Hi.
My computer is relatively new (less than 2 years) and it's finally starting to show a little age. It runs slower than it did. And tonight the sound stopped working. A reboot fixed it but it's an issue that happened. I figure its time I do a good deep clean on it. I run Windows Defender, Avast, and CCleaner semi regularly and they never really turn up anything bad but I figure I should ask people who actually know what they are doing if there is anything I can do to make it run smoother?
Thanks in advance!
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24.01.2024
Ran by 16025 (administrator) on DELL-AWARE (Dell Inc. Inspiron 5400 AIO) (24-01-2024 22:17:15)
Running from C:\Users\16025\OneDrive\Desktop\FRST64.exe
Loaded Profiles: 16025
Platform: Microsoft Windows 10 Home Version 22H2 19045.3930 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe
(C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\acumbrellaagent.exe ->) (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\dnscryptproxy.exe <2>
(C:\Program Files (x86)\Dell\DELLOSD\DellOSDService.exe ->) () [File not signed] C:\Program Files (x86)\Dell\DELLOSD\MediaButtons.exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe ->) (Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RAPS.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_e7169f6c0c719018\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_e7169f6c0c719018\igfxEMN.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <13>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_c6bfc5767fc0181c\WavesSvc64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler64.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <19>
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\Dell\DELLOSD\DellOSDService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\acumbrellaagent.exe
(services.exe ->) (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_e7169f6c0c719018\igfxCUIServiceN.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_07bea76bdbdaf3eb\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_4723f3bb6233afc3\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d4564390a9b1e980\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_0c5a889d0c28d3cc\AS\IAS\IntelAudioService.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_4c10eeff886a3252\RtkAudUService64.exe <3>
(services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks, LLC.) C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_c6bfc5767fc0181c\WavesSysSvc64.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_4c10eeff886a3252\RtkAudUService64.exe [1591680 2022-09-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Windows\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_c6bfc5767fc0181c\WavesSvc64.exe [5083736 2023-02-22] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3571168 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [417176 2023-12-21] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [TeamsMachineUninstallerLocalAppData] => C:\Users\16025\AppData\Local\Microsoft\Teams\Update.exe [2452112 2021-02-17] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM-x32\...\Run: [TeamsMachineUninstallerProgramData] => %ProgramData%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default (No File)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2044568 2023-04-28] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1131488 2023-09-21] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44540320 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4386664 2023-12-07] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\Run: [Amazon Music Helper] => "C:\Users\16025\AppData\Local\Amazon Music\Amazon Music Helper.exe" (No File)
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [11556768 2024-01-13] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\Run: [MicrosoftEdgeAutoLaunch_4E4EB74741524C98ED0A45FD6E827AD7] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3854376 2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\MountPoints2: {5bf33d98-6ff9-11eb-b00b-683e26e9b8e3} - "E:\EasySuite.exe"
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\MountPoints2: {d3047084-7728-11eb-b00c-683e26e9b8e3} - "E:\EasySuite.exe"
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\MountPoints2: {d5c0f209-6f33-11eb-b00a-683e26e9b8e3} - "E:\EasySuite.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\120.0.6099.225\Installer\chrmstp.exe [2024-01-19] (Google LLC -> Google LLC)
Startup: C:\Users\16025\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2022-05-08]
ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.) [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {17AB4F61-C88E-4CCA-B5B8-D1BB5295864C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {BBDDF1FD-3782-46E6-958B-C251496687E8} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3571168 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {AF9BE179-CD81-4946-B2BF-AFDE2069C306} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3807712 2023-09-21] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {66D2FB44-D519-4313-91EA-E5AB719047E8} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5094808 2023-12-21] (Avast Software s.r.o. -> AVAST Software)
Task: {3E9A9189-13A5-424D-B332-E516D38AA5DE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-01] (Avast Software s.r.o. -> Avast Software)
Task: {F623DD7D-AF14-402E-839E-117974B793A8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {996B169E-B566-4758-A784-D877B6E2CFFD} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "5865714b-f283-48da-9b31-f7a77d5b087d" --version "6.20.10897" --silent
Task: {65E04514-FBB8-42C1-8E15-3E527CAED211} - System32\Tasks\CCleanerSkipUAC - 16025 => C:\Program Files\CCleaner\CCleaner.exe [38319520 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {5036B7B4-DC7A-4D74-96D1-E890A889AB66} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-13] (Google LLC -> Google LLC)
Task: {F015F0D2-9A9A-49F6-A172-C9FFF46B17CF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-13] (Google LLC -> Google LLC)
Task: {079ECA76-7D4B-45B3-87FC-1C083C32EEF2} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425192 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {75C214A0-955B-4075-85D3-EEC27F2E31C5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425192 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {8A8E108D-DF13-46E6-941E-4E1FD5587D8A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305744 2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {6E231E93-1B66-4376-B075-B0B0580EF9D3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305744 2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {8086C973-FA44-46D7-B852-744F0C68B25A} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170048 2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {620E2F3E-3775-4AFC-9AC6-4A811CB795CE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {72604199-4F49-4326-8DF6-5AB1670617A3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C14D8CDE-07FA-4347-B97F-DEFEBFF5BF1D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D5FB46FF-E8D3-4E4A-A287-EE02A734291C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AA030596-5AAF-43F5-B0B1-029833343440} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671648 2024-01-24] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {B58B3802-0A84-40BD-ADA8-6FB80F83362A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34720 2024-01-24] (Mozilla Corporation -> Mozilla Foundation)
Task: {26AB275B-20AC-4857-9465-B03B20865925} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [96520 2021-08-13] (Rivet Networks LLC -> DELL)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{f5ce493f-8ee0-4d83-9848-2d24100d63ea}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{f5ce493f-8ee0-4d83-9848-2d24100d63ea}\05968756C6F543137393: [DhcpNameServer] 192.168.172.115
Tcpip\..\Interfaces\{f5ce493f-8ee0-4d83-9848-2d24100d63ea}\3554455505D253548333: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{f5ce493f-8ee0-4d83-9848-2d24100d63ea}\3554455505D264531413: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{f5ce493f-8ee0-4d83-9848-2d24100d63ea}\4427455656478653: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\16025\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-24]
Edge Extension: (Google Docs Offline) - C:\Users\16025\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-19]
Edge Extension: (Edge relevant text changes) - C:\Users\16025\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-23]
FireFox:
========
FF DefaultProfile: xtqbi6nr.default
FF ProfilePath: C:\Users\16025\AppData\Roaming\Mozilla\Firefox\Profiles\xtqbi6nr.default [2021-02-13]
FF ProfilePath: C:\Users\16025\AppData\Roaming\Mozilla\Firefox\Profiles\o1xe5kkf.default-release [2024-01-24]
FF Homepage: Mozilla\Firefox\Profiles\o1xe5kkf.default-release -> hxxps://www.google.com/
FF Notifications: Mozilla\Firefox\Profiles\o1xe5kkf.default-release -> hxxps://gameflip.com
FF Extension: (AdBlocker Ultimate) - C:\Users\16025\AppData\Roaming\Mozilla\Firefox\Profiles\o1xe5kkf.default-release\Extensions\[email protected] [2023-11-29]
FF Extension: (uBlock Origin) - C:\Users\16025\AppData\Roaming\Mozilla\Firefox\Profiles\o1xe5kkf.default-release\Extensions\[email protected] [2024-01-09]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\16025\AppData\Roaming\Mozilla\Firefox\Profiles\o1xe5kkf.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2022-10-10]
FF Extension: (Rakuten: Get Cash Back For Shopping) - C:\Users\16025\AppData\Roaming\Mozilla\Firefox\Profiles\o1xe5kkf.default-release\Extensions\{35d6291e-1d4b-f9b4-c52f-77e6410d1326}.xpi [2023-12-21]
FF Extension: (Bitwarden - Free Password Manager) - C:\Users\16025\AppData\Roaming\Mozilla\Firefox\Profiles\o1xe5kkf.default-release\Extensions\{446900e4-71c2-419f-a6a7-df9c091e268b}.xpi [2024-01-16]
FF Extension: (Popup Blocker Ultimate) - C:\Users\16025\AppData\Roaming\Mozilla\Firefox\Profiles\o1xe5kkf.default-release\Extensions\{60B7679C-BED9-11E5-998D-8526BB8E7F8B}.xpi [2023-11-07]
FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\16025\AppData\Roaming\Mozilla\Firefox\Profiles\o1xe5kkf.default-release\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2023-08-14]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-01-13] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2023-09-21] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2023-09-21] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\16025\AppData\Local\Google\Chrome\User Data\Default [2024-01-24]
CHR Extension: (uBlock Origin) - C:\Users\16025\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-01-15]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\16025\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-12-16]
CHR Extension: (Google Docs Offline) - C:\Users\16025\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-17]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\16025\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-01-24]
CHR Extension: (New XKit) - C:\Users\16025\AppData\Local\Google\Chrome\User Data\Default\Extensions\inobiceghmpkaklcknpniboilbjmlald [2021-02-13] [UpdateUrl:hxxps://new-xkit.github.io/XKit/Extensions/dist/page/FirefoxUpdate.json] <==== ATTENTION
CHR Extension: (GIFit!) - C:\Users\16025\AppData\Local\Google\Chrome\User Data\Default\Extensions\khoojcphcmgcplkpckkjpdlloooifgec [2021-02-13]
CHR Extension: (Coupert - Automatic Coupon Finder & Cashback) - C:\Users\16025\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfidniedemcgceagapgdekdbmanojomk [2024-01-24]
CHR Extension: (Fluff Busting Purity) - C:\Users\16025\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkinhboiljjkhaknpaeaicmdjhagpep [2024-01-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\16025\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-13]
CHR Profile: C:\Users\16025\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-01-17]
CHR Profile: C:\Users\16025\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-01-17]
CHR DownloadDir: D:\Downloads
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\16025\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-09-10]
CHR Extension: (Google Docs Offline) - C:\Users\16025\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\16025\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-14]
CHR Profile: C:\Users\16025\AppData\Local\Google\Chrome\User Data\System Profile [2024-01-24]
CHR HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 acswgagent; C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\acswgagent.exe [752280 2023-04-28] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
R3 acumbrellaagent; C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\acumbrellaagent.exe [560792 2023-04-28] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944096 2023-09-21] (Adobe Inc. -> Adobe Inc.)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3896288 2023-01-19] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [9065880 2023-12-21] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [753048 2023-12-21] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2335128 2023-12-21] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [1157528 2023-12-21] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-05-20] (Avast Software s.r.o. -> AVAST Software)
R2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1082784 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13777080 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [21400 2022-03-23] (Dell Inc -> Dell INC.)
R2 Dell WMI Service; C:\Program Files (x86)\Dell\DELLOSD\DellOSDService.exe [118784 2021-02-23] () [File not signed]
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [44328 2022-03-16] (Dell Inc -> )
R2 IntelAudioService; C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_0c5a889d0c28d3cc\AS\IAS\IntelAudioService.exe [532000 2022-06-13] (Intel Corporation -> Intel)
R2 RAPSService; C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe [66296 2021-08-13] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [66296 2021-08-13] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 SmartByte Analytics Service; C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe [1633040 2021-08-13] (Rivet Networks LLC -> Rivet Networks)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2390800 2021-08-13] (Rivet Networks LLC -> Rivet Networks)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\NisSrv.exe [3174840 2024-01-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MsMpEng.exe [133592 2024-01-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\Windows\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 acsock; C:\Windows\system32\DRIVERS\acsock64.sys [310216 2023-04-28] (Microsoft Windows Hardware Compatibility Publisher -> Cisco Systems, Inc.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [243136 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [394008 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [297984 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [96064 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [26616 2023-11-27] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [39752 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [276848 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [561888 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [105352 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [80528 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [952856 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [711664 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [213296 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [319672 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [282624 2023-08-10] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [147968 2022-04-14] (Microsoft Corporation) [File not signed]
R3 dc3d; C:\Windows\System32\drivers\dc3d.sys [47616 2011-05-18] (Hardware Group Test Cert -> Microsoft Corporation)
R3 IntcUSB; C:\Windows\System32\DriverStore\FileRepository\intcusb.inf_amd64_566db4e95fcf6757\IntcUSB.sys [891944 2022-06-13] (Intel Corporation -> Intel® Corporation)
S3 IntelGNA; C:\Windows\System32\DriverStore\FileRepository\gna.inf_amd64_c08af0e43cbc91c3\gna.sys [83856 2020-08-04] (Gaussian Mixture Models and Neural Networks Accelerator -> Intel Corporation)
S3 ScrHIDDriver3; C:\Windows\System32\drivers\ScrHIDDriver3.sys [63296 2021-10-01] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
R3 SmbCoSvc; C:\Windows\system32\DRIVERS\SmbCo10X64.sys [166032 2021-08-13] (Intel Corporation -> Rivet Networks, LLC.)
S3 vpnva; C:\Windows\System32\drivers\vpnva64-6.sys [74064 2023-04-28] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [55856 2024-01-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [594304 2024-01-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105856 2024-01-19] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\Windows\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-01-24 22:17 - 2024-01-24 22:17 - 002389504 _____ (Farbar) C:\Users\16025\OneDrive\Desktop\FRST64.exe
2024-01-24 22:17 - 2024-01-24 22:17 - 000031813 _____ C:\Users\16025\OneDrive\Desktop\FRST.txt
2024-01-24 22:17 - 2024-01-24 22:17 - 000000000 ____D C:\Users\16025\OneDrive\Desktop\FRST-OlderVersion
2024-01-24 22:16 - 2024-01-24 22:17 - 000000000 ____D C:\FRST
2024-01-24 22:08 - 2024-01-24 22:08 - 000000283 _____ C:\Windows\gethelp_audiotroubleshooter_latestpackage.zip
2024-01-17 22:12 - 2024-01-18 21:55 - 000000666 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2024-01-17 22:12 - 2024-01-17 22:12 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2024-01-17 22:12 - 2024-01-17 22:12 - 000003382 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2024-01-16 23:01 - 2024-01-16 23:01 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2024-01-16 23:01 - 2024-01-16 23:01 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-01-15 21:47 - 2024-01-16 23:00 - 000000000 ____D C:\Users\16025\AppData\Local\Adobe
2024-01-14 22:27 - 2024-01-14 22:59 - 000000000 ____D C:\Users\16025\OneDrive\Desktop\Pipboy
2024-01-14 12:57 - 2024-01-14 12:57 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-01-12 23:48 - 2024-01-12 23:48 - 000645729 _____ (WDS Team) C:\Users\16025\Downloads\windirstat1_1_2_setup (1).exe
2024-01-12 23:48 - 2024-01-12 23:48 - 000001116 _____ C:\Users\16025\OneDrive\Desktop\WinDirStat.lnk
2024-01-10 22:23 - 2024-01-10 22:24 - 000000000 ___HD C:\$WinREAgent
2024-01-04 21:09 - 2024-01-04 21:13 - 000000000 ____D C:\Users\16025\OneDrive\Desktop\Desktop Papers
2023-12-29 23:32 - 2023-12-29 23:32 - 000035503 _____ C:\Users\16025\Downloads\2023_12_29_23_32_43.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-01-24 22:16 - 2021-01-17 02:57 - 000795738 _____ C:\Windows\system32\PerfStringBackup.INI
2024-01-24 22:16 - 2019-12-07 02:13 - 000000000 ____D C:\Windows\INF
2024-01-24 22:12 - 2021-12-16 00:05 - 000000000 ____D C:\Windows\SystemTemp
2024-01-24 22:12 - 2021-02-13 13:00 - 000000000 ____D C:\Program Files (x86)\Google
2024-01-24 22:11 - 2022-02-09 20:42 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-01-24 22:10 - 2021-09-19 23:27 - 000000000 ____D C:\Program Files\CCleaner
2024-01-24 22:10 - 2019-12-07 02:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-01-24 22:09 - 2023-12-21 22:26 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-01-24 22:09 - 2021-10-01 10:53 - 000008192 ___SH C:\DumpStack.log.tmp
2024-01-24 22:09 - 2021-02-19 16:21 - 000000000 ____D C:\ProgramData\Avast Software
2024-01-24 22:09 - 2021-02-13 13:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-01-24 22:09 - 2021-02-13 12:49 - 000000000 __SHD C:\Users\16025\IntelGraphicsProfiles
2024-01-24 22:09 - 2021-01-17 03:01 - 000000000 ____D C:\Intel
2024-01-24 22:09 - 2021-01-17 02:50 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-01-24 22:09 - 2019-12-07 02:14 - 000000000 ____D C:\Windows\ServiceState
2024-01-24 22:09 - 2019-12-07 02:03 - 000524288 _____ C:\Windows\system32\config\BBI
2024-01-24 21:50 - 2021-02-13 13:12 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-01-24 21:50 - 2019-12-07 02:14 - 000000000 ____D C:\Windows\AppReadiness
2024-01-24 21:49 - 2019-12-07 02:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-01-23 23:14 - 2021-11-16 14:40 - 000000000 ____D C:\Users\16025\AppData\Roaming\discord
2024-01-23 23:12 - 2021-11-16 14:40 - 000000000 ____D C:\Users\16025\AppData\Local\Discord
2024-01-23 22:00 - 2021-02-13 22:57 - 000000000 ____D C:\Users\16025\AppData\Local\D3DSCache
2024-01-21 23:33 - 2021-02-27 18:29 - 000037997 _____ C:\Users\16025\OneDrive\Desktop\Bills.xlsx
2024-01-19 16:43 - 2021-01-17 02:50 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-01-19 16:33 - 2021-02-15 23:05 - 000918944 _____ (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2024-01-19 16:32 - 2019-12-07 02:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2024-01-19 16:27 - 2021-06-01 08:27 - 000000000 ____D C:\Users\16025\AppData\Local\Avast Software
2024-01-19 07:39 - 2021-01-17 02:50 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-01-19 07:36 - 2021-02-13 13:01 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-01-17 22:18 - 2021-11-09 22:35 - 000000000 ____D C:\Users\16025\AppData\Local\CrashDumps
2024-01-17 22:18 - 2021-10-08 22:28 - 000000000 ____D C:\Program Files (x86)\Steam
2024-01-17 22:03 - 2021-01-17 02:59 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-01-14 23:35 - 2021-02-27 18:29 - 000000000 ____D C:\Users\16025\AppData\Roaming\Microsoft\Excel
2024-01-14 23:12 - 2021-02-16 22:59 - 000000000 ____D C:\Users\16025\AppData\Roaming\Microsoft\Word
2024-01-14 13:04 - 2019-12-07 02:03 - 000000000 ____D C:\Windows\CbsTemp
2024-01-14 12:57 - 2021-01-17 03:08 - 000000000 ____D C:\Program Files\Microsoft Office
2024-01-10 23:22 - 2021-10-15 00:09 - 000439016 _____ C:\Windows\system32\FNTCACHE.DAT
2024-01-10 23:21 - 2019-12-07 02:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2024-01-10 23:21 - 2019-12-07 02:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-01-10 23:21 - 2019-12-07 02:14 - 000000000 ____D C:\Windows\SystemResources
2024-01-10 23:21 - 2019-12-07 02:14 - 000000000 ____D C:\Windows\system32\setup
2024-01-10 23:21 - 2019-12-07 02:14 - 000000000 ____D C:\Windows\ShellExperiences
2024-01-10 23:21 - 2019-12-07 02:14 - 000000000 ____D C:\Windows\bcastdvr
2024-01-10 22:11 - 2021-02-13 21:27 - 000001163 _____ C:\Users\16025\OneDrive\Desktop\pagingmrherman.txt
2024-01-10 21:47 - 2021-02-13 23:47 - 000000000 ____D C:\Windows\system32\MRT
2024-01-10 21:46 - 2021-02-13 23:47 - 189718008 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-01-08 23:29 - 2023-12-15 21:33 - 000002862 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3295701987-2196344191-1615095922-1001
2024-01-08 23:29 - 2021-12-12 10:29 - 000003066 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3295701987-2196344191-1615095922-1001
2024-01-08 23:29 - 2021-09-19 23:27 - 000002254 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - 16025
2024-01-08 23:29 - 2021-02-19 16:23 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2024-01-08 23:29 - 2021-02-13 13:00 - 000003356 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2024-01-08 23:29 - 2021-02-13 13:00 - 000003132 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2024-01-08 23:29 - 2021-01-17 02:59 - 000003462 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-01-08 23:29 - 2021-01-17 02:59 - 000003238 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-01-07 22:40 - 2021-10-08 22:29 - 000000000 ____D C:\Users\16025\AppData\Local\Steam
2024-01-03 22:06 - 2021-02-27 18:29 - 000004839 _____ C:\Users\16025\OneDrive\Desktop\bands to listen to.txt
2023-12-26 21:43 - 2021-02-13 12:49 - 000000000 ____D C:\Users\16025\AppData\Local\Packages
==================== Files in the root of some directories ========
2021-02-14 16:01 - 2021-02-14 16:01 - 000000000 _____ () C:\Users\16025\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24.01.2024
Ran by 16025 (24-01-2024 22:18:44)
Running from C:\Users\16025\OneDrive\Desktop
Microsoft Windows 10 Home Version 22H2 19045.3930 (X64) (2021-02-13 21:39:07)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
16025 (S-1-5-21-3295701987-2196344191-1615095922-1001 - Administrator - Enabled) => C:\Users\16025
Administrator (S-1-5-21-3295701987-2196344191-1615095922-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3295701987-2196344191-1615095922-503 - Limited - Disabled)
Guest (S-1-5-21-3295701987-2196344191-1615095922-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3295701987-2196344191-1615095922-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 23.008.20470 - Adobe)
Adobe Bridge 2022 (HKLM-x32\...\KBRG_12_0_3) (Version: 12.0.3 - Adobe Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 6.0.0.571 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.3.0.49 - Adobe Inc.)
Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_5) (Version: 23.5.0.669 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Amazon Music (HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\Amazon Amazon Music) (Version: 8.8.2.2305 - Amazon.com Services LLC)
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 23.12.6094 - Avast Software)
Bitwarden (HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\173a9bac-6f0d-50c4-8202-4744c69d091a) (Version: 1.32.0 - Bitwarden Inc.)
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.17.0.1 - Canon Inc.)
Canon Utilities EOS Network Setting Tool (HKLM-x32\...\EOS Network Setting Tool) (Version: 1.3.1.1 - Canon Inc.)
Canon Utilities EOS Utility 3 (HKLM-x32\...\EOS Utility 3) (Version: 3.17.0.5 - Canon Inc.)
Canon Utilities EOS Web Service Registration Tool (HKLM-x32\...\EOS Web Service Registration Tool) (Version: 1.17.0.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.20 - Piriform)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.10.07061 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{11E16B39-0FA6-4DF0-9736-73BB638C9924}) (Version: 4.10.07061 - Cisco Systems, Inc.) Hidden
Cisco AnyConnect Umbrella Roaming Security Module (HKLM-x32\...\{2926F2F0-E903-4A6D-910D-F2C8384D0106}) (Version: 4.10.07061 - Cisco Systems, Inc.)
Dell Mobile Connect Driver (HKLM\...\{6F9CB82D-BC34-4FC1-B90D-AFFAC5C85E7B}) (Version: 4.1.7498 - Screenovate Technologies Ltd.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{08E7C8D5-F2B5-4F09-B0EA-F28913BEFDB0}) (Version: 5.5.1.16143 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{2a8bafd6-22ae-4d0e-87a4-686b2a4a2ab0}) (Version: 5.5.1.16143 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{7CA33C94-C7F2-4E31-8F9D-09D03FE0319C}) (Version: 5.5.2.16157 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{85c0b416-3065-407c-9fd8-a1e41780153a}) (Version: 5.5.2.16157 - Dell Inc.)
Dell Update for Windows Universal (HKLM\...\{931EF4E8-D267-4504-A5E9-5DE70B9712E9}) (Version: 4.5.0 - Dell Inc.)
DELLOSD (HKLM-x32\...\{437102ED-22A2-4C3D-BA6B-E5ECAE798DFA}) (Version: 1.0.5.0 - DELL)
Discord (HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\Discord) (Version: 1.0.9003 - Discord Inc.)
Duplicate Cleaner Pro 5.0.0.13 (HKLM-x32\...\{CE197A4F-4776-436C-B9F0-2BD181F9DB2D}) (Version: 5.0.0.13 - DigitalVolcano Software Ltd)
Dynamic Application Loader Host Interface Service (HKLM\...\{74DF895B-001F-456C-BEA4-9254A3FCC5E6}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 120.0.6099.225 - Google LLC)
Google Password Manager (HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\39e7c5a62bc7b95f9fc29cd7b8ffe463) (Version: 1.0 - Google\Chrome)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2218.2.2.0 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{72F03A9B-21C6-4599-95FC-FFB4D9B7F50C}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Driver (HKLM\...\{B9C358AF-2012-4BD3-A476-CAFB5761B5BC}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® ME WMI Provider (HKLM\...\{96EC8F94-3894-4F08-8FEF-227E9F790FFC}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Software Installer (HKLM-x32\...\{1bfc9e76-17dd-4b9e-a76e-467a1ded25f6}) (Version: 22.130.0.5 - Intel Corporation) Hidden
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.17126.20132 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 120.0.2210.144 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.144 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\OneDriveSetup.exe) (Version: 23.246.1127.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 (HKLM-x32\...\{2d507699-404c-4c8b-a54a-38e352f32cdd}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 (HKLM-x32\...\{817e21c1-6b3a-4bc1-8c49-67e4e1887b3a}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 (HKLM\...\{38624EB5-356D-4B08-8357-C33D89A5C0C5}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 (HKLM\...\{C96241EA-9900-4FE8-85B3-1E238D509DF6}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326 (HKLM-x32\...\{A250E750-DB3F-40C1-8460-8EF77C7582DA}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326 (HKLM-x32\...\{46E11E7F-01E1-44D0-BB86-C67342D253DD}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Movavi Video Converter 22 Premium (HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\Movavi Video Converter 22 Premium) (Version: 22.5.0 - Movavi)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 122.0 (x64 en-US)) (Version: 122.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 85.0.2 - Mozilla)
MTG Arena (HKLM\...\{DE7C0930-E11E-431E-8175-00AB4C3BBF5A}) (Version: 0.1.4709 - Wizards of the Coast)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17126.20132 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17126.20132 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 10.57.330.2022 - Realtek)
Realtek PC Camera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.18362.20136 - Realtek Semiconductor Corp.)
SmartByte Drivers and Services (HKLM\...\{A0CDAD3D-0329-4E3E-8DC1-30E333D6564D}) (Version: 3.1.995 - Rivet Networks)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TreeSize Free V4.5.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.5.2 - JAM Software)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
WinDirStat 1.1.2 (HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\WinDirStat) (Version: - )
Windows PC Health Check (HKLM\...\{8B203035-EEAB-4F30-B65A-6F805463498A}) (Version: 2.1.2106.23002 - Microsoft Corporation)
Workflows (HKLM-x32\...\{AF3D4DBD-B681-4938-A5E8-BFEB0B96FC47}) (Version: 3.5.3.0 - SirsiDynix)
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-01-06] ()
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc [2022-05-08] (Adobe Systems Incorporated)
Dell Cinema Guide -> C:\Program Files\WindowsApps\DellInc.DellCinemaGuide_1.0.49.0_x64__htrsf667h5kn2 [2021-02-13] (Dell Inc)
Dell CinemaColor -> C:\Program Files\WindowsApps\PortraitDisplays.DellCinemaColor_2.4.78.0_x64__2dgmkzkw4h30c [2022-08-11] (Portrait Displays)
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.4.9.0_x64__htrsf667h5kn2 [2023-04-11] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_5.0.82.0_x64__htrsf667h5kn2 [2023-09-04] (Dell Inc)
Dell Mobile Connect 3.3 -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0 [2021-09-20] (Screenovate Technologies) [Startup Task]
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_4.5.23.0_x86__htrsf667h5kn2 [2022-04-03] (Dell Inc)
Fitbit -> C:\Program Files\WindowsApps\Fitbit.Fitbit_2.44.1997.0_x64__6mqt6hf9g46tw [2021-11-08] (Fitbit)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5287.0_x64__8j3eq9eme6ctt [2023-12-15] (INTEL CORP) [Startup Task]
Microsoft Teams (work or school) -> C:\Program Files\WindowsApps\MSTeams_23320.3021.2567.4799_x64__8wekyb3d8bbwe [2023-12-16] (Microsoft) [Startup Task]
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-08-15] (Microsoft Corporation)
My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_2.2.6.0_x64__htrsf667h5kn2 [2023-09-10] (Dell Inc)
Partner Promo -> C:\Program Files\WindowsApps\DellInc.PartnerPromo_1.0.21.0_x64__htrsf667h5kn2 [2021-01-17] (Dell Inc)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-01-06] (Microsoft Corporation)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2022-01-04] (Adobe Systems Incorporated)
SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_3.1.1002.0_x64__rh07ty8m5nkag [2023-06-06] (Rivet Networks LLC)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.18.11020.0_x64__8wekyb3d8bbwe [2023-11-06] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0 [2024-01-19] (Spotify AB) [Startup Task]
Waves MaxxAudio Pro for Dell 2020 -> C:\Program Files\WindowsApps\WavesAudio.MaxxAudioProforDell2020_3.0.98.0_x64__fh4rh281wavaa [2021-07-03] (Waves Audio)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3295701987-2196344191-1615095922-1001_Classes\CLSID\{0BAD39CB-DD3E-4F21-9156-649B0156C28E}\localserver32 -> C:\Windows\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_c6bfc5767fc0181c\WavesSvc64.exe (Waves Inc -> Waves Audio Ltd.)
CustomCLSID: HKU\S-1-5-21-3295701987-2196344191-1615095922-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-6BD50D928633} -> [Creative Cloud Files] => C:\Users\16025\Creative Cloud Files [2023-06-04 20:45]
CustomCLSID: HKU\S-1-5-21-3295701987-2196344191-1615095922-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3295701987-2196344191-1615095922-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-3295701987-2196344191-1615095922-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3295701987-2196344191-1615095922-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-09-21] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-09-21] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-09-21] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-12-21] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-12-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-09-21] (Adobe Inc. -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-12-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-12-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-09-21] (Adobe Inc. -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-12-21] (Avast Software s.r.o. -> AVAST Software)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Public\Desktop\WorkFlows 3.5.3.0J.lnk -> C:\Program Files (x86)\Sirsi\JWF\wf.bat ()
ShortcutWithArgument: C:\Users\16025\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\16025\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\edb1424df8e16855\Google Hangouts.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nckgahadagoaajjgafhacjanaoiihapd
ShortcutWithArgument: C:\Users\16025\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Brian (maricopa.edu) - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\sharepoint.com -> hxxps://maricopa-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 02:14 - 2019-12-07 02:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\Control Panel\Desktop\\Wallpaper -> D:\Brians\Pictures From Desktop\vader.jpg
DNS Servers: 68.105.28.11 - 68.105.29.11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Cisco AnyConnect Secure Mobility Agent for Windows"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerLocalAppData"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerProgramData"
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\StartupApproved\StartupFolder: => "EOS Utility.lnk"
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\StartupApproved\Run: => "AdobeBridge"
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\StartupApproved\Run: => "Amazon Music Helper"
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C3BF07E3-05AA-4E5F-B84E-7154166C89A4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{81F8411B-7F23-4E17-896A-A96E053F693A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A5D2FE62-146C-45D5-891E-43D1EC64848D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7E37DD3A-931E-43A2-A8BF-D7A5CF4BB681}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E4323B50-6E4E-45C7-A9A7-EA458825234D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4222E967-1A82-460C-A53D-5558533D87D5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5422D858-1796-4BD7-94E1-6DD674EF8C99}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{12F73319-621C-4FD8-B9BB-B21B76F05A3A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7D551FA7-B7C5-443C-8462-22421F2ADD1B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2EBB2F36-DBE2-46B0-BD6F-F883645C6663}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{11372EC3-61F6-4DFB-B608-EC872DDD3A74}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2F2EF9FA-0EC8-4B81-BACA-6C250D43EB0F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{07FD13BA-1969-44BA-8BF7-1FB652E587A5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{189907FA-C2F7-4C60-8608-F3887D2AA71A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{82024C3A-EC0B-46C3-8C0C-FAFA9DC5ECB7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{32317D73-121C-4C57-A260-A63AE1F4D25C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F7D356C1-FF99-4F37-838F-32D482EB0124}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3D0E5D0A-304A-4177-A9F4-AB496BBE2312}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{13ADA7DF-ADC5-48A2-856E-C6663F6B7068}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1CD6E298-2FF8-4B50-974D-70D6A24330FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F9DCD9ED-65F0-4C87-84AE-248635AE92D0}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{6621CDF6-665B-4CC8-AD78-46578B7850D0}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{5F5B1709-43F1-4E78-BA32-28775607CF0F}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (6B081F61-C764-4F21-995F-B463D0640577 -> Screenovate Technologies Ltd.)
FirewallRules: [{4E97C4A6-201F-4635-BB1F-8FFB724C780A}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (6B081F61-C764-4F21-995F-B463D0640577 -> Screenovate Technologies Ltd.)
FirewallRules: [{48CFC94B-E338-4076-A4D3-9409B7EF2FDD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{52B64DC5-728D-4E40-A06D-DC288B43C39F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{CAB2D9CE-22EA-433C-864C-D0926A781C99}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BFF690CB-0036-429A-A6B3-B9DCFD24650D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3BD5DBA4-A964-4CA4-85D2-B0ADC63098E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dominion\Dominion.exe (Temple Gates Games LLC) [File not signed]
FirewallRules: [{AA56A301-BD3E-4207-8300-74774E27848D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dominion\Dominion.exe (Temple Gates Games LLC) [File not signed]
FirewallRules: [{F46D111F-68E8-46CF-9405-A37B9E1A3836}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraforming Mars\TerraformingMars.exe (Unity Technologies ApS) [File not signed]
FirewallRules: [{D0420F23-21BA-4D15-A05B-3DA5EBFAD75D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraforming Mars\TerraformingMars.exe (Unity Technologies ApS) [File not signed]
FirewallRules: [{12B5C1D4-BC48-433C-BF59-58468B1DA4A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Realms\StarRealms.exe () [File not signed]
FirewallRules: [{43F0288C-F8AB-4A37-8F6D-3F3819756B26}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Realms\StarRealms.exe () [File not signed]
FirewallRules: [{40A0A6C2-197E-468E-B712-8F23D47E762F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{6BFA3588-65CB-46A7-A6BB-FBE55EC75F49}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{55089440-F64F-4B0C-8477-DEE524B7023E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{5D775C17-0C42-406D-B270-7071C0BDBD4F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{E3EC6E04-5DC5-4B33-9EEA-C75FE2686664}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{9325EB9D-D6CD-4210-9859-22195A70813A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{895CCF5C-C9E8-4B8C-9502-B80D719D4FA6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{CABBB39D-60C7-405D-91EA-260A0FD577D9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{A71EB80E-8A5C-4387-B236-D331B56888B7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6452BFB4-80DB-4232-9FBF-02F19F6045A3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D42E7A6D-D741-4415-B788-4C839433670C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3EDB7C10-8BCC-4B17-953E-FFD19A637D31}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{473E0458-DCDC-42FF-A081-EDDEE660D429}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{F40E0194-4821-430A-ACEA-23E437274498}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{C6669722-CF00-41A6-9447-1279987DC57B}C:\users\16025\appdata\local\programs\bitwarden\bitwarden.exe] => (Allow) C:\users\16025\appdata\local\programs\bitwarden\bitwarden.exe (8bit Solutions LLC -> Bitwarden Inc.)
FirewallRules: [UDP Query User{B79B0439-418B-4C8F-BFF0-2B13460664B7}C:\users\16025\appdata\local\programs\bitwarden\bitwarden.exe] => (Allow) C:\users\16025\appdata\local\programs\bitwarden\bitwarden.exe (8bit Solutions LLC -> Bitwarden Inc.)
FirewallRules: [{71422814-10D4-407D-8334-9D6529788843}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe (Canon Inc. -> CANON INC.)
FirewallRules: [{4A224DE9-59FF-47C4-85E0-47232EB3331B}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe (Canon Inc. -> CANON INC.)
FirewallRules: [TCP Query User{303BFB9A-2551-45AF-A880-85A1525C6D72}C:\program files\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files\wizards of the coast\mtga\mtga.exe (Wizards of the Coast LLC -> )
FirewallRules: [UDP Query User{A61BAAC4-9438-420C-9D93-FF47AB775F52}C:\program files\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files\wizards of the coast\mtga\mtga.exe (Wizards of the Coast LLC -> )
FirewallRules: [{A2BEE282-3390-456A-ADCD-A162F2460783}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Munchkin Digital\Munchkin.exe (Dire Wolf Digital, LLC -> )
FirewallRules: [{EE82E217-D7CE-4B2B-A0D4-534773D759EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Munchkin Digital\Munchkin.exe (Dire Wolf Digital, LLC -> )
FirewallRules: [{C1518516-EEB7-43E1-A0D8-B53288BD2CC6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{46823346-3ECB-4860-A663-D68E596FF73F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{518B65B1-9C5E-476D-83F0-C09B171127C1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A5886DBF-4EC1-41A1-9522-206D6C599AF4}] => (Allow) C:\Program Files\WindowsApps\MSTeams_23320.3021.2567.4799_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E172EA93-70A7-4532-90FA-571B51D90ADB}] => (Allow) C:\Program Files\WindowsApps\MSTeams_23320.3021.2567.4799_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{36CFABD2-F8C0-4A2E-A0B7-6C7AC4A775F3}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5AF3632C-3137-47A9-8C30-E8C4441D7FCB}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{39A15BA8-B782-4653-BEAC-DD6114D43AA8}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{457AAC12-CDD2-4C7E-911E-2A77A9F1702A}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{42B9CC6A-0055-4A8A-8F3A-0CFE075DEB4A}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3D105275-6688-4FCD-8A6C-0CC0F2656CFF}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1261E740-0EC3-4759-8428-B87830339A39}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AA9ADF6C-FDA4-4A3B-87B7-2EA668EDC3CF}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EFE338FD-97C2-44E2-AD50-09AC93847FF5}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EF71BDFB-26F3-4D7B-8CE3-AC98A553B543}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5B8233A0-CFC5-424E-9F6E-D7BC1D6C2E1C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5FCA6867-CA02-486C-87E8-B4031C53EEF9}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.144\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:220.87 GB) (Free:88.51 GB) (40%)
==================== Faulty Device Manager Devices ============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (01/24/2024 10:07:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program svchost.exe version 10.0.19041.3636 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: db0
Start Time: 01da4f4984627992
Termination Time: 5
Application Path: C:\Windows\System32\svchost.exe
Report Id: 999f5a14-a4f3-4e52-9100-0d3c6dcede5b
Faulting package full name:
Faulting package-relative application ID:
Hang type: Cross-thread
Error: (01/24/2024 10:05:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 122.0.0.8783 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 2210
Start Time: 01da4f4a178871e8
Termination Time: 18
Application Path: C:\Program Files\Mozilla Firefox\firefox.exe
Report Id: 17b2369d-906e-4947-8400-ba153a919e9e
Faulting package full name:
Faulting package-relative application ID:
Hang type: Unknown
Error: (01/24/2024 10:04:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program svchost.exe version 10.0.19041.3636 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: db0
Start Time: 01da4f4984627992
Termination Time: 4294967295
Application Path: C:\Windows\System32\svchost.exe
Report Id: fe49c191-73dc-4e5e-840f-34612f9bba2c
Faulting package full name:
Faulting package-relative application ID:
Hang type: Unknown
Error: (01/24/2024 09:49:54 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (01/23/2024 10:16:57 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied..This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {c1137f7e-4554-4749-ba43-2a04b24cfc1e}
Error: (01/23/2024 10:15:51 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied..This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {c1137f7e-4554-4749-ba43-2a04b24cfc1e}
Error: (01/23/2024 09:39:34 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (01/23/2024 09:15:07 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
System errors:
=============
Error: (01/24/2024 10:12:37 PM) (Source: DCOM) (EventID: 10001) (User: DELL-AWARE)
Description: Unable to start a DCOM Server: Microsoft.YourPhone_1.23112.87.0_x64__8wekyb3d8bbwe!App.AppX3vhsrrrr4az9vb3h5mjdzkhtshkg5v0x.mca as Unavailable/Unavailable. The error:
"2147942402"
Happened while starting this command:
"C:\Windows\system32\backgroundTaskHost.exe" -ServerName:App.AppXfkd8mejksk4ancwf4vtyhmkvtzn1jcbs.mca
Error: (01/24/2024 10:09:50 PM) (Source: DCOM) (EventID: 10001) (User: DELL-AWARE)
Description: Unable to start a DCOM Server: Microsoft.YourPhone_1.23112.87.0_x64__8wekyb3d8bbwe!App.AppX3vhsrrrr4az9vb3h5mjdzkhtshkg5v0x.mca as Unavailable/Unavailable. The error:
"2147942402"
Happened while starting this command:
"C:\Windows\system32\backgroundTaskHost.exe" -ServerName:App.AppXfkd8mejksk4ancwf4vtyhmkvtzn1jcbs.mca
Error: (01/24/2024 10:09:50 PM) (Source: DCOM) (EventID: 10001) (User: DELL-AWARE)
Description: Unable to start a DCOM Server: Microsoft.YourPhone_1.23112.87.0_x64__8wekyb3d8bbwe!App.AppX91kdh3ds06x33j6rj4xkzvqbn983mp49.mca as Unavailable/Unavailable. The error:
"2147942402"
Happened while starting this command:
"C:\Windows\system32\backgroundTaskHost.exe" -ServerName:App.AppXfkd8mejksk4ancwf4vtyhmkvtzn1jcbs.mca
Error: (01/24/2024 10:09:50 PM) (Source: DCOM) (EventID: 10001) (User: DELL-AWARE)
Description: Unable to start a DCOM Server: Microsoft.YourPhone_1.23112.87.0_x64__8wekyb3d8bbwe!App.AppX3vhsrrrr4az9vb3h5mjdzkhtshkg5v0x.mca as Unavailable/Unavailable. The error:
"2147942402"
Happened while starting this command:
"C:\Windows\system32\backgroundTaskHost.exe" -ServerName:App.AppXfkd8mejksk4ancwf4vtyhmkvtzn1jcbs.mca
Error: (01/24/2024 10:08:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Audio service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
Error: (01/24/2024 10:07:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Audio service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (01/24/2024 09:59:12 PM) (Source: DCOM) (EventID: 10001) (User: DELL-AWARE)
Description: Unable to start a DCOM Server: Microsoft.YourPhone_1.23112.87.0_x64__8wekyb3d8bbwe!App.AppX91kdh3ds06x33j6rj4xkzvqbn983mp49.mca as Unavailable/Unavailable. The error:
"2147942402"
Happened while starting this command:
"C:\Windows\system32\backgroundTaskHost.exe" -ServerName:App.AppXfkd8mejksk4ancwf4vtyhmkvtzn1jcbs.mca
Error: (01/24/2024 09:49:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Mozilla Maintenance Service service terminated with the following error:
Incorrect function.
Windows Defender:
================
Date: 2024-01-23 22:00:33
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-01-23 21:55:53
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-01-21 23:03:43
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-02-18 16:27:45
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-02-18 16:22:42
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
CodeIntegrity:
===============
Date: 2024-01-24 22:12:02
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2024-01-24 22:10:53
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. 1.23.1 10/02/2023
Motherboard: Dell Inc. 0H1TR9
Processor: 11th Gen Intel® Core i5-1135G7 @ 2.40GHz
Percentage of memory in use: 62%
Total physical RAM: 11919.49 MB
Available physical RAM: 4433.3 MB
Total Virtual: 13711.49 MB
Available Virtual: 5371.97 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:220.87 GB) (Free:88.51 GB) (Model: PM991 NVMe Samsung 256GB) (Protected) NTFS
Drive d: (Storage) (Fixed) (Total:931.39 GB) (Free:450.24 GB) (Model: WDC WD10SPZX-75Z10T3) (Protected) NTFS
\\?\Volume{684c3d4a-c862-4581-a7b4-5c97cdda73b3}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.37 GB) NTFS
\\?\Volume{c15026fd-1126-46cb-a6a3-f4940b3c8da0}\ (Image) (Fixed) (Total:14.8 GB) (Free:0.15 GB) NTFS
\\?\Volume{512529dc-bb46-4392-a04b-7d2df97f1506}\ (DELLSUPPORT) (Fixed) (Total:1.55 GB) (Free:0.72 GB) NTFS
\\?\Volume{54456a02-9c41-463b-98ce-88879010ba53}\ (ESP) (Fixed) (Total:0.14 GB) (Free:0.06 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: EDF168EC)
Partition: GPT.
==========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: EDF168D5)
Partition: GPT.
==================== End of Addition.txt =======================