ae46142bb62\x64\NetworkCap.exe [883088 2023-06-22] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_1b947ae46142bb62\x64\SysInfoCap.exe [887696 2023-06-22] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_5368297359c68ea4\x64\TouchpointAnalyticsClientService.exe [497792 2023-06-15] (HP Inc. -> HP Inc.)
R2 SECOMNService; C:\windows\System32\SECOMN64.exe [743400 2022-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Sound Research, Corp.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\NisSrv.exe [3104488 2023-08-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe [133576 2023-08-11] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AmUStor; C:\windows\system32\drivers\AmUStorU.sys [135296 2020-12-01] (Alcorlink Corp. -> )
S3 AppleLowerFilter; C:\windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 GSCAuxDriver; C:\windows\System32\DriverStore\FileRepository\gscauxdriver.inf_amd64_47dea9773e9dfab7\GSCAuxDriverx64.sys [78904 2021-07-13] (Intel Corporation -> Intel Corporation)
S3 GSCx64; C:\windows\System32\DriverStore\FileRepository\gscheci.inf_amd64_1027aa064fe1f3f7\TeeDriverGSCW8x64.sys [258112 2021-07-13] (Intel Corporation -> Intel Corporation)
R3 HPCustomCapDriver; C:\windows\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
S3 rtux64w10; C:\windows\System32\DriverStore\FileRepository\rtux64w10.inf_amd64_a39ece60dbc76c55\rtux64w10.sys [683520 2021-06-05] (Microsoft Windows -> Realtek Corporation)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\windows\System32\drivers\wd\WdBoot.sys [55704 2023-08-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [103656 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\windows\System32\drivers\wd\WdFilter.sys [572656 2023-08-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\windows\System32\drivers\wd\WdNisDrv.sys [104688 2023-08-11] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\windows\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-08-18 11:22 - 2023-08-18 11:32 - 000000000 ____D C:\Users\Cassandra Rabius\AppData\Roaming\Microsoft\MMC
2023-08-18 10:48 - 2023-08-18 10:48 - 000003882 _____ C:\windows\system32\Tasks\EOSv3 Scheduler onLogOn
2023-08-18 10:48 - 2023-08-18 10:48 - 000003440 _____ C:\windows\system32\Tasks\EOSv3 Scheduler onTime
2023-08-18 08:07 - 2023-08-18 08:46 - 000001396 _____ C:\Users\Cassandra Rabius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2023-08-18 08:07 - 2023-08-18 08:07 - 000000000 ____D C:\Users\Cassandra Rabius\AppData\Local\ESET
2023-08-17 10:18 - 2023-08-17 10:18 - 000000000 ___HD C:\$WinREAgent
2023-08-17 09:42 - 2023-08-18 12:12 - 000000000 ____D C:\FRST
2023-08-11 16:11 - 2023-08-14 19:24 - 000000000 ____D C:\windows\system32\Tasks\NCH Software
2023-08-11 16:11 - 2023-08-11 16:12 - 000000000 ____D C:\Users\Cassandra Rabius\AppData\Roaming\NCH Software
2023-08-11 16:11 - 2023-08-11 16:11 - 002844328 _____ (NCH Software) C:\Users\Cassandra Rabius\Downloads\WavePadAudioEditingSoftware.exe
2023-08-11 16:11 - 2023-08-11 16:11 - 000002112 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Suite.lnk
2023-08-11 16:11 - 2023-08-11 16:11 - 000001348 _____ C:\Users\Public\Desktop\NCH Suite.lnk
2023-08-11 16:11 - 2023-08-11 16:11 - 000001332 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WavePad Sound Editor.lnk
2023-08-11 16:11 - 2023-08-11 16:11 - 000001320 _____ C:\Users\Public\Desktop\WavePad Sound Editor.lnk
2023-08-11 16:11 - 2023-08-11 16:11 - 000000000 ____D C:\Users\Cassandra Rabius\NCH Software Suite
2023-08-11 16:11 - 2023-08-11 16:11 - 000000000 ____D C:\ProgramData\NCH Software
2023-08-11 16:11 - 2023-08-11 16:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
2023-08-11 16:11 - 2023-08-11 16:11 - 000000000 ____D C:\Program Files (x86)\NCH Software
2023-08-11 16:10 - 2023-08-11 16:10 - 002844328 _____ (NCH Software) C:\Users\Cassandra Rabius\Downloads\wpsetup.exe
2023-07-21 08:04 - 2023-07-21 08:04 - 000000000 ____D C:\Users\Cassandra Rabius\OneDrive\Documents\New folder
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-08-18 12:08 - 2021-06-05 07:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-08-18 12:04 - 2021-06-05 07:10 - 000000000 ____D C:\windows\SystemTemp
2023-08-18 12:00 - 2022-02-19 21:23 - 000000000 ____D C:\Program Files (x86)\Google
2023-08-18 11:57 - 2021-06-25 13:15 - 000854410 _____ C:\windows\system32\PerfStringBackup.INI
2023-08-18 11:57 - 2021-06-05 07:09 - 000000000 ____D C:\windows\INF
2023-08-18 11:54 - 2021-12-29 19:15 - 000000000 ___RD C:\Users\Cassandra Rabius\OneDrive
2023-08-18 11:54 - 2021-06-05 07:10 - 000000000 ____D C:\windows\AppReadiness
2023-08-18 11:53 - 2021-12-29 19:12 - 000000000 __SHD C:\Users\Cassandra Rabius\IntelGraphicsProfiles
2023-08-18 11:53 - 2021-11-18 17:16 - 000000000 ____D C:\Intel
2023-08-18 11:53 - 2021-06-25 13:10 - 000012288 ___SH C:\DumpStack.log.tmp
2023-08-18 11:53 - 2021-06-25 13:10 - 000000006 ____H C:\windows\Tasks\SA.DAT
2023-08-18 11:53 - 2021-06-05 07:10 - 000000000 ____D C:\windows\ServiceState
2023-08-18 11:38 - 2021-06-05 07:01 - 000786432 _____ C:\windows\system32\config\BBI
2023-08-18 11:21 - 2021-12-30 21:10 - 000000000 ____D C:\Users\Cassandra Rabius\AppData\Local\ElevatedDiagnostics
2023-08-18 10:44 - 2021-06-25 13:10 - 000000000 ____D C:\windows\system32\SleepStudy
2023-08-18 09:43 - 2021-06-05 07:10 - 000000000 ___HD C:\Program Files\WindowsApps
2023-08-18 07:50 - 2022-03-22 11:21 - 000000000 ____D C:\windows\system32\Tasks\Hewlett-Packard
2023-08-18 07:33 - 2021-06-25 13:10 - 000503312 _____ C:\windows\system32\FNTCACHE.DAT
2023-08-18 07:32 - 2021-06-05 07:10 - 000000000 ___RD C:\windows\ImmersiveControlPanel
2023-08-18 07:32 - 2021-06-05 07:10 - 000000000 ____D C:\windows\SysWOW64\WinMetadata
2023-08-18 07:32 - 2021-06-05 07:10 - 000000000 ____D C:\windows\SysWOW64\setup
2023-08-18 07:32 - 2021-06-05 07:10 - 000000000 ____D C:\windows\SysWOW64\Dism
2023-08-18 07:32 - 2021-06-05 07:10 - 000000000 ____D C:\windows\SystemResources
2023-08-18 07:32 - 2021-06-05 07:10 - 000000000 ____D C:\windows\system32\WinMetadata
2023-08-18 07:32 - 2021-06-05 07:10 - 000000000 ____D C:\windows\system32\setup
2023-08-18 07:32 - 2021-06-05 07:10 - 000000000 ____D C:\windows\system32\SecureBootUpdates
2023-08-18 07:32 - 2021-06-05 07:10 - 000000000 ____D C:\windows\system32\oobe
2023-08-18 07:32 - 2021-06-05 07:10 - 000000000 ____D C:\windows\system32\Dism
2023-08-18 07:32 - 2021-06-05 07:10 - 000000000 ____D C:\windows\system32\appraiser
2023-08-18 07:32 - 2021-06-05 07:10 - 000000000 ____D C:\windows\bcastdvr
2023-08-18 07:29 - 2022-01-12 12:42 - 000000000 ____D C:\Users\Cassandra Rabius\AppData\LocalLow\Temp
2023-08-18 07:27 - 2021-06-05 07:01 - 000000000 ____D C:\windows\CbsTemp
2023-08-18 07:14 - 2021-12-29 19:08 - 000000000 ____D C:\Users\Cassandra Rabius\AppData\Local\Packages
2023-08-18 07:14 - 2021-06-25 13:11 - 000000000 ____D C:\ProgramData\Packages
2023-08-17 21:15 - 2021-06-05 07:10 - 000000000 ____D C:\windows\LiveKernelReports
2023-08-17 10:23 - 2021-06-25 13:13 - 003110400 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintConfig.dll
2023-08-17 09:32 - 2022-05-07 01:53 - 000000000 ___HD C:\$WINDOWS.~BT
2023-08-16 21:42 - 2021-12-29 19:19 - 000000000 ____D C:\Users\Cassandra Rabius\AppData\Roaming\Microsoft\Word
2023-08-16 16:12 - 2021-12-30 21:02 - 000000000 ____D C:\Users\Cassandra Rabius\AppData\Roaming\Microsoft\Excel
2023-08-16 15:58 - 2022-02-19 21:25 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-08-16 15:58 - 2022-02-19 21:25 - 000002213 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-08-16 00:57 - 2021-12-29 19:19 - 000000000 ____D C:\Users\Cassandra Rabius\AppData\Roaming\Microsoft\Office
2023-08-15 20:02 - 2021-12-29 19:12 - 000000000 ____D C:\Users\Cassandra Rabius\AppData\Local\D3DSCache
2023-08-15 18:47 - 2021-06-25 14:03 - 000000000 ____D C:\windows\Panther
2023-08-13 07:43 - 2021-10-08 04:21 - 000000000 ____D C:\Program Files (x86)\HP
2023-08-13 07:42 - 2021-10-08 04:23 - 000000000 ____D C:\Program Files\Microsoft Office
2023-08-11 22:03 - 2021-12-29 19:15 - 000003588 _____ C:\windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-974111299-3066080161-2476872172-1001
2023-08-11 22:03 - 2021-12-29 19:15 - 000003380 _____ C:\windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-974111299-3066080161-2476872172-1001
2023-08-11 22:03 - 2021-12-29 19:15 - 000002419 _____ C:\Users\Cassandra Rabius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-08-11 17:57 - 2021-06-25 13:10 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-08-11 17:57 - 2021-06-25 13:10 - 000002285 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-08-11 16:11 - 2021-12-29 19:08 - 000000000 ____D C:\Users\Cassandra Rabius
2023-08-11 08:43 - 2021-12-31 23:53 - 000000000 ____D C:\windows\system32\MRT
2023-08-11 08:27 - 2021-12-31 23:53 - 175983240 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2023-08-11 08:03 - 2021-06-25 13:10 - 000000000 ____D C:\windows\system32\Drivers\wd
2023-08-10 06:51 - 2022-03-29 08:27 - 000004562 _____ C:\windows\system32\Tasks\Adobe Acrobat Update Task
2023-08-10 06:50 - 2022-10-19 20:35 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-08-10 06:50 - 2022-10-19 20:35 - 000002068 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-08-02 07:55 - 2022-02-19 21:23 - 000003790 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA{1A1CE60F-82D7-4D22-94D2-03261D5833DB}
2023-08-02 07:55 - 2022-02-19 21:23 - 000003666 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore{AC1BE0AE-B37D-48F3-ABEE-C5CAC42665FC}
2023-07-27 10:38 - 2021-12-29 21:16 - 000918960 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-08-2023 01
Ran by Cassandra Rabius (18-08-2023 12:14:40)
Running from C:\Users\Cassandra Rabius\OneDrive\Desktop
Microsoft Windows 11 Home Version 21H2 22000.2295 (X64) (2021-12-30 07:54:07)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-974111299-3066080161-2476872172-500 - Administrator - Disabled)
Cassandra Rabius (S-1-5-21-974111299-3066080161-2476872172-1001 - Administrator - Enabled) => C:\Users\Cassandra Rabius
DefaultAccount (S-1-5-21-974111299-3066080161-2476872172-503 - Limited - Disabled)
Guest (S-1-5-21-974111299-3066080161-2476872172-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-974111299-3066080161-2476872172-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-FF00-7760-BC15014EA700}) (Version: 23.003.20269 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 115.0.5790.173 - Google LLC)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.16626.20170 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 115.0.1901.203 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 115.0.1901.203 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-974111299-3066080161-2476872172-1001\...\OneDriveSetup.exe) (Version: 23.153.0724.0003 - Microsoft Corporation)
Microsoft OneNote - en-us (HKLM\...\OneNoteFreeRetail - en-us) (Version: 16.0.16626.20170 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{D98EA283-A784-4037-BD51-739D87BFF693}) (Version: 4.73.0.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16626.20170 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16626.20170 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14026.20302 - Microsoft Corporation) Hidden
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 17.66 - NCH Software)
Zoom (HKU\S-1-5-21-974111299-3066080161-2476872172-1001\...\ZoomUMX) (Version: 5.12.2 (9281) - Zoom Video Communications, Inc.)
Packages:
=========
Audiotonic – Audacity rebuilt for Windows 10 -> C:\Program Files\WindowsApps\BluskySoftwareInc.17062EE08491F_2.2.4.0_x86__61yk12x6sxn40 [2022-07-12] (Blusky Software Inc.)
AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.61781.0_x64__8wekyb3d8bbwe [2023-07-21] (Microsoft Corporation)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2022-02-19] (Canon Inc.)
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-08-11] (Microsoft Corporation)
Dropbox Lite -> C:\Program Files\WindowsApps\C27EB4BA.DROPBOX_23.4.19.0_x64__xbfy0k16fey96 [2023-06-11] (Dropbox Inc.)
Energy Star -> C:\Program Files\WindowsApps\AD2F1837.HPInc.EnergyStar_1.2.0.0_x64__v10z8vjag6ke6 [2023-07-18] (HP Inc.)
HP Audio Center -> C:\Program Files\WindowsApps\AD2F1837.HPAudioCenter_1.35.264.0_x64__v10z8vjag6ke6 [2023-07-21] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.3.7.0_x64__v10z8vjag6ke6 [2023-08-17] (HP Inc.)
HP QuickDrop -> C:\Program Files\WindowsApps\AD2F1837.HPQuickDrop_2.5.10921.0_x64__v10z8vjag6ke6 [2022-07-20] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_148.2.1069.0_x64__v10z8vjag6ke6 [2023-08-11] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.28.34.0_x64__v10z8vjag6ke6 [2023-08-09] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.3.31.0_x64__v10z8vjag6ke6 [2023-08-18] (HP Inc.)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5180.0_x64__8j3eq9eme6ctt [2023-08-11] (INTEL CORP) [Startup Task]
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2307.24002.0_x64__8wekyb3d8bbwe [2023-08-09] (Microsoft Corporation) [Startup Task]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.10510.531.0_x64__8wekyb3d8bbwe [2023-06-11] (Microsoft Corporation)
Minecraft Education -> C:\Program Files\WindowsApps\Microsoft.MinecraftEducationEdition_1.20.1200.0_x64__8wekyb3d8bbwe [2023-08-11] (Microsoft Studios)
myHP -> C:\Program Files\WindowsApps\AD2F1837.myHP_25.52330.450.0_x64__v10z8vjag6ke6 [2023-08-13] (HP Inc.) [Startup Task]
OpenCL™ and OpenGL® Compatibility Pack -> C:\Program Files\WindowsApps\Microsoft.D3DMappingLayers_1.2302.1.0_x64__8wekyb3d8bbwe [2023-02-12] (Microsoft Corporation)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2022-03-29] (Adobe Systems Incorporated)
Scanner - Quick and Easy Document Scanning -> C:\Program Files\WindowsApps\9390SimonKnuth.ScannerforWindows10_3.2.5.0_x64__69n05hp4v3s90 [2023-07-20] (Simon Knuth)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.4.14.0_x64__kx24dqmazqk8j [2023-07-20] (Random Salad Games LLC)
Zoom Rooms -> C:\Program Files\WindowsApps\ZoomVideoCommunicationsIn.ZoomRooms_5.2.322.0_x86__r9fg4ykbbcwvc [2023-07-21] (Zoom Video Communications, Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-974111299-3066080161-2476872172-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-974111299-3066080161-2476872172-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
SearchScopes: HKLM -> {80AD2E13-CB3C-4C37-BA97-B0750ABBD19D} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {80AD2E13-CB3C-4C37-BA97-B0750ABBD19D} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2023-07-25] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-08-02] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2023-07-25] (HP Inc. -> HP Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-08-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-08-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-08-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-08-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-08-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-08-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-08-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-08-02] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2021-06-05 07:08 - 2021-06-05 07:08 - 000000824 _____ C:\windows\system32\drivers\etc\hosts
2021-12-29 20:10 - 2021-12-29 20:15 - 000000435 _____ C:\windows\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-974111299-3066080161-2476872172-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\HP Backgrounds\backgroundDefault.jpg
DNS Servers: 66.94.188.223 - 66.94.188.222
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{2E06D2BD-C24E-40E0-BFF2-AF625232D4CD}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5FAA2E39-01FF-4628-A02C-39D7A49E2ACE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.MinecraftEducationEdition_1.20.1200.0_x64__8wekyb3d8bbwe\Minecraft.Windows.exe (Microsoft Corporation -> )
FirewallRules: [{CE9B183B-408A-4C54-8E1D-5A1E205D6481}] => (Allow) C:\Program Files\WindowsApps\Microsoft.MinecraftEducationEdition_1.20.1200.0_x64__8wekyb3d8bbwe\Minecraft.Windows.exe (Microsoft Corporation -> )
FirewallRules: [{920E2990-7E19-4959-AA2D-096CFA000645}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\115.0.1901.203\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5A7A6BE7-BB10-41AD-B5C7-674DDCB38056}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23195.1513.2309.6740_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{284AAD16-7CFD-4FA7-8391-C50B0C6C909C}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23195.1513.2309.6740_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E34D2BE7-DBCD-406A-A2E1-B81679EC1C52}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:57.41 GB) (Free:4.73 GB) (8%)
==================== Faulty Device Manager Devices ============
Name: McAfeeIntegrationDriver Device
Description: McAfeeIntegrationDriver Device
Class Guid: {78a1c341-4539-11d3-b88d-00c04fad5171}
Manufacturer: McAfee
Service: McAfeeIntegrationDriver
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
Name: USB Mass Storage Device
Description: USB Mass Storage Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Compatible USB storage device
Service: USBSTOR
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: McAfeeIntegrationDriver Device
Description: McAfeeIntegrationDriver Device
Class Guid: {78a1c341-4539-11d3-b88d-00c04fad5171}
Manufacturer: McAfee
Service: McAfeeIntegrationDriver
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
==================== Event log errors: ========================
Application errors:
==================
Error: (08/18/2023 08:07:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ESETOnlineScanner.exe, version: 10.23.31.0, time stamp: 0x61e82da2
Faulting module name: WININET.dll, version: 11.0.22000.2245, time stamp: 0x0171adcd
Exception code: 0xc0000005
Fault offset: 0x002f1937
Faulting process id: 0x19c4
Faulting application start time: 0x01d9d1d4e52aa7b3
Faulting application path: C:\Users\Cassandra Rabius\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Faulting module path: C:\windows\SYSTEM32\WININET.dll
Report Id: efd4215b-74aa-412a-bb0c-cdfe1c6b57a0
Faulting package full name:
Faulting package-relative application ID:
Error: (08/16/2023 02:14:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ScreenClippingHost.exe, version: 421.22500.8500.0, time stamp: 0x641e1e03
Faulting module name: ucrtbase.dll, version: 10.0.22000.1, time stamp: 0x00e78ce9
Exception code: 0xc0000409
Fault offset: 0x000000000007c648
Faulting process id: 0x27ac
Faulting application start time: 0x01d9d075d81d4976
Faulting application path: C:\windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\ScreenClippingHost.exe
Faulting module path: C:\windows\System32\ucrtbase.dll
Report Id: ce83269c-8e86-433b-aad8-38b7c20a1a4f
Faulting package full name: MicrosoftWindows.Client.CBS_1000.22001.1000.0_x64__cw5n1h2txyewy
Faulting package-relative application ID: ScreenClipping
Error: (08/14/2023 07:46:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program explorer.exe version 10.0.22000.2003 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 18fc
Start Time: 01d9cde3a2f0c606
Termination Time: 60000
Application Path: C:\Windows\explorer.exe
Report Id: b9c89d21-563b-4b98-b5c3-e27307230a6f
Faulting package full name:
Faulting package-relative application ID:
Hang type: Unknown
Error: (08/13/2023 10:58:13 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete defragmentation on Court-Custody BU Drive (D:) because: The dirty bit is set on this volume. (0x89000015)
Error: (08/13/2023 10:58:13 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete defragmentation on (E:) because: Volumes cannot be optimized due to file system type not supported. (0x8900002F)
Error: (08/12/2023 12:37:18 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete defragmentation on (E:) because: Volumes cannot be optimized due to file system type not supported. (0x8900002F)
Error: (08/06/2023 07:31:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AcrobatNotificationClient.exe, version: 0.0.0.0, time stamp: 0x5b98af46
Faulting module name: combase.dll, version: 10.0.22000.1641, time stamp: 0xecc1b5c4
Exception code: 0xc000027b
Fault offset: 0x00211901
Faulting process id: 0x2278
Faulting application start time: 0x01d9c534d7dc0cf3
Faulting application path: C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
Faulting module path: C:\windows\System32\combase.dll
Report Id: 8ae001a7-090f-48c0-b1ea-df7379558df3
Faulting package full name: ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r
Faulting package-relative application ID: App
Error: (07/27/2023 10:38:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AcrobatNotificationClient.exe, version: 0.0.0.0, time stamp: 0x5b98af46
Faulting module name: combase.dll, version: 10.0.22000.1641, time stamp: 0xecc1b5c4
Exception code: 0xc000027b
Fault offset: 0x00211901
Faulting process id: 0x4cc
Faulting application start time: 0x01d9b9fa370185e9
Faulting application path: C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
Faulting module path: C:\windows\System32\combase.dll
Report Id: 39204404-315a-4337-a19e-25d44dd12643
Faulting package full name: ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r
Faulting package-relative application ID: App
System errors:
=============
Error: (08/18/2023 08:50:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
This driver has been blocked from loading
Error: (08/18/2023 08:50:50 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\CASSAN~1\AppData\Local\Temp\ehdrv.sys
Error: (08/18/2023 08:50:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
This driver has been blocked from loading
Error: (08/18/2023 08:50:49 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\CASSAN~1\AppData\Local\Temp\ehdrv.sys
Error: (08/18/2023 08:50:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
This driver has been blocked from loading
Error: (08/18/2023 08:50:49 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\CASSAN~1\AppData\Local\Temp\ehdrv.sys
Error: (08/18/2023 08:50:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
This driver has been blocked from loading
Error: (08/18/2023 08:50:49 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\CASSAN~1\AppData\Local\Temp\ehdrv.sys
Windows Defender:
================
Date: 2023-08-18 11:03:14
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-08-18 10:58:06
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-08-17 10:32:46
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-08-16 14:33:57
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-08-14 05:31:46
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]
Date: 2023-06-17 12:49:03
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.391.1738.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.23050.3
Error code: 0x80240438
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2023-06-16 14:39:09
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80004005
Error description: Unspecified error
Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.
Date: 2023-05-20 08:42:20
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.389.1706.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.20300.3
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2023-05-20 08:42:20
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.389.1706.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.20300.3
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2023-04-24 12:19:10
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.387.2093.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.20200.4
Error code: 0x80070102
Error description: The wait operation timed out.
CodeIntegrity:
===============
Date: 2023-08-18 10:57:52
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-08-10 06:43:49
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-07-18 23:24:16
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-07-05 17:08:34
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\fcon.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: AMI F.25 03/09/2022
Motherboard: HP 864D
Processor: Intel® Celeron® N4020 CPU @ 1.10GHz
Percentage of memory in use: 77%
Total physical RAM: 3912.01 MB
Available physical RAM: 895.16 MB
Total Virtual: 7824.02 MB
Available Virtual: 4061.13 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:57.41 GB) (Free:4.73 GB) (Model: Samsung CUTB42) NTFS
\\?\Volume{2bcd8da3-dec5-4505-8248-f1d12d81e5dc}\ (Windows RE tools) (Fixed) (Total:0.56 GB) (Free:0.06 GB) NTFS
\\?\Volume{38c9bfc5-4f11-4aac-9dfe-5945a6f7cc77}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.18 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 58.2 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================