Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Win 10 Computer running slow after running fine

Started by BrianR1976 , Jan 24 2024 11:22 PM

  • Please log in to reply

#1
BrianR1976
Posted 24 January 2024 - 11:22 PM

BrianR1976

    Member

  • Member
  • PipPipPip
  • 355 posts

Hi.

 

My computer is relatively new (less than 2 years) and it's finally starting to show a little age. It runs slower than it did. And tonight the sound stopped working. A reboot fixed it but it's an issue that happened. I figure its time I do a good deep clean on it. I run Windows Defender, Avast, and CCleaner semi regularly and they never really turn up anything bad but I figure I should ask people who actually know what they are doing if there is anything I can do to make it run smoother?

 

Thanks in advance!

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24.01.2024
Ran by 16025 (administrator) on DELL-AWARE (Dell Inc. Inspiron 5400 AIO) (24-01-2024 22:17:15)
Running from C:\Users\16025\OneDrive\Desktop\FRST64.exe
Loaded Profiles: 16025
Platform: Microsoft Windows 10 Home Version 22H2 19045.3930 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe
(C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\acumbrellaagent.exe ->) (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\dnscryptproxy.exe <2>
(C:\Program Files (x86)\Dell\DELLOSD\DellOSDService.exe ->) () [File not signed] C:\Program Files (x86)\Dell\DELLOSD\MediaButtons.exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe ->) (Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RAPS.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_e7169f6c0c719018\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_e7169f6c0c719018\igfxEMN.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <13>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_c6bfc5767fc0181c\WavesSvc64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler64.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <19>
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\Dell\DELLOSD\DellOSDService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\acumbrellaagent.exe
(services.exe ->) (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_e7169f6c0c719018\igfxCUIServiceN.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_07bea76bdbdaf3eb\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_4723f3bb6233afc3\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d4564390a9b1e980\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_0c5a889d0c28d3cc\AS\IAS\IntelAudioService.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_4c10eeff886a3252\RtkAudUService64.exe <3>
(services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks, LLC.) C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_c6bfc5767fc0181c\WavesSysSvc64.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_4c10eeff886a3252\RtkAudUService64.exe [1591680 2022-09-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Windows\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_c6bfc5767fc0181c\WavesSvc64.exe [5083736 2023-02-22] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3571168 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [417176 2023-12-21] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [TeamsMachineUninstallerLocalAppData] => C:\Users\16025\AppData\Local\Microsoft\Teams\Update.exe [2452112 2021-02-17] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM-x32\...\Run: [TeamsMachineUninstallerProgramData] => %ProgramData%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default (No File)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2044568 2023-04-28] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1131488 2023-09-21] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44540320 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4386664 2023-12-07] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\Run: [Amazon Music Helper] => "C:\Users\16025\AppData\Local\Amazon Music\Amazon Music Helper.exe" (No File)
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [11556768 2024-01-13] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\Run: [MicrosoftEdgeAutoLaunch_4E4EB74741524C98ED0A45FD6E827AD7] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3854376 2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\MountPoints2: {5bf33d98-6ff9-11eb-b00b-683e26e9b8e3} - "E:\EasySuite.exe"
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\MountPoints2: {d3047084-7728-11eb-b00c-683e26e9b8e3} - "E:\EasySuite.exe"
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\MountPoints2: {d5c0f209-6f33-11eb-b00a-683e26e9b8e3} - "E:\EasySuite.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\120.0.6099.225\Installer\chrmstp.exe [2024-01-19] (Google LLC -> Google LLC)
Startup: C:\Users\16025\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2022-05-08]
ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.) [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {17AB4F61-C88E-4CCA-B5B8-D1BB5295864C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {BBDDF1FD-3782-46E6-958B-C251496687E8} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3571168 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {AF9BE179-CD81-4946-B2BF-AFDE2069C306} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3807712 2023-09-21] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {66D2FB44-D519-4313-91EA-E5AB719047E8} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5094808 2023-12-21] (Avast Software s.r.o. -> AVAST Software)
Task: {3E9A9189-13A5-424D-B332-E516D38AA5DE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-01] (Avast Software s.r.o. -> Avast Software)
Task: {F623DD7D-AF14-402E-839E-117974B793A8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {996B169E-B566-4758-A784-D877B6E2CFFD} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "5865714b-f283-48da-9b31-f7a77d5b087d" --version "6.20.10897" --silent
Task: {65E04514-FBB8-42C1-8E15-3E527CAED211} - System32\Tasks\CCleanerSkipUAC - 16025 => C:\Program Files\CCleaner\CCleaner.exe [38319520 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {5036B7B4-DC7A-4D74-96D1-E890A889AB66} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-13] (Google LLC -> Google LLC)
Task: {F015F0D2-9A9A-49F6-A172-C9FFF46B17CF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-13] (Google LLC -> Google LLC)
Task: {079ECA76-7D4B-45B3-87FC-1C083C32EEF2} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425192 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {75C214A0-955B-4075-85D3-EEC27F2E31C5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425192 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {8A8E108D-DF13-46E6-941E-4E1FD5587D8A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305744 2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {6E231E93-1B66-4376-B075-B0B0580EF9D3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305744 2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {8086C973-FA44-46D7-B852-744F0C68B25A} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170048 2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {620E2F3E-3775-4AFC-9AC6-4A811CB795CE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {72604199-4F49-4326-8DF6-5AB1670617A3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C14D8CDE-07FA-4347-B97F-DEFEBFF5BF1D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D5FB46FF-E8D3-4E4A-A287-EE02A734291C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AA030596-5AAF-43F5-B0B1-029833343440} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671648 2024-01-24] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {B58B3802-0A84-40BD-ADA8-6FB80F83362A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34720 2024-01-24] (Mozilla Corporation -> Mozilla Foundation)
Task: {26AB275B-20AC-4857-9465-B03B20865925} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [96520 2021-08-13] (Rivet Networks LLC -> DELL)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{f5ce493f-8ee0-4d83-9848-2d24100d63ea}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{f5ce493f-8ee0-4d83-9848-2d24100d63ea}\05968756C6F543137393: [DhcpNameServer] 192.168.172.115
Tcpip\..\Interfaces\{f5ce493f-8ee0-4d83-9848-2d24100d63ea}\3554455505D253548333: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{f5ce493f-8ee0-4d83-9848-2d24100d63ea}\3554455505D264531413: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{f5ce493f-8ee0-4d83-9848-2d24100d63ea}\4427455656478653: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\16025\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-24]
Edge Extension: (Google Docs Offline) - C:\Users\16025\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-19]
Edge Extension: (Edge relevant text changes) - C:\Users\16025\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-23]

FireFox:
========
FF DefaultProfile: xtqbi6nr.default
FF ProfilePath: C:\Users\16025\AppData\Roaming\Mozilla\Firefox\Profiles\xtqbi6nr.default [2021-02-13]
FF ProfilePath: C:\Users\16025\AppData\Roaming\Mozilla\Firefox\Profiles\o1xe5kkf.default-release [2024-01-24]
FF Homepage: Mozilla\Firefox\Profiles\o1xe5kkf.default-release -> hxxps://www.google.com/
FF Notifications: Mozilla\Firefox\Profiles\o1xe5kkf.default-release -> hxxps://gameflip.com
FF Extension: (AdBlocker Ultimate) - C:\Users\16025\AppData\Roaming\Mozilla\Firefox\Profiles\o1xe5kkf.default-release\Extensions\[email protected] [2023-11-29]
FF Extension: (uBlock Origin) - C:\Users\16025\AppData\Roaming\Mozilla\Firefox\Profiles\o1xe5kkf.default-release\Extensions\[email protected] [2024-01-09]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\16025\AppData\Roaming\Mozilla\Firefox\Profiles\o1xe5kkf.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2022-10-10]
FF Extension: (Rakuten: Get Cash Back For Shopping) - C:\Users\16025\AppData\Roaming\Mozilla\Firefox\Profiles\o1xe5kkf.default-release\Extensions\{35d6291e-1d4b-f9b4-c52f-77e6410d1326}.xpi [2023-12-21]
FF Extension: (Bitwarden - Free Password Manager) - C:\Users\16025\AppData\Roaming\Mozilla\Firefox\Profiles\o1xe5kkf.default-release\Extensions\{446900e4-71c2-419f-a6a7-df9c091e268b}.xpi [2024-01-16]
FF Extension: (Popup Blocker Ultimate) - C:\Users\16025\AppData\Roaming\Mozilla\Firefox\Profiles\o1xe5kkf.default-release\Extensions\{60B7679C-BED9-11E5-998D-8526BB8E7F8B}.xpi [2023-11-07]
FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\16025\AppData\Roaming\Mozilla\Firefox\Profiles\o1xe5kkf.default-release\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2023-08-14]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-01-13] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2023-09-21] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2023-09-21] (Adobe Inc. -> Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\16025\AppData\Local\Google\Chrome\User Data\Default [2024-01-24]
CHR Extension: (uBlock Origin) - C:\Users\16025\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-01-15]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\16025\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-12-16]
CHR Extension: (Google Docs Offline) - C:\Users\16025\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-17]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\16025\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-01-24]
CHR Extension: (New XKit) - C:\Users\16025\AppData\Local\Google\Chrome\User Data\Default\Extensions\inobiceghmpkaklcknpniboilbjmlald [2021-02-13] [UpdateUrl:hxxps://new-xkit.github.io/XKit/Extensions/dist/page/FirefoxUpdate.json] <==== ATTENTION
CHR Extension: (GIFit!) - C:\Users\16025\AppData\Local\Google\Chrome\User Data\Default\Extensions\khoojcphcmgcplkpckkjpdlloooifgec [2021-02-13]
CHR Extension: (Coupert - Automatic Coupon Finder & Cashback) - C:\Users\16025\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfidniedemcgceagapgdekdbmanojomk [2024-01-24]
CHR Extension: (Fluff Busting Purity) - C:\Users\16025\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkinhboiljjkhaknpaeaicmdjhagpep [2024-01-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\16025\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-13]
CHR Profile: C:\Users\16025\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-01-17]
CHR Profile: C:\Users\16025\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-01-17]
CHR DownloadDir: D:\Downloads
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\16025\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-09-10]
CHR Extension: (Google Docs Offline) - C:\Users\16025\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\16025\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-14]
CHR Profile: C:\Users\16025\AppData\Local\Google\Chrome\User Data\System Profile [2024-01-24]
CHR HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 acswgagent; C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\acswgagent.exe [752280 2023-04-28] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
R3 acumbrellaagent; C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\acumbrellaagent.exe [560792 2023-04-28] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944096 2023-09-21] (Adobe Inc. -> Adobe Inc.)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3896288 2023-01-19] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [9065880 2023-12-21] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [753048 2023-12-21] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2335128 2023-12-21] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [1157528 2023-12-21] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-05-20] (Avast Software s.r.o. -> AVAST Software)
R2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1082784 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13777080 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [21400 2022-03-23] (Dell Inc -> Dell INC.)
R2 Dell WMI Service; C:\Program Files (x86)\Dell\DELLOSD\DellOSDService.exe [118784 2021-02-23] () [File not signed]
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [44328 2022-03-16] (Dell Inc -> )
R2 IntelAudioService; C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_0c5a889d0c28d3cc\AS\IAS\IntelAudioService.exe [532000 2022-06-13] (Intel Corporation -> Intel)
R2 RAPSService; C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe [66296 2021-08-13] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [66296 2021-08-13] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 SmartByte Analytics Service; C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe [1633040 2021-08-13] (Rivet Networks LLC -> Rivet Networks)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2390800 2021-08-13] (Rivet Networks LLC -> Rivet Networks)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\NisSrv.exe [3174840 2024-01-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MsMpEng.exe [133592 2024-01-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\Windows\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 acsock; C:\Windows\system32\DRIVERS\acsock64.sys [310216 2023-04-28] (Microsoft Windows Hardware Compatibility Publisher -> Cisco Systems, Inc.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [243136 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [394008 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [297984 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [96064 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [26616 2023-11-27] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [39752 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [276848 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [561888 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [105352 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [80528 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [952856 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [711664 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [213296 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [319672 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [282624 2023-08-10] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [147968 2022-04-14] (Microsoft Corporation) [File not signed]
R3 dc3d; C:\Windows\System32\drivers\dc3d.sys [47616 2011-05-18] (Hardware Group Test Cert -> Microsoft Corporation)
R3 IntcUSB; C:\Windows\System32\DriverStore\FileRepository\intcusb.inf_amd64_566db4e95fcf6757\IntcUSB.sys [891944 2022-06-13] (Intel Corporation -> Intel® Corporation)
S3 IntelGNA; C:\Windows\System32\DriverStore\FileRepository\gna.inf_amd64_c08af0e43cbc91c3\gna.sys [83856 2020-08-04] (Gaussian Mixture Models and Neural Networks Accelerator -> Intel Corporation)
S3 ScrHIDDriver3; C:\Windows\System32\drivers\ScrHIDDriver3.sys [63296 2021-10-01] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
R3 SmbCoSvc; C:\Windows\system32\DRIVERS\SmbCo10X64.sys [166032 2021-08-13] (Intel Corporation -> Rivet Networks, LLC.)
S3 vpnva; C:\Windows\System32\drivers\vpnva64-6.sys [74064 2023-04-28] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [55856 2024-01-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [594304 2024-01-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105856 2024-01-19] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\Windows\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-01-24 22:17 - 2024-01-24 22:17 - 002389504 _____ (Farbar) C:\Users\16025\OneDrive\Desktop\FRST64.exe
2024-01-24 22:17 - 2024-01-24 22:17 - 000031813 _____ C:\Users\16025\OneDrive\Desktop\FRST.txt
2024-01-24 22:17 - 2024-01-24 22:17 - 000000000 ____D C:\Users\16025\OneDrive\Desktop\FRST-OlderVersion
2024-01-24 22:16 - 2024-01-24 22:17 - 000000000 ____D C:\FRST
2024-01-24 22:08 - 2024-01-24 22:08 - 000000283 _____ C:\Windows\gethelp_audiotroubleshooter_latestpackage.zip
2024-01-17 22:12 - 2024-01-18 21:55 - 000000666 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2024-01-17 22:12 - 2024-01-17 22:12 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2024-01-17 22:12 - 2024-01-17 22:12 - 000003382 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2024-01-16 23:01 - 2024-01-16 23:01 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2024-01-16 23:01 - 2024-01-16 23:01 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-01-15 21:47 - 2024-01-16 23:00 - 000000000 ____D C:\Users\16025\AppData\Local\Adobe
2024-01-14 22:27 - 2024-01-14 22:59 - 000000000 ____D C:\Users\16025\OneDrive\Desktop\Pipboy
2024-01-14 12:57 - 2024-01-14 12:57 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-01-12 23:48 - 2024-01-12 23:48 - 000645729 _____ (WDS Team) C:\Users\16025\Downloads\windirstat1_1_2_setup (1).exe
2024-01-12 23:48 - 2024-01-12 23:48 - 000001116 _____ C:\Users\16025\OneDrive\Desktop\WinDirStat.lnk
2024-01-10 22:23 - 2024-01-10 22:24 - 000000000 ___HD C:\$WinREAgent
2024-01-04 21:09 - 2024-01-04 21:13 - 000000000 ____D C:\Users\16025\OneDrive\Desktop\Desktop Papers
2023-12-29 23:32 - 2023-12-29 23:32 - 000035503 _____ C:\Users\16025\Downloads\2023_12_29_23_32_43.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-01-24 22:16 - 2021-01-17 02:57 - 000795738 _____ C:\Windows\system32\PerfStringBackup.INI
2024-01-24 22:16 - 2019-12-07 02:13 - 000000000 ____D C:\Windows\INF
2024-01-24 22:12 - 2021-12-16 00:05 - 000000000 ____D C:\Windows\SystemTemp
2024-01-24 22:12 - 2021-02-13 13:00 - 000000000 ____D C:\Program Files (x86)\Google
2024-01-24 22:11 - 2022-02-09 20:42 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-01-24 22:10 - 2021-09-19 23:27 - 000000000 ____D C:\Program Files\CCleaner
2024-01-24 22:10 - 2019-12-07 02:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-01-24 22:09 - 2023-12-21 22:26 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-01-24 22:09 - 2021-10-01 10:53 - 000008192 ___SH C:\DumpStack.log.tmp
2024-01-24 22:09 - 2021-02-19 16:21 - 000000000 ____D C:\ProgramData\Avast Software
2024-01-24 22:09 - 2021-02-13 13:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-01-24 22:09 - 2021-02-13 12:49 - 000000000 __SHD C:\Users\16025\IntelGraphicsProfiles
2024-01-24 22:09 - 2021-01-17 03:01 - 000000000 ____D C:\Intel
2024-01-24 22:09 - 2021-01-17 02:50 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-01-24 22:09 - 2019-12-07 02:14 - 000000000 ____D C:\Windows\ServiceState
2024-01-24 22:09 - 2019-12-07 02:03 - 000524288 _____ C:\Windows\system32\config\BBI
2024-01-24 21:50 - 2021-02-13 13:12 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-01-24 21:50 - 2019-12-07 02:14 - 000000000 ____D C:\Windows\AppReadiness
2024-01-24 21:49 - 2019-12-07 02:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-01-23 23:14 - 2021-11-16 14:40 - 000000000 ____D C:\Users\16025\AppData\Roaming\discord
2024-01-23 23:12 - 2021-11-16 14:40 - 000000000 ____D C:\Users\16025\AppData\Local\Discord
2024-01-23 22:00 - 2021-02-13 22:57 - 000000000 ____D C:\Users\16025\AppData\Local\D3DSCache
2024-01-21 23:33 - 2021-02-27 18:29 - 000037997 _____ C:\Users\16025\OneDrive\Desktop\Bills.xlsx
2024-01-19 16:43 - 2021-01-17 02:50 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-01-19 16:33 - 2021-02-15 23:05 - 000918944 _____ (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2024-01-19 16:32 - 2019-12-07 02:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2024-01-19 16:27 - 2021-06-01 08:27 - 000000000 ____D C:\Users\16025\AppData\Local\Avast Software
2024-01-19 07:39 - 2021-01-17 02:50 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-01-19 07:36 - 2021-02-13 13:01 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-01-17 22:18 - 2021-11-09 22:35 - 000000000 ____D C:\Users\16025\AppData\Local\CrashDumps
2024-01-17 22:18 - 2021-10-08 22:28 - 000000000 ____D C:\Program Files (x86)\Steam
2024-01-17 22:03 - 2021-01-17 02:59 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-01-14 23:35 - 2021-02-27 18:29 - 000000000 ____D C:\Users\16025\AppData\Roaming\Microsoft\Excel
2024-01-14 23:12 - 2021-02-16 22:59 - 000000000 ____D C:\Users\16025\AppData\Roaming\Microsoft\Word
2024-01-14 13:04 - 2019-12-07 02:03 - 000000000 ____D C:\Windows\CbsTemp
2024-01-14 12:57 - 2021-01-17 03:08 - 000000000 ____D C:\Program Files\Microsoft Office
2024-01-10 23:22 - 2021-10-15 00:09 - 000439016 _____ C:\Windows\system32\FNTCACHE.DAT
2024-01-10 23:21 - 2019-12-07 02:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2024-01-10 23:21 - 2019-12-07 02:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-01-10 23:21 - 2019-12-07 02:14 - 000000000 ____D C:\Windows\SystemResources
2024-01-10 23:21 - 2019-12-07 02:14 - 000000000 ____D C:\Windows\system32\setup
2024-01-10 23:21 - 2019-12-07 02:14 - 000000000 ____D C:\Windows\ShellExperiences
2024-01-10 23:21 - 2019-12-07 02:14 - 000000000 ____D C:\Windows\bcastdvr
2024-01-10 22:11 - 2021-02-13 21:27 - 000001163 _____ C:\Users\16025\OneDrive\Desktop\pagingmrherman.txt
2024-01-10 21:47 - 2021-02-13 23:47 - 000000000 ____D C:\Windows\system32\MRT
2024-01-10 21:46 - 2021-02-13 23:47 - 189718008 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-01-08 23:29 - 2023-12-15 21:33 - 000002862 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3295701987-2196344191-1615095922-1001
2024-01-08 23:29 - 2021-12-12 10:29 - 000003066 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3295701987-2196344191-1615095922-1001
2024-01-08 23:29 - 2021-09-19 23:27 - 000002254 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - 16025
2024-01-08 23:29 - 2021-02-19 16:23 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2024-01-08 23:29 - 2021-02-13 13:00 - 000003356 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2024-01-08 23:29 - 2021-02-13 13:00 - 000003132 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2024-01-08 23:29 - 2021-01-17 02:59 - 000003462 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-01-08 23:29 - 2021-01-17 02:59 - 000003238 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-01-07 22:40 - 2021-10-08 22:29 - 000000000 ____D C:\Users\16025\AppData\Local\Steam
2024-01-03 22:06 - 2021-02-27 18:29 - 000004839 _____ C:\Users\16025\OneDrive\Desktop\bands to listen to.txt
2023-12-26 21:43 - 2021-02-13 12:49 - 000000000 ____D C:\Users\16025\AppData\Local\Packages

==================== Files in the root of some directories ========

2021-02-14 16:01 - 2021-02-14 16:01 - 000000000 _____ () C:\Users\16025\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24.01.2024
Ran by 16025 (24-01-2024 22:18:44)
Running from C:\Users\16025\OneDrive\Desktop
Microsoft Windows 10 Home Version 22H2 19045.3930 (X64) (2021-02-13 21:39:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

16025 (S-1-5-21-3295701987-2196344191-1615095922-1001 - Administrator - Enabled) => C:\Users\16025
Administrator (S-1-5-21-3295701987-2196344191-1615095922-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3295701987-2196344191-1615095922-503 - Limited - Disabled)
Guest (S-1-5-21-3295701987-2196344191-1615095922-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3295701987-2196344191-1615095922-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 23.008.20470 - Adobe)
Adobe Bridge 2022 (HKLM-x32\...\KBRG_12_0_3) (Version: 12.0.3 - Adobe Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 6.0.0.571 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.3.0.49 - Adobe Inc.)
Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_5) (Version: 23.5.0.669 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Amazon Music (HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\Amazon Amazon Music) (Version: 8.8.2.2305 - Amazon.com Services LLC)
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 23.12.6094 - Avast Software)
Bitwarden (HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\173a9bac-6f0d-50c4-8202-4744c69d091a) (Version: 1.32.0 - Bitwarden Inc.)
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.17.0.1 - Canon Inc.)
Canon Utilities EOS Network Setting Tool (HKLM-x32\...\EOS Network Setting Tool) (Version: 1.3.1.1 - Canon Inc.)
Canon Utilities EOS Utility 3 (HKLM-x32\...\EOS Utility 3) (Version: 3.17.0.5 - Canon Inc.)
Canon Utilities EOS Web Service Registration Tool (HKLM-x32\...\EOS Web Service Registration Tool) (Version: 1.17.0.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.20 - Piriform)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.10.07061 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{11E16B39-0FA6-4DF0-9736-73BB638C9924}) (Version: 4.10.07061 - Cisco Systems, Inc.) Hidden
Cisco AnyConnect Umbrella Roaming Security Module (HKLM-x32\...\{2926F2F0-E903-4A6D-910D-F2C8384D0106}) (Version: 4.10.07061 - Cisco Systems, Inc.)
Dell Mobile Connect Driver (HKLM\...\{6F9CB82D-BC34-4FC1-B90D-AFFAC5C85E7B}) (Version: 4.1.7498 - Screenovate Technologies Ltd.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{08E7C8D5-F2B5-4F09-B0EA-F28913BEFDB0}) (Version: 5.5.1.16143 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{2a8bafd6-22ae-4d0e-87a4-686b2a4a2ab0}) (Version: 5.5.1.16143 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{7CA33C94-C7F2-4E31-8F9D-09D03FE0319C}) (Version: 5.5.2.16157 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{85c0b416-3065-407c-9fd8-a1e41780153a}) (Version: 5.5.2.16157 - Dell Inc.)
Dell Update for Windows Universal (HKLM\...\{931EF4E8-D267-4504-A5E9-5DE70B9712E9}) (Version: 4.5.0 - Dell Inc.)
DELLOSD (HKLM-x32\...\{437102ED-22A2-4C3D-BA6B-E5ECAE798DFA}) (Version: 1.0.5.0 - DELL)
Discord (HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\Discord) (Version: 1.0.9003 - Discord Inc.)
Duplicate Cleaner Pro 5.0.0.13 (HKLM-x32\...\{CE197A4F-4776-436C-B9F0-2BD181F9DB2D}) (Version: 5.0.0.13 - DigitalVolcano Software Ltd)
Dynamic Application Loader Host Interface Service (HKLM\...\{74DF895B-001F-456C-BEA4-9254A3FCC5E6}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 120.0.6099.225 - Google LLC)
Google Password Manager (HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\39e7c5a62bc7b95f9fc29cd7b8ffe463) (Version: 1.0 - Google\Chrome)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2218.2.2.0 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{72F03A9B-21C6-4599-95FC-FFB4D9B7F50C}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Driver (HKLM\...\{B9C358AF-2012-4BD3-A476-CAFB5761B5BC}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® ME WMI Provider (HKLM\...\{96EC8F94-3894-4F08-8FEF-227E9F790FFC}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Software Installer (HKLM-x32\...\{1bfc9e76-17dd-4b9e-a76e-467a1ded25f6}) (Version: 22.130.0.5 - Intel Corporation) Hidden
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.17126.20132 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 120.0.2210.144 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.144 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\OneDriveSetup.exe) (Version: 23.246.1127.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 (HKLM-x32\...\{2d507699-404c-4c8b-a54a-38e352f32cdd}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 (HKLM-x32\...\{817e21c1-6b3a-4bc1-8c49-67e4e1887b3a}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 (HKLM\...\{38624EB5-356D-4B08-8357-C33D89A5C0C5}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 (HKLM\...\{C96241EA-9900-4FE8-85B3-1E238D509DF6}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326 (HKLM-x32\...\{A250E750-DB3F-40C1-8460-8EF77C7582DA}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326 (HKLM-x32\...\{46E11E7F-01E1-44D0-BB86-C67342D253DD}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Movavi Video Converter 22 Premium (HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\Movavi Video Converter 22 Premium) (Version: 22.5.0 - Movavi)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 122.0 (x64 en-US)) (Version: 122.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 85.0.2 - Mozilla)
MTG Arena (HKLM\...\{DE7C0930-E11E-431E-8175-00AB4C3BBF5A}) (Version: 0.1.4709 - Wizards of the Coast)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17126.20132 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17126.20132 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 10.57.330.2022 - Realtek)
Realtek PC Camera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.18362.20136 - Realtek Semiconductor Corp.)
SmartByte Drivers and Services (HKLM\...\{A0CDAD3D-0329-4E3E-8DC1-30E333D6564D}) (Version: 3.1.995 - Rivet Networks)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TreeSize Free V4.5.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.5.2 - JAM Software)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
WinDirStat 1.1.2 (HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\WinDirStat) (Version:  - )
Windows PC Health Check (HKLM\...\{8B203035-EEAB-4F30-B65A-6F805463498A}) (Version: 2.1.2106.23002 - Microsoft Corporation)
Workflows (HKLM-x32\...\{AF3D4DBD-B681-4938-A5E8-BFEB0B96FC47}) (Version: 3.5.3.0 - SirsiDynix)

Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-01-06] ()
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc [2022-05-08] (Adobe Systems Incorporated)
Dell Cinema Guide -> C:\Program Files\WindowsApps\DellInc.DellCinemaGuide_1.0.49.0_x64__htrsf667h5kn2 [2021-02-13] (Dell Inc)
Dell CinemaColor -> C:\Program Files\WindowsApps\PortraitDisplays.DellCinemaColor_2.4.78.0_x64__2dgmkzkw4h30c [2022-08-11] (Portrait Displays)
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.4.9.0_x64__htrsf667h5kn2 [2023-04-11] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_5.0.82.0_x64__htrsf667h5kn2 [2023-09-04] (Dell Inc)
Dell Mobile Connect 3.3 -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0 [2021-09-20] (Screenovate Technologies) [Startup Task]
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_4.5.23.0_x86__htrsf667h5kn2 [2022-04-03] (Dell Inc)
Fitbit -> C:\Program Files\WindowsApps\Fitbit.Fitbit_2.44.1997.0_x64__6mqt6hf9g46tw [2021-11-08] (Fitbit)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5287.0_x64__8j3eq9eme6ctt [2023-12-15] (INTEL CORP) [Startup Task]
Microsoft Teams (work or school) -> C:\Program Files\WindowsApps\MSTeams_23320.3021.2567.4799_x64__8wekyb3d8bbwe [2023-12-16] (Microsoft) [Startup Task]
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-08-15] (Microsoft Corporation)
My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_2.2.6.0_x64__htrsf667h5kn2 [2023-09-10] (Dell Inc)
Partner Promo -> C:\Program Files\WindowsApps\DellInc.PartnerPromo_1.0.21.0_x64__htrsf667h5kn2 [2021-01-17] (Dell Inc)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-01-06] (Microsoft Corporation)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2022-01-04] (Adobe Systems Incorporated)
SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_3.1.1002.0_x64__rh07ty8m5nkag [2023-06-06] (Rivet Networks LLC)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.18.11020.0_x64__8wekyb3d8bbwe [2023-11-06] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0 [2024-01-19] (Spotify AB) [Startup Task]
Waves MaxxAudio Pro for Dell 2020 -> C:\Program Files\WindowsApps\WavesAudio.MaxxAudioProforDell2020_3.0.98.0_x64__fh4rh281wavaa [2021-07-03] (Waves Audio)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3295701987-2196344191-1615095922-1001_Classes\CLSID\{0BAD39CB-DD3E-4F21-9156-649B0156C28E}\localserver32 -> C:\Windows\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_c6bfc5767fc0181c\WavesSvc64.exe (Waves Inc -> Waves Audio Ltd.)
CustomCLSID: HKU\S-1-5-21-3295701987-2196344191-1615095922-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-6BD50D928633} -> [Creative Cloud Files] => C:\Users\16025\Creative Cloud Files [2023-06-04 20:45]
CustomCLSID: HKU\S-1-5-21-3295701987-2196344191-1615095922-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3295701987-2196344191-1615095922-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-3295701987-2196344191-1615095922-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3295701987-2196344191-1615095922-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-09-21] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-09-21] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-09-21] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-12-21] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-12-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-09-21] (Adobe Inc. -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-12-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-12-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-09-21] (Adobe Inc. -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-12-21] (Avast Software s.r.o. -> AVAST Software)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Public\Desktop\WorkFlows 3.5.3.0J.lnk -> C:\Program Files (x86)\Sirsi\JWF\wf.bat ()
ShortcutWithArgument: C:\Users\16025\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\16025\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\edb1424df8e16855\Google Hangouts.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nckgahadagoaajjgafhacjanaoiihapd
ShortcutWithArgument: C:\Users\16025\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Brian (maricopa.edu) - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-14] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\sharepoint.com -> hxxps://maricopa-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 02:14 - 2019-12-07 02:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\Control Panel\Desktop\\Wallpaper -> D:\Brians\Pictures From Desktop\vader.jpg
DNS Servers: 68.105.28.11 - 68.105.29.11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Cisco AnyConnect Secure Mobility Agent for Windows"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerLocalAppData"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerProgramData"
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\StartupApproved\StartupFolder: => "EOS Utility.lnk"
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\StartupApproved\Run: => "AdobeBridge"
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\StartupApproved\Run: => "Amazon Music Helper"
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C3BF07E3-05AA-4E5F-B84E-7154166C89A4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{81F8411B-7F23-4E17-896A-A96E053F693A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A5D2FE62-146C-45D5-891E-43D1EC64848D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7E37DD3A-931E-43A2-A8BF-D7A5CF4BB681}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E4323B50-6E4E-45C7-A9A7-EA458825234D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4222E967-1A82-460C-A53D-5558533D87D5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5422D858-1796-4BD7-94E1-6DD674EF8C99}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{12F73319-621C-4FD8-B9BB-B21B76F05A3A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7D551FA7-B7C5-443C-8462-22421F2ADD1B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2EBB2F36-DBE2-46B0-BD6F-F883645C6663}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{11372EC3-61F6-4DFB-B608-EC872DDD3A74}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2F2EF9FA-0EC8-4B81-BACA-6C250D43EB0F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{07FD13BA-1969-44BA-8BF7-1FB652E587A5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{189907FA-C2F7-4C60-8608-F3887D2AA71A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{82024C3A-EC0B-46C3-8C0C-FAFA9DC5ECB7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{32317D73-121C-4C57-A260-A63AE1F4D25C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F7D356C1-FF99-4F37-838F-32D482EB0124}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3D0E5D0A-304A-4177-A9F4-AB496BBE2312}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{13ADA7DF-ADC5-48A2-856E-C6663F6B7068}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1CD6E298-2FF8-4B50-974D-70D6A24330FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F9DCD9ED-65F0-4C87-84AE-248635AE92D0}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{6621CDF6-665B-4CC8-AD78-46578B7850D0}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{5F5B1709-43F1-4E78-BA32-28775607CF0F}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (6B081F61-C764-4F21-995F-B463D0640577 -> Screenovate Technologies Ltd.)
FirewallRules: [{4E97C4A6-201F-4635-BB1F-8FFB724C780A}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (6B081F61-C764-4F21-995F-B463D0640577 -> Screenovate Technologies Ltd.)
FirewallRules: [{48CFC94B-E338-4076-A4D3-9409B7EF2FDD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{52B64DC5-728D-4E40-A06D-DC288B43C39F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{CAB2D9CE-22EA-433C-864C-D0926A781C99}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BFF690CB-0036-429A-A6B3-B9DCFD24650D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3BD5DBA4-A964-4CA4-85D2-B0ADC63098E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dominion\Dominion.exe (Temple Gates Games LLC) [File not signed]
FirewallRules: [{AA56A301-BD3E-4207-8300-74774E27848D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dominion\Dominion.exe (Temple Gates Games LLC) [File not signed]
FirewallRules: [{F46D111F-68E8-46CF-9405-A37B9E1A3836}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraforming Mars\TerraformingMars.exe (Unity Technologies ApS) [File not signed]
FirewallRules: [{D0420F23-21BA-4D15-A05B-3DA5EBFAD75D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraforming Mars\TerraformingMars.exe (Unity Technologies ApS) [File not signed]
FirewallRules: [{12B5C1D4-BC48-433C-BF59-58468B1DA4A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Realms\StarRealms.exe () [File not signed]
FirewallRules: [{43F0288C-F8AB-4A37-8F6D-3F3819756B26}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Realms\StarRealms.exe () [File not signed]
FirewallRules: [{40A0A6C2-197E-468E-B712-8F23D47E762F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{6BFA3588-65CB-46A7-A6BB-FBE55EC75F49}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{55089440-F64F-4B0C-8477-DEE524B7023E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{5D775C17-0C42-406D-B270-7071C0BDBD4F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{E3EC6E04-5DC5-4B33-9EEA-C75FE2686664}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{9325EB9D-D6CD-4210-9859-22195A70813A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{895CCF5C-C9E8-4B8C-9502-B80D719D4FA6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{CABBB39D-60C7-405D-91EA-260A0FD577D9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{A71EB80E-8A5C-4387-B236-D331B56888B7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6452BFB4-80DB-4232-9FBF-02F19F6045A3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D42E7A6D-D741-4415-B788-4C839433670C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3EDB7C10-8BCC-4B17-953E-FFD19A637D31}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{473E0458-DCDC-42FF-A081-EDDEE660D429}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{F40E0194-4821-430A-ACEA-23E437274498}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{C6669722-CF00-41A6-9447-1279987DC57B}C:\users\16025\appdata\local\programs\bitwarden\bitwarden.exe] => (Allow) C:\users\16025\appdata\local\programs\bitwarden\bitwarden.exe (8bit Solutions LLC -> Bitwarden Inc.)
FirewallRules: [UDP Query User{B79B0439-418B-4C8F-BFF0-2B13460664B7}C:\users\16025\appdata\local\programs\bitwarden\bitwarden.exe] => (Allow) C:\users\16025\appdata\local\programs\bitwarden\bitwarden.exe (8bit Solutions LLC -> Bitwarden Inc.)
FirewallRules: [{71422814-10D4-407D-8334-9D6529788843}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe (Canon Inc. -> CANON INC.)
FirewallRules: [{4A224DE9-59FF-47C4-85E0-47232EB3331B}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe (Canon Inc. -> CANON INC.)
FirewallRules: [TCP Query User{303BFB9A-2551-45AF-A880-85A1525C6D72}C:\program files\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files\wizards of the coast\mtga\mtga.exe (Wizards of the Coast LLC -> )
FirewallRules: [UDP Query User{A61BAAC4-9438-420C-9D93-FF47AB775F52}C:\program files\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files\wizards of the coast\mtga\mtga.exe (Wizards of the Coast LLC -> )
FirewallRules: [{A2BEE282-3390-456A-ADCD-A162F2460783}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Munchkin Digital\Munchkin.exe (Dire Wolf Digital, LLC -> )
FirewallRules: [{EE82E217-D7CE-4B2B-A0D4-534773D759EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Munchkin Digital\Munchkin.exe (Dire Wolf Digital, LLC -> )
FirewallRules: [{C1518516-EEB7-43E1-A0D8-B53288BD2CC6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{46823346-3ECB-4860-A663-D68E596FF73F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{518B65B1-9C5E-476D-83F0-C09B171127C1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A5886DBF-4EC1-41A1-9522-206D6C599AF4}] => (Allow) C:\Program Files\WindowsApps\MSTeams_23320.3021.2567.4799_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E172EA93-70A7-4532-90FA-571B51D90ADB}] => (Allow) C:\Program Files\WindowsApps\MSTeams_23320.3021.2567.4799_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{36CFABD2-F8C0-4A2E-A0B7-6C7AC4A775F3}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5AF3632C-3137-47A9-8C30-E8C4441D7FCB}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{39A15BA8-B782-4653-BEAC-DD6114D43AA8}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{457AAC12-CDD2-4C7E-911E-2A77A9F1702A}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{42B9CC6A-0055-4A8A-8F3A-0CFE075DEB4A}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3D105275-6688-4FCD-8A6C-0CC0F2656CFF}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1261E740-0EC3-4759-8428-B87830339A39}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AA9ADF6C-FDA4-4A3B-87B7-2EA668EDC3CF}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EFE338FD-97C2-44E2-AD50-09AC93847FF5}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EF71BDFB-26F3-4D7B-8CE3-AC98A553B543}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5B8233A0-CFC5-424E-9F6E-D7BC1D6C2E1C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5FCA6867-CA02-486C-87E8-B4031C53EEF9}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.144\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:220.87 GB) (Free:88.51 GB) (40%)

==================== Faulty Device Manager Devices ============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/24/2024 10:07:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program svchost.exe version 10.0.19041.3636 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: db0

Start Time: 01da4f4984627992

Termination Time: 5

Application Path: C:\Windows\System32\svchost.exe

Report Id: 999f5a14-a4f3-4e52-9100-0d3c6dcede5b

Faulting package full name:

Faulting package-relative application ID:

Hang type: Cross-thread

Error: (01/24/2024 10:05:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 122.0.0.8783 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2210

Start Time: 01da4f4a178871e8

Termination Time: 18

Application Path: C:\Program Files\Mozilla Firefox\firefox.exe

Report Id: 17b2369d-906e-4947-8400-ba153a919e9e

Faulting package full name:

Faulting package-relative application ID:

Hang type: Unknown

Error: (01/24/2024 10:04:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program svchost.exe version 10.0.19041.3636 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: db0

Start Time: 01da4f4984627992

Termination Time: 4294967295

Application Path: C:\Windows\System32\svchost.exe

Report Id: fe49c191-73dc-4e5e-840f-34612f9bba2c

Faulting package full name:

Faulting package-relative application ID:

Hang type: Unknown

Error: (01/24/2024 09:49:54 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (01/23/2024 10:16:57 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied..This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {c1137f7e-4554-4749-ba43-2a04b24cfc1e}

Error: (01/23/2024 10:15:51 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied..This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {c1137f7e-4554-4749-ba43-2a04b24cfc1e}

Error: (01/23/2024 09:39:34 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (01/23/2024 09:15:07 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2


System errors:
=============
Error: (01/24/2024 10:12:37 PM) (Source: DCOM) (EventID: 10001) (User: DELL-AWARE)
Description: Unable to start a DCOM Server: Microsoft.YourPhone_1.23112.87.0_x64__8wekyb3d8bbwe!App.AppX3vhsrrrr4az9vb3h5mjdzkhtshkg5v0x.mca as Unavailable/Unavailable. The error:
"2147942402"
Happened while starting this command:
"C:\Windows\system32\backgroundTaskHost.exe" -ServerName:App.AppXfkd8mejksk4ancwf4vtyhmkvtzn1jcbs.mca

Error: (01/24/2024 10:09:50 PM) (Source: DCOM) (EventID: 10001) (User: DELL-AWARE)
Description: Unable to start a DCOM Server: Microsoft.YourPhone_1.23112.87.0_x64__8wekyb3d8bbwe!App.AppX3vhsrrrr4az9vb3h5mjdzkhtshkg5v0x.mca as Unavailable/Unavailable. The error:
"2147942402"
Happened while starting this command:
"C:\Windows\system32\backgroundTaskHost.exe" -ServerName:App.AppXfkd8mejksk4ancwf4vtyhmkvtzn1jcbs.mca

Error: (01/24/2024 10:09:50 PM) (Source: DCOM) (EventID: 10001) (User: DELL-AWARE)
Description: Unable to start a DCOM Server: Microsoft.YourPhone_1.23112.87.0_x64__8wekyb3d8bbwe!App.AppX91kdh3ds06x33j6rj4xkzvqbn983mp49.mca as Unavailable/Unavailable. The error:
"2147942402"
Happened while starting this command:
"C:\Windows\system32\backgroundTaskHost.exe" -ServerName:App.AppXfkd8mejksk4ancwf4vtyhmkvtzn1jcbs.mca

Error: (01/24/2024 10:09:50 PM) (Source: DCOM) (EventID: 10001) (User: DELL-AWARE)
Description: Unable to start a DCOM Server: Microsoft.YourPhone_1.23112.87.0_x64__8wekyb3d8bbwe!App.AppX3vhsrrrr4az9vb3h5mjdzkhtshkg5v0x.mca as Unavailable/Unavailable. The error:
"2147942402"
Happened while starting this command:
"C:\Windows\system32\backgroundTaskHost.exe" -ServerName:App.AppXfkd8mejksk4ancwf4vtyhmkvtzn1jcbs.mca

Error: (01/24/2024 10:08:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Audio service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (01/24/2024 10:07:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Audio service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (01/24/2024 09:59:12 PM) (Source: DCOM) (EventID: 10001) (User: DELL-AWARE)
Description: Unable to start a DCOM Server: Microsoft.YourPhone_1.23112.87.0_x64__8wekyb3d8bbwe!App.AppX91kdh3ds06x33j6rj4xkzvqbn983mp49.mca as Unavailable/Unavailable. The error:
"2147942402"
Happened while starting this command:
"C:\Windows\system32\backgroundTaskHost.exe" -ServerName:App.AppXfkd8mejksk4ancwf4vtyhmkvtzn1jcbs.mca

Error: (01/24/2024 09:49:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Mozilla Maintenance Service service terminated with the following error:
Incorrect function.


Windows Defender:
================
Date: 2024-01-23 22:00:33
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2024-01-23 21:55:53
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2024-01-21 23:03:43
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-02-18 16:27:45
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-02-18 16:22:42
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===============
Date: 2024-01-24 22:12:02
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2024-01-24 22:10:53
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: Dell Inc. 1.23.1 10/02/2023
Motherboard: Dell Inc. 0H1TR9
Processor: 11th Gen Intel® Core™ i5-1135G7 @ 2.40GHz
Percentage of memory in use: 62%
Total physical RAM: 11919.49 MB
Available physical RAM: 4433.3 MB
Total Virtual: 13711.49 MB
Available Virtual: 5371.97 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:220.87 GB) (Free:88.51 GB) (Model: PM991 NVMe Samsung 256GB) (Protected) NTFS
Drive d: (Storage) (Fixed) (Total:931.39 GB) (Free:450.24 GB) (Model: WDC WD10SPZX-75Z10T3) (Protected) NTFS

\\?\Volume{684c3d4a-c862-4581-a7b4-5c97cdda73b3}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.37 GB) NTFS
\\?\Volume{c15026fd-1126-46cb-a6a3-f4940b3c8da0}\ (Image) (Fixed) (Total:14.8 GB) (Free:0.15 GB) NTFS
\\?\Volume{512529dc-bb46-4392-a04b-7d2df97f1506}\ (DELLSUPPORT) (Fixed) (Total:1.55 GB) (Free:0.72 GB) NTFS
\\?\Volume{54456a02-9c41-463b-98ce-88879010ba53}\ (ESP) (Fixed) (Total:0.14 GB) (Free:0.06 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: EDF168EC)

Partition: GPT.

==========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: EDF168D5)

Partition: GPT.

==================== End of Addition.txt =======================


  • 0

Advertisements

#2
RKinner
Posted 25 January 2024 - 08:19 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Multiple replies are OK.  Best to post a log as you get it.

 

I don't see anything obvious but you do have a lot of odd errors.  Let's check your system files with a fixlist.  Normally takes about 35 minutes to complete but on a super slow system will time out after 1 hour.  Be patient:

 

 
Download the attached fixlist.txt to the same location as FRST
 
Attached File  fixlist.txt   414bytes   44 downloads
 
Run FRST and press Fix
A fix log will be generated please post that 
 
Reboot if the fix doesn't reboot it for you
 
Run FRST again but this time make sure Addition.txt is checked and hit Scan.  Post both logs.
 
Go to Settings, Update & Security.  See if you have a 22H2 update pending or installing.  This update is causing a lot of grief because on some systems it will not install and keeps trying to install and then has to back out the changes.  This slows things down and causes the PC to overheat.  If you see 22H2 you can try to install it and then after the reboot look again and see if it is still on the pending list.  If so Click on Pause updates for 7 days and see if that helps with the speed problem.
 
Let's look and see if something else is eating the CPU:
 
 
Get Process Explorer
 
 
Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  
View and check Show Processes From All Users 
 
View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures
 
 
Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  
 
Wait a full minute then:
 
File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.
 
Let's check your hard drive for errors:
 
CrystalDiskInfo:
 
 
 
 
 
 
Scroll down a bit and you will see a picture of a black window with Samsung SSD in it.  Underneath the black window 
is a button that says Vista+.  That's the button you need to use to download the installer.  
Save the file then go to the download folder and right click on the file and run as admin.  
The program will install and then start up.   Once it reads the drives you just hit File then Save Text.  
Save the file to your desktop and then attach it or open it then copy and paste the text to a reply.  
 
Let's check for a bad driver:
 
Latency Monitor:
 
Go to
 
 
Scroll down to
 
System Monitoring Tools
 
and then find
 
LatencyMon 7.0 (or it may be a higher number if they update)
 
Click on Download free home edition
 
Save it then right click and Run As Admin.  It will install and then start the program.  
It will tell you to click on the Start button but there isn't one.  
Instead click on the green arrowhead (looks like a Play button).   Let it run for at least 20 seconds.  Then hit the red box to stop it. 
 
Edit, Copy Report text to Clipboard then move to a REPLY and Ctrl + v to paste the text into a reply.  
 
 
Click on the Drivers Tab.  Click on the column header for "Total execution (ms)" once or twice until the biggest numbers are at the top of the column then take a screen shot (save as type jpg) and attach it.  
Click on the Processes tab then click on the  "Hard Pagefaults" column header once or twice until the big numbers are at the top of the column.  Take a screen shot (save as type jpg) and attach it. 
 
To attach a file:
First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.
 
Only files with .txt, .jpg or .zip are allowed.
 
Since you have Avast have you already run a boot-time scan?  If not:
 
Click on the Avast ball.  Then click on Protection, then on Antivirus, then on Other Scans then on Boot-time Scan.  Click on Install Special Definitions.  Wait for it to finish.  Click on Run on Next PC Reboot.
 
  Reboot and let it run a scan.  It may take hours.
Once it finishes it should load windows.   
 
When you reboot you will see the scan start.  It will tell you where it saves its log.  Usually it's C:\ProgramData\AVAST Software\Avast\report\aswBoot.txt but it might change so verify the location.   This is a hidden location so you will need to tell Windows to let you see it:
 
 
Copy and paste the text from the log to a Reply when done.
 
If you have already run a boot-time scan and you want a second opinion the ESET free online scan is worthwhile but will take an hour or so:
Click on One Time Scan
Save the file then go to your download folder and right click and Run as Admin.
Follow the instructions. (allow it to quarantine anything it finds)  When it finishes it will tell you if it found anything.
 
 
 
 
 
 
 
 
 

  • 0

#3
BrianR1976
Posted 25 January 2024 - 06:44 PM

BrianR1976

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 355 posts

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24.01.2024
Ran by 16025 (administrator) on DELL-AWARE (Dell Inc. Inspiron 5400 AIO) (24-01-2024 22:17:15)
Running from C:\Users\16025\OneDrive\Desktop\FRST64.exe
Loaded Profiles: 16025
Platform: Microsoft Windows 10 Home Version 22H2 19045.3930 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe
(C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\acumbrellaagent.exe ->) (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\dnscryptproxy.exe <2>
(C:\Program Files (x86)\Dell\DELLOSD\DellOSDService.exe ->) () [File not signed] C:\Program Files (x86)\Dell\DELLOSD\MediaButtons.exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe ->) (Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RAPS.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_e7169f6c0c719018\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_e7169f6c0c719018\igfxEMN.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <13>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_c6bfc5767fc0181c\WavesSvc64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler64.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <19>
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\Dell\DELLOSD\DellOSDService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\acumbrellaagent.exe
(services.exe ->) (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_e7169f6c0c719018\igfxCUIServiceN.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_07bea76bdbdaf3eb\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_4723f3bb6233afc3\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d4564390a9b1e980\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_0c5a889d0c28d3cc\AS\IAS\IntelAudioService.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_4c10eeff886a3252\RtkAudUService64.exe <3>
(services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks, LLC.) C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_c6bfc5767fc0181c\WavesSysSvc64.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_4c10eeff886a3252\RtkAudUService64.exe [1591680 2022-09-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Windows\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_c6bfc5767fc0181c\WavesSvc64.exe [5083736 2023-02-22] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3571168 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [417176 2023-12-21] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [TeamsMachineUninstallerLocalAppData] => C:\Users\16025\AppData\Local\Microsoft\Teams\Update.exe [2452112 2021-02-17] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM-x32\...\Run: [TeamsMachineUninstallerProgramData] => %ProgramData%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default (No File)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2044568 2023-04-28] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1131488 2023-09-21] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44540320 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4386664 2023-12-07] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\Run: [Amazon Music Helper] => "C:\Users\16025\AppData\Local\Amazon Music\Amazon Music Helper.exe" (No File)
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [11556768 2024-01-13] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\Run: [MicrosoftEdgeAutoLaunch_4E4EB74741524C98ED0A45FD6E827AD7] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3854376 2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\MountPoints2: {5bf33d98-6ff9-11eb-b00b-683e26e9b8e3} - "E:\EasySuite.exe"
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\MountPoints2: {d3047084-7728-11eb-b00c-683e26e9b8e3} - "E:\EasySuite.exe"
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\MountPoints2: {d5c0f209-6f33-11eb-b00a-683e26e9b8e3} - "E:\EasySuite.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\120.0.6099.225\Installer\chrmstp.exe [2024-01-19] (Google LLC -> Google LLC)
Startup: C:\Users\16025\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2022-05-08]
ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.) [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {17AB4F61-C88E-4CCA-B5B8-D1BB5295864C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {BBDDF1FD-3782-46E6-958B-C251496687E8} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3571168 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {AF9BE179-CD81-4946-B2BF-AFDE2069C306} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3807712 2023-09-21] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {66D2FB44-D519-4313-91EA-E5AB719047E8} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5094808 2023-12-21] (Avast Software s.r.o. -> AVAST Software)
Task: {3E9A9189-13A5-424D-B332-E516D38AA5DE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-01] (Avast Software s.r.o. -> Avast Software)
Task: {F623DD7D-AF14-402E-839E-117974B793A8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {996B169E-B566-4758-A784-D877B6E2CFFD} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "5865714b-f283-48da-9b31-f7a77d5b087d" --version "6.20.10897" --silent
Task: {65E04514-FBB8-42C1-8E15-3E527CAED211} - System32\Tasks\CCleanerSkipUAC - 16025 => C:\Program Files\CCleaner\CCleaner.exe [38319520 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {5036B7B4-DC7A-4D74-96D1-E890A889AB66} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-13] (Google LLC -> Google LLC)
Task: {F015F0D2-9A9A-49F6-A172-C9FFF46B17CF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-13] (Google LLC -> Google LLC)
Task: {079ECA76-7D4B-45B3-87FC-1C083C32EEF2} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425192 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {75C214A0-955B-4075-85D3-EEC27F2E31C5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425192 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {8A8E108D-DF13-46E6-941E-4E1FD5587D8A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305744 2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {6E231E93-1B66-4376-B075-B0B0580EF9D3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305744 2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {8086C973-FA44-46D7-B852-744F0C68B25A} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170048 2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {620E2F3E-3775-4AFC-9AC6-4A811CB795CE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {72604199-4F49-4326-8DF6-5AB1670617A3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C14D8CDE-07FA-4347-B97F-DEFEBFF5BF1D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D5FB46FF-E8D3-4E4A-A287-EE02A734291C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AA030596-5AAF-43F5-B0B1-029833343440} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671648 2024-01-24] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {B58B3802-0A84-40BD-ADA8-6FB80F83362A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34720 2024-01-24] (Mozilla Corporation -> Mozilla Foundation)
Task: {26AB275B-20AC-4857-9465-B03B20865925} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [96520 2021-08-13] (Rivet Networks LLC -> DELL)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{f5ce493f-8ee0-4d83-9848-2d24100d63ea}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{f5ce493f-8ee0-4d83-9848-2d24100d63ea}\05968756C6F543137393: [DhcpNameServer] 192.168.172.115
Tcpip\..\Interfaces\{f5ce493f-8ee0-4d83-9848-2d24100d63ea}\3554455505D253548333: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{f5ce493f-8ee0-4d83-9848-2d24100d63ea}\3554455505D264531413: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{f5ce493f-8ee0-4d83-9848-2d24100d63ea}\4427455656478653: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\16025\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-24]
Edge Extension: (Google Docs Offline) - C:\Users\16025\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-19]
Edge Extension: (Edge relevant text changes) - C:\Users\16025\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-23]

FireFox:
========
FF DefaultProfile: xtqbi6nr.default
FF ProfilePath: C:\Users\16025\AppData\Roaming\Mozilla\Firefox\Profiles\xtqbi6nr.default [2021-02-13]
FF ProfilePath: C:\Users\16025\AppData\Roaming\Mozilla\Firefox\Profiles\o1xe5kkf.default-release [2024-01-24]
FF Homepage: Mozilla\Firefox\Profiles\o1xe5kkf.default-release -> hxxps://www.google.com/
FF Notifications: Mozilla\Firefox\Profiles\o1xe5kkf.default-release -> hxxps://gameflip.com
FF Extension: (AdBlocker Ultimate) - C:\Users\16025\AppData\Roaming\Mozilla\Firefox\Profiles\o1xe5kkf.default-release\Extensions\[email protected] [2023-11-29]
FF Extension: (uBlock Origin) - C:\Users\16025\AppData\Roaming\Mozilla\Firefox\Profiles\o1xe5kkf.default-release\Extensions\[email protected] [2024-01-09]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\16025\AppData\Roaming\Mozilla\Firefox\Profiles\o1xe5kkf.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2022-10-10]
FF Extension: (Rakuten: Get Cash Back For Shopping) - C:\Users\16025\AppData\Roaming\Mozilla\Firefox\Profiles\o1xe5kkf.default-release\Extensions\{35d6291e-1d4b-f9b4-c52f-77e6410d1326}.xpi [2023-12-21]
FF Extension: (Bitwarden - Free Password Manager) - C:\Users\16025\AppData\Roaming\Mozilla\Firefox\Profiles\o1xe5kkf.default-release\Extensions\{446900e4-71c2-419f-a6a7-df9c091e268b}.xpi [2024-01-16]
FF Extension: (Popup Blocker Ultimate) - C:\Users\16025\AppData\Roaming\Mozilla\Firefox\Profiles\o1xe5kkf.default-release\Extensions\{60B7679C-BED9-11E5-998D-8526BB8E7F8B}.xpi [2023-11-07]
FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\16025\AppData\Roaming\Mozilla\Firefox\Profiles\o1xe5kkf.default-release\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2023-08-14]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-01-13] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2023-09-21] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2023-09-21] (Adobe Inc. -> Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\16025\AppData\Local\Google\Chrome\User Data\Default [2024-01-24]
CHR Extension: (uBlock Origin) - C:\Users\16025\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-01-15]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\16025\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-12-16]
CHR Extension: (Google Docs Offline) - C:\Users\16025\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-17]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\16025\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-01-24]
CHR Extension: (New XKit) - C:\Users\16025\AppData\Local\Google\Chrome\User Data\Default\Extensions\inobiceghmpkaklcknpniboilbjmlald [2021-02-13] [UpdateUrl:hxxps://new-xkit.github.io/XKit/Extensions/dist/page/FirefoxUpdate.json] <==== ATTENTION
CHR Extension: (GIFit!) - C:\Users\16025\AppData\Local\Google\Chrome\User Data\Default\Extensions\khoojcphcmgcplkpckkjpdlloooifgec [2021-02-13]
CHR Extension: (Coupert - Automatic Coupon Finder & Cashback) - C:\Users\16025\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfidniedemcgceagapgdekdbmanojomk [2024-01-24]
CHR Extension: (Fluff Busting Purity) - C:\Users\16025\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkinhboiljjkhaknpaeaicmdjhagpep [2024-01-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\16025\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-13]
CHR Profile: C:\Users\16025\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-01-17]
CHR Profile: C:\Users\16025\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-01-17]
CHR DownloadDir: D:\Downloads
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\16025\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-09-10]
CHR Extension: (Google Docs Offline) - C:\Users\16025\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\16025\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-14]
CHR Profile: C:\Users\16025\AppData\Local\Google\Chrome\User Data\System Profile [2024-01-24]
CHR HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 acswgagent; C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\acswgagent.exe [752280 2023-04-28] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
R3 acumbrellaagent; C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\acumbrellaagent.exe [560792 2023-04-28] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944096 2023-09-21] (Adobe Inc. -> Adobe Inc.)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3896288 2023-01-19] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [9065880 2023-12-21] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [753048 2023-12-21] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2335128 2023-12-21] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [1157528 2023-12-21] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-05-20] (Avast Software s.r.o. -> AVAST Software)
R2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1082784 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13777080 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [21400 2022-03-23] (Dell Inc -> Dell INC.)
R2 Dell WMI Service; C:\Program Files (x86)\Dell\DELLOSD\DellOSDService.exe [118784 2021-02-23] () [File not signed]
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [44328 2022-03-16] (Dell Inc -> )
R2 IntelAudioService; C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_0c5a889d0c28d3cc\AS\IAS\IntelAudioService.exe [532000 2022-06-13] (Intel Corporation -> Intel)
R2 RAPSService; C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe [66296 2021-08-13] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [66296 2021-08-13] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 SmartByte Analytics Service; C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe [1633040 2021-08-13] (Rivet Networks LLC -> Rivet Networks)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2390800 2021-08-13] (Rivet Networks LLC -> Rivet Networks)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\NisSrv.exe [3174840 2024-01-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MsMpEng.exe [133592 2024-01-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\Windows\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 acsock; C:\Windows\system32\DRIVERS\acsock64.sys [310216 2023-04-28] (Microsoft Windows Hardware Compatibility Publisher -> Cisco Systems, Inc.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [243136 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [394008 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [297984 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [96064 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [26616 2023-11-27] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [39752 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [276848 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [561888 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [105352 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [80528 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [952856 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [711664 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [213296 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [319672 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [282624 2023-08-10] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [147968 2022-04-14] (Microsoft Corporation) [File not signed]
R3 dc3d; C:\Windows\System32\drivers\dc3d.sys [47616 2011-05-18] (Hardware Group Test Cert -> Microsoft Corporation)
R3 IntcUSB; C:\Windows\System32\DriverStore\FileRepository\intcusb.inf_amd64_566db4e95fcf6757\IntcUSB.sys [891944 2022-06-13] (Intel Corporation -> Intel® Corporation)
S3 IntelGNA; C:\Windows\System32\DriverStore\FileRepository\gna.inf_amd64_c08af0e43cbc91c3\gna.sys [83856 2020-08-04] (Gaussian Mixture Models and Neural Networks Accelerator -> Intel Corporation)
S3 ScrHIDDriver3; C:\Windows\System32\drivers\ScrHIDDriver3.sys [63296 2021-10-01] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
R3 SmbCoSvc; C:\Windows\system32\DRIVERS\SmbCo10X64.sys [166032 2021-08-13] (Intel Corporation -> Rivet Networks, LLC.)
S3 vpnva; C:\Windows\System32\drivers\vpnva64-6.sys [74064 2023-04-28] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [55856 2024-01-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [594304 2024-01-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105856 2024-01-19] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\Windows\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-01-24 22:17 - 2024-01-24 22:17 - 002389504 _____ (Farbar) C:\Users\16025\OneDrive\Desktop\FRST64.exe
2024-01-24 22:17 - 2024-01-24 22:17 - 000031813 _____ C:\Users\16025\OneDrive\Desktop\FRST.txt
2024-01-24 22:17 - 2024-01-24 22:17 - 000000000 ____D C:\Users\16025\OneDrive\Desktop\FRST-OlderVersion
2024-01-24 22:16 - 2024-01-24 22:17 - 000000000 ____D C:\FRST
2024-01-24 22:08 - 2024-01-24 22:08 - 000000283 _____ C:\Windows\gethelp_audiotroubleshooter_latestpackage.zip
2024-01-17 22:12 - 2024-01-18 21:55 - 000000666 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2024-01-17 22:12 - 2024-01-17 22:12 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2024-01-17 22:12 - 2024-01-17 22:12 - 000003382 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2024-01-16 23:01 - 2024-01-16 23:01 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2024-01-16 23:01 - 2024-01-16 23:01 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-01-15 21:47 - 2024-01-16 23:00 - 000000000 ____D C:\Users\16025\AppData\Local\Adobe
2024-01-14 22:27 - 2024-01-14 22:59 - 000000000 ____D C:\Users\16025\OneDrive\Desktop\Pipboy
2024-01-14 12:57 - 2024-01-14 12:57 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-01-12 23:48 - 2024-01-12 23:48 - 000645729 _____ (WDS Team) C:\Users\16025\Downloads\windirstat1_1_2_setup (1).exe
2024-01-12 23:48 - 2024-01-12 23:48 - 000001116 _____ C:\Users\16025\OneDrive\Desktop\WinDirStat.lnk
2024-01-10 22:23 - 2024-01-10 22:24 - 000000000 ___HD C:\$WinREAgent
2024-01-04 21:09 - 2024-01-04 21:13 - 000000000 ____D C:\Users\16025\OneDrive\Desktop\Desktop Papers
2023-12-29 23:32 - 2023-12-29 23:32 - 000035503 _____ C:\Users\16025\Downloads\2023_12_29_23_32_43.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-01-24 22:16 - 2021-01-17 02:57 - 000795738 _____ C:\Windows\system32\PerfStringBackup.INI
2024-01-24 22:16 - 2019-12-07 02:13 - 000000000 ____D C:\Windows\INF
2024-01-24 22:12 - 2021-12-16 00:05 - 000000000 ____D C:\Windows\SystemTemp
2024-01-24 22:12 - 2021-02-13 13:00 - 000000000 ____D C:\Program Files (x86)\Google
2024-01-24 22:11 - 2022-02-09 20:42 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-01-24 22:10 - 2021-09-19 23:27 - 000000000 ____D C:\Program Files\CCleaner
2024-01-24 22:10 - 2019-12-07 02:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-01-24 22:09 - 2023-12-21 22:26 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-01-24 22:09 - 2021-10-01 10:53 - 000008192 ___SH C:\DumpStack.log.tmp
2024-01-24 22:09 - 2021-02-19 16:21 - 000000000 ____D C:\ProgramData\Avast Software
2024-01-24 22:09 - 2021-02-13 13:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-01-24 22:09 - 2021-02-13 12:49 - 000000000 __SHD C:\Users\16025\IntelGraphicsProfiles
2024-01-24 22:09 - 2021-01-17 03:01 - 000000000 ____D C:\Intel
2024-01-24 22:09 - 2021-01-17 02:50 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-01-24 22:09 - 2019-12-07 02:14 - 000000000 ____D C:\Windows\ServiceState
2024-01-24 22:09 - 2019-12-07 02:03 - 000524288 _____ C:\Windows\system32\config\BBI
2024-01-24 21:50 - 2021-02-13 13:12 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-01-24 21:50 - 2019-12-07 02:14 - 000000000 ____D C:\Windows\AppReadiness
2024-01-24 21:49 - 2019-12-07 02:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-01-23 23:14 - 2021-11-16 14:40 - 000000000 ____D C:\Users\16025\AppData\Roaming\discord
2024-01-23 23:12 - 2021-11-16 14:40 - 000000000 ____D C:\Users\16025\AppData\Local\Discord
2024-01-23 22:00 - 2021-02-13 22:57 - 000000000 ____D C:\Users\16025\AppData\Local\D3DSCache
2024-01-21 23:33 - 2021-02-27 18:29 - 000037997 _____ C:\Users\16025\OneDrive\Desktop\Bills.xlsx
2024-01-19 16:43 - 2021-01-17 02:50 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-01-19 16:33 - 2021-02-15 23:05 - 000918944 _____ (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2024-01-19 16:32 - 2019-12-07 02:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2024-01-19 16:27 - 2021-06-01 08:27 - 000000000 ____D C:\Users\16025\AppData\Local\Avast Software
2024-01-19 07:39 - 2021-01-17 02:50 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-01-19 07:36 - 2021-02-13 13:01 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-01-17 22:18 - 2021-11-09 22:35 - 000000000 ____D C:\Users\16025\AppData\Local\CrashDumps
2024-01-17 22:18 - 2021-10-08 22:28 - 000000000 ____D C:\Program Files (x86)\Steam
2024-01-17 22:03 - 2021-01-17 02:59 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-01-14 23:35 - 2021-02-27 18:29 - 000000000 ____D C:\Users\16025\AppData\Roaming\Microsoft\Excel
2024-01-14 23:12 - 2021-02-16 22:59 - 000000000 ____D C:\Users\16025\AppData\Roaming\Microsoft\Word
2024-01-14 13:04 - 2019-12-07 02:03 - 000000000 ____D C:\Windows\CbsTemp
2024-01-14 12:57 - 2021-01-17 03:08 - 000000000 ____D C:\Program Files\Microsoft Office
2024-01-10 23:22 - 2021-10-15 00:09 - 000439016 _____ C:\Windows\system32\FNTCACHE.DAT
2024-01-10 23:21 - 2019-12-07 02:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2024-01-10 23:21 - 2019-12-07 02:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-01-10 23:21 - 2019-12-07 02:14 - 000000000 ____D C:\Windows\SystemResources
2024-01-10 23:21 - 2019-12-07 02:14 - 000000000 ____D C:\Windows\system32\setup
2024-01-10 23:21 - 2019-12-07 02:14 - 000000000 ____D C:\Windows\ShellExperiences
2024-01-10 23:21 - 2019-12-07 02:14 - 000000000 ____D C:\Windows\bcastdvr
2024-01-10 22:11 - 2021-02-13 21:27 - 000001163 _____ C:\Users\16025\OneDrive\Desktop\pagingmrherman.txt
2024-01-10 21:47 - 2021-02-13 23:47 - 000000000 ____D C:\Windows\system32\MRT
2024-01-10 21:46 - 2021-02-13 23:47 - 189718008 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-01-08 23:29 - 2023-12-15 21:33 - 000002862 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3295701987-2196344191-1615095922-1001
2024-01-08 23:29 - 2021-12-12 10:29 - 000003066 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3295701987-2196344191-1615095922-1001
2024-01-08 23:29 - 2021-09-19 23:27 - 000002254 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - 16025
2024-01-08 23:29 - 2021-02-19 16:23 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2024-01-08 23:29 - 2021-02-13 13:00 - 000003356 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2024-01-08 23:29 - 2021-02-13 13:00 - 000003132 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2024-01-08 23:29 - 2021-01-17 02:59 - 000003462 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-01-08 23:29 - 2021-01-17 02:59 - 000003238 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-01-07 22:40 - 2021-10-08 22:29 - 000000000 ____D C:\Users\16025\AppData\Local\Steam
2024-01-03 22:06 - 2021-02-27 18:29 - 000004839 _____ C:\Users\16025\OneDrive\Desktop\bands to listen to.txt
2023-12-26 21:43 - 2021-02-13 12:49 - 000000000 ____D C:\Users\16025\AppData\Local\Packages

==================== Files in the root of some directories ========

2021-02-14 16:01 - 2021-02-14 16:01 - 000000000 _____ () C:\Users\16025\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


  • 0

#4
BrianR1976
Posted 25 January 2024 - 06:44 PM

BrianR1976

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 355 posts

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24.01.2024
Ran by 16025 (24-01-2024 22:18:44)
Running from C:\Users\16025\OneDrive\Desktop
Microsoft Windows 10 Home Version 22H2 19045.3930 (X64) (2021-02-13 21:39:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

16025 (S-1-5-21-3295701987-2196344191-1615095922-1001 - Administrator - Enabled) => C:\Users\16025
Administrator (S-1-5-21-3295701987-2196344191-1615095922-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3295701987-2196344191-1615095922-503 - Limited - Disabled)
Guest (S-1-5-21-3295701987-2196344191-1615095922-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3295701987-2196344191-1615095922-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 23.008.20470 - Adobe)
Adobe Bridge 2022 (HKLM-x32\...\KBRG_12_0_3) (Version: 12.0.3 - Adobe Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 6.0.0.571 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.3.0.49 - Adobe Inc.)
Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_5) (Version: 23.5.0.669 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Amazon Music (HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\Amazon Amazon Music) (Version: 8.8.2.2305 - Amazon.com Services LLC)
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 23.12.6094 - Avast Software)
Bitwarden (HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\173a9bac-6f0d-50c4-8202-4744c69d091a) (Version: 1.32.0 - Bitwarden Inc.)
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.17.0.1 - Canon Inc.)
Canon Utilities EOS Network Setting Tool (HKLM-x32\...\EOS Network Setting Tool) (Version: 1.3.1.1 - Canon Inc.)
Canon Utilities EOS Utility 3 (HKLM-x32\...\EOS Utility 3) (Version: 3.17.0.5 - Canon Inc.)
Canon Utilities EOS Web Service Registration Tool (HKLM-x32\...\EOS Web Service Registration Tool) (Version: 1.17.0.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.20 - Piriform)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.10.07061 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{11E16B39-0FA6-4DF0-9736-73BB638C9924}) (Version: 4.10.07061 - Cisco Systems, Inc.) Hidden
Cisco AnyConnect Umbrella Roaming Security Module (HKLM-x32\...\{2926F2F0-E903-4A6D-910D-F2C8384D0106}) (Version: 4.10.07061 - Cisco Systems, Inc.)
Dell Mobile Connect Driver (HKLM\...\{6F9CB82D-BC34-4FC1-B90D-AFFAC5C85E7B}) (Version: 4.1.7498 - Screenovate Technologies Ltd.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{08E7C8D5-F2B5-4F09-B0EA-F28913BEFDB0}) (Version: 5.5.1.16143 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{2a8bafd6-22ae-4d0e-87a4-686b2a4a2ab0}) (Version: 5.5.1.16143 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{7CA33C94-C7F2-4E31-8F9D-09D03FE0319C}) (Version: 5.5.2.16157 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{85c0b416-3065-407c-9fd8-a1e41780153a}) (Version: 5.5.2.16157 - Dell Inc.)
Dell Update for Windows Universal (HKLM\...\{931EF4E8-D267-4504-A5E9-5DE70B9712E9}) (Version: 4.5.0 - Dell Inc.)
DELLOSD (HKLM-x32\...\{437102ED-22A2-4C3D-BA6B-E5ECAE798DFA}) (Version: 1.0.5.0 - DELL)
Discord (HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\Discord) (Version: 1.0.9003 - Discord Inc.)
Duplicate Cleaner Pro 5.0.0.13 (HKLM-x32\...\{CE197A4F-4776-436C-B9F0-2BD181F9DB2D}) (Version: 5.0.0.13 - DigitalVolcano Software Ltd)
Dynamic Application Loader Host Interface Service (HKLM\...\{74DF895B-001F-456C-BEA4-9254A3FCC5E6}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 120.0.6099.225 - Google LLC)
Google Password Manager (HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\39e7c5a62bc7b95f9fc29cd7b8ffe463) (Version: 1.0 - Google\Chrome)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2218.2.2.0 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{72F03A9B-21C6-4599-95FC-FFB4D9B7F50C}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Driver (HKLM\...\{B9C358AF-2012-4BD3-A476-CAFB5761B5BC}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® ME WMI Provider (HKLM\...\{96EC8F94-3894-4F08-8FEF-227E9F790FFC}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Software Installer (HKLM-x32\...\{1bfc9e76-17dd-4b9e-a76e-467a1ded25f6}) (Version: 22.130.0.5 - Intel Corporation) Hidden
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.17126.20132 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 120.0.2210.144 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.144 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\OneDriveSetup.exe) (Version: 23.246.1127.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 (HKLM-x32\...\{2d507699-404c-4c8b-a54a-38e352f32cdd}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 (HKLM-x32\...\{817e21c1-6b3a-4bc1-8c49-67e4e1887b3a}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 (HKLM\...\{38624EB5-356D-4B08-8357-C33D89A5C0C5}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 (HKLM\...\{C96241EA-9900-4FE8-85B3-1E238D509DF6}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326 (HKLM-x32\...\{A250E750-DB3F-40C1-8460-8EF77C7582DA}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326 (HKLM-x32\...\{46E11E7F-01E1-44D0-BB86-C67342D253DD}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Movavi Video Converter 22 Premium (HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\Movavi Video Converter 22 Premium) (Version: 22.5.0 - Movavi)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 122.0 (x64 en-US)) (Version: 122.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 85.0.2 - Mozilla)
MTG Arena (HKLM\...\{DE7C0930-E11E-431E-8175-00AB4C3BBF5A}) (Version: 0.1.4709 - Wizards of the Coast)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17126.20132 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17126.20132 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 10.57.330.2022 - Realtek)
Realtek PC Camera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.18362.20136 - Realtek Semiconductor Corp.)
SmartByte Drivers and Services (HKLM\...\{A0CDAD3D-0329-4E3E-8DC1-30E333D6564D}) (Version: 3.1.995 - Rivet Networks)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TreeSize Free V4.5.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.5.2 - JAM Software)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
WinDirStat 1.1.2 (HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\WinDirStat) (Version:  - )
Windows PC Health Check (HKLM\...\{8B203035-EEAB-4F30-B65A-6F805463498A}) (Version: 2.1.2106.23002 - Microsoft Corporation)
Workflows (HKLM-x32\...\{AF3D4DBD-B681-4938-A5E8-BFEB0B96FC47}) (Version: 3.5.3.0 - SirsiDynix)

Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-01-06] ()
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc [2022-05-08] (Adobe Systems Incorporated)
Dell Cinema Guide -> C:\Program Files\WindowsApps\DellInc.DellCinemaGuide_1.0.49.0_x64__htrsf667h5kn2 [2021-02-13] (Dell Inc)
Dell CinemaColor -> C:\Program Files\WindowsApps\PortraitDisplays.DellCinemaColor_2.4.78.0_x64__2dgmkzkw4h30c [2022-08-11] (Portrait Displays)
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.4.9.0_x64__htrsf667h5kn2 [2023-04-11] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_5.0.82.0_x64__htrsf667h5kn2 [2023-09-04] (Dell Inc)
Dell Mobile Connect 3.3 -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0 [2021-09-20] (Screenovate Technologies) [Startup Task]
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_4.5.23.0_x86__htrsf667h5kn2 [2022-04-03] (Dell Inc)
Fitbit -> C:\Program Files\WindowsApps\Fitbit.Fitbit_2.44.1997.0_x64__6mqt6hf9g46tw [2021-11-08] (Fitbit)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5287.0_x64__8j3eq9eme6ctt [2023-12-15] (INTEL CORP) [Startup Task]
Microsoft Teams (work or school) -> C:\Program Files\WindowsApps\MSTeams_23320.3021.2567.4799_x64__8wekyb3d8bbwe [2023-12-16] (Microsoft) [Startup Task]
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-08-15] (Microsoft Corporation)
My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_2.2.6.0_x64__htrsf667h5kn2 [2023-09-10] (Dell Inc)
Partner Promo -> C:\Program Files\WindowsApps\DellInc.PartnerPromo_1.0.21.0_x64__htrsf667h5kn2 [2021-01-17] (Dell Inc)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-01-06] (Microsoft Corporation)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2022-01-04] (Adobe Systems Incorporated)
SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_3.1.1002.0_x64__rh07ty8m5nkag [2023-06-06] (Rivet Networks LLC)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.18.11020.0_x64__8wekyb3d8bbwe [2023-11-06] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0 [2024-01-19] (Spotify AB) [Startup Task]
Waves MaxxAudio Pro for Dell 2020 -> C:\Program Files\WindowsApps\WavesAudio.MaxxAudioProforDell2020_3.0.98.0_x64__fh4rh281wavaa [2021-07-03] (Waves Audio)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3295701987-2196344191-1615095922-1001_Classes\CLSID\{0BAD39CB-DD3E-4F21-9156-649B0156C28E}\localserver32 -> C:\Windows\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_c6bfc5767fc0181c\WavesSvc64.exe (Waves Inc -> Waves Audio Ltd.)
CustomCLSID: HKU\S-1-5-21-3295701987-2196344191-1615095922-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-6BD50D928633} -> [Creative Cloud Files] => C:\Users\16025\Creative Cloud Files [2023-06-04 20:45]
CustomCLSID: HKU\S-1-5-21-3295701987-2196344191-1615095922-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3295701987-2196344191-1615095922-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-3295701987-2196344191-1615095922-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3295701987-2196344191-1615095922-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-09-21] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-09-21] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-09-21] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-12-21] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-12-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-09-21] (Adobe Inc. -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-12-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-12-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-09-21] (Adobe Inc. -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-12-21] (Avast Software s.r.o. -> AVAST Software)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Public\Desktop\WorkFlows 3.5.3.0J.lnk -> C:\Program Files (x86)\Sirsi\JWF\wf.bat ()
ShortcutWithArgument: C:\Users\16025\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\16025\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\edb1424df8e16855\Google Hangouts.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nckgahadagoaajjgafhacjanaoiihapd
ShortcutWithArgument: C:\Users\16025\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Brian (maricopa.edu) - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-14] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\sharepoint.com -> hxxps://maricopa-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 02:14 - 2019-12-07 02:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\Control Panel\Desktop\\Wallpaper -> D:\Brians\Pictures From Desktop\vader.jpg
DNS Servers: 68.105.28.11 - 68.105.29.11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Cisco AnyConnect Secure Mobility Agent for Windows"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerLocalAppData"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerProgramData"
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\StartupApproved\StartupFolder: => "EOS Utility.lnk"
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\StartupApproved\Run: => "AdobeBridge"
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\StartupApproved\Run: => "Amazon Music Helper"
HKU\S-1-5-21-3295701987-2196344191-1615095922-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C3BF07E3-05AA-4E5F-B84E-7154166C89A4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{81F8411B-7F23-4E17-896A-A96E053F693A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A5D2FE62-146C-45D5-891E-43D1EC64848D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7E37DD3A-931E-43A2-A8BF-D7A5CF4BB681}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E4323B50-6E4E-45C7-A9A7-EA458825234D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4222E967-1A82-460C-A53D-5558533D87D5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5422D858-1796-4BD7-94E1-6DD674EF8C99}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{12F73319-621C-4FD8-B9BB-B21B76F05A3A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7D551FA7-B7C5-443C-8462-22421F2ADD1B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2EBB2F36-DBE2-46B0-BD6F-F883645C6663}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{11372EC3-61F6-4DFB-B608-EC872DDD3A74}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2F2EF9FA-0EC8-4B81-BACA-6C250D43EB0F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{07FD13BA-1969-44BA-8BF7-1FB652E587A5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{189907FA-C2F7-4C60-8608-F3887D2AA71A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{82024C3A-EC0B-46C3-8C0C-FAFA9DC5ECB7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{32317D73-121C-4C57-A260-A63AE1F4D25C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F7D356C1-FF99-4F37-838F-32D482EB0124}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3D0E5D0A-304A-4177-A9F4-AB496BBE2312}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{13ADA7DF-ADC5-48A2-856E-C6663F6B7068}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1CD6E298-2FF8-4B50-974D-70D6A24330FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F9DCD9ED-65F0-4C87-84AE-248635AE92D0}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{6621CDF6-665B-4CC8-AD78-46578B7850D0}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{5F5B1709-43F1-4E78-BA32-28775607CF0F}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (6B081F61-C764-4F21-995F-B463D0640577 -> Screenovate Technologies Ltd.)
FirewallRules: [{4E97C4A6-201F-4635-BB1F-8FFB724C780A}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (6B081F61-C764-4F21-995F-B463D0640577 -> Screenovate Technologies Ltd.)
FirewallRules: [{48CFC94B-E338-4076-A4D3-9409B7EF2FDD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{52B64DC5-728D-4E40-A06D-DC288B43C39F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{CAB2D9CE-22EA-433C-864C-D0926A781C99}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BFF690CB-0036-429A-A6B3-B9DCFD24650D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3BD5DBA4-A964-4CA4-85D2-B0ADC63098E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dominion\Dominion.exe (Temple Gates Games LLC) [File not signed]
FirewallRules: [{AA56A301-BD3E-4207-8300-74774E27848D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dominion\Dominion.exe (Temple Gates Games LLC) [File not signed]
FirewallRules: [{F46D111F-68E8-46CF-9405-A37B9E1A3836}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraforming Mars\TerraformingMars.exe (Unity Technologies ApS) [File not signed]
FirewallRules: [{D0420F23-21BA-4D15-A05B-3DA5EBFAD75D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraforming Mars\TerraformingMars.exe (Unity Technologies ApS) [File not signed]
FirewallRules: [{12B5C1D4-BC48-433C-BF59-58468B1DA4A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Realms\StarRealms.exe () [File not signed]
FirewallRules: [{43F0288C-F8AB-4A37-8F6D-3F3819756B26}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Realms\StarRealms.exe () [File not signed]
FirewallRules: [{40A0A6C2-197E-468E-B712-8F23D47E762F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{6BFA3588-65CB-46A7-A6BB-FBE55EC75F49}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{55089440-F64F-4B0C-8477-DEE524B7023E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{5D775C17-0C42-406D-B270-7071C0BDBD4F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{E3EC6E04-5DC5-4B33-9EEA-C75FE2686664}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{9325EB9D-D6CD-4210-9859-22195A70813A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{895CCF5C-C9E8-4B8C-9502-B80D719D4FA6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{CABBB39D-60C7-405D-91EA-260A0FD577D9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{A71EB80E-8A5C-4387-B236-D331B56888B7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6452BFB4-80DB-4232-9FBF-02F19F6045A3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D42E7A6D-D741-4415-B788-4C839433670C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3EDB7C10-8BCC-4B17-953E-FFD19A637D31}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{473E0458-DCDC-42FF-A081-EDDEE660D429}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{F40E0194-4821-430A-ACEA-23E437274498}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{C6669722-CF00-41A6-9447-1279987DC57B}C:\users\16025\appdata\local\programs\bitwarden\bitwarden.exe] => (Allow) C:\users\16025\appdata\local\programs\bitwarden\bitwarden.exe (8bit Solutions LLC -> Bitwarden Inc.)
FirewallRules: [UDP Query User{B79B0439-418B-4C8F-BFF0-2B13460664B7}C:\users\16025\appdata\local\programs\bitwarden\bitwarden.exe] => (Allow) C:\users\16025\appdata\local\programs\bitwarden\bitwarden.exe (8bit Solutions LLC -> Bitwarden Inc.)
FirewallRules: [{71422814-10D4-407D-8334-9D6529788843}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe (Canon Inc. -> CANON INC.)
FirewallRules: [{4A224DE9-59FF-47C4-85E0-47232EB3331B}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe (Canon Inc. -> CANON INC.)
FirewallRules: [TCP Query User{303BFB9A-2551-45AF-A880-85A1525C6D72}C:\program files\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files\wizards of the coast\mtga\mtga.exe (Wizards of the Coast LLC -> )
FirewallRules: [UDP Query User{A61BAAC4-9438-420C-9D93-FF47AB775F52}C:\program files\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files\wizards of the coast\mtga\mtga.exe (Wizards of the Coast LLC -> )
FirewallRules: [{A2BEE282-3390-456A-ADCD-A162F2460783}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Munchkin Digital\Munchkin.exe (Dire Wolf Digital, LLC -> )
FirewallRules: [{EE82E217-D7CE-4B2B-A0D4-534773D759EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Munchkin Digital\Munchkin.exe (Dire Wolf Digital, LLC -> )
FirewallRules: [{C1518516-EEB7-43E1-A0D8-B53288BD2CC6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{46823346-3ECB-4860-A663-D68E596FF73F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{518B65B1-9C5E-476D-83F0-C09B171127C1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A5886DBF-4EC1-41A1-9522-206D6C599AF4}] => (Allow) C:\Program Files\WindowsApps\MSTeams_23320.3021.2567.4799_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E172EA93-70A7-4532-90FA-571B51D90ADB}] => (Allow) C:\Program Files\WindowsApps\MSTeams_23320.3021.2567.4799_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{36CFABD2-F8C0-4A2E-A0B7-6C7AC4A775F3}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5AF3632C-3137-47A9-8C30-E8C4441D7FCB}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{39A15BA8-B782-4653-BEAC-DD6114D43AA8}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{457AAC12-CDD2-4C7E-911E-2A77A9F1702A}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{42B9CC6A-0055-4A8A-8F3A-0CFE075DEB4A}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3D105275-6688-4FCD-8A6C-0CC0F2656CFF}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1261E740-0EC3-4759-8428-B87830339A39}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AA9ADF6C-FDA4-4A3B-87B7-2EA668EDC3CF}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EFE338FD-97C2-44E2-AD50-09AC93847FF5}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EF71BDFB-26F3-4D7B-8CE3-AC98A553B543}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5B8233A0-CFC5-424E-9F6E-D7BC1D6C2E1C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5FCA6867-CA02-486C-87E8-B4031C53EEF9}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.144\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:220.87 GB) (Free:88.51 GB) (40%)

==================== Faulty Device Manager Devices ============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/24/2024 10:07:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program svchost.exe version 10.0.19041.3636 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: db0

Start Time: 01da4f4984627992

Termination Time: 5

Application Path: C:\Windows\System32\svchost.exe

Report Id: 999f5a14-a4f3-4e52-9100-0d3c6dcede5b

Faulting package full name:

Faulting package-relative application ID:

Hang type: Cross-thread

Error: (01/24/2024 10:05:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 122.0.0.8783 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2210

Start Time: 01da4f4a178871e8

Termination Time: 18

Application Path: C:\Program Files\Mozilla Firefox\firefox.exe

Report Id: 17b2369d-906e-4947-8400-ba153a919e9e

Faulting package full name:

Faulting package-relative application ID:

Hang type: Unknown

Error: (01/24/2024 10:04:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program svchost.exe version 10.0.19041.3636 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: db0

Start Time: 01da4f4984627992

Termination Time: 4294967295

Application Path: C:\Windows\System32\svchost.exe

Report Id: fe49c191-73dc-4e5e-840f-34612f9bba2c

Faulting package full name:

Faulting package-relative application ID:

Hang type: Unknown

Error: (01/24/2024 09:49:54 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (01/23/2024 10:16:57 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied..This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {c1137f7e-4554-4749-ba43-2a04b24cfc1e}

Error: (01/23/2024 10:15:51 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied..This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {c1137f7e-4554-4749-ba43-2a04b24cfc1e}

Error: (01/23/2024 09:39:34 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (01/23/2024 09:15:07 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2


System errors:
=============
Error: (01/24/2024 10:12:37 PM) (Source: DCOM) (EventID: 10001) (User: DELL-AWARE)
Description: Unable to start a DCOM Server: Microsoft.YourPhone_1.23112.87.0_x64__8wekyb3d8bbwe!App.AppX3vhsrrrr4az9vb3h5mjdzkhtshkg5v0x.mca as Unavailable/Unavailable. The error:
"2147942402"
Happened while starting this command:
"C:\Windows\system32\backgroundTaskHost.exe" -ServerName:App.AppXfkd8mejksk4ancwf4vtyhmkvtzn1jcbs.mca

Error: (01/24/2024 10:09:50 PM) (Source: DCOM) (EventID: 10001) (User: DELL-AWARE)
Description: Unable to start a DCOM Server: Microsoft.YourPhone_1.23112.87.0_x64__8wekyb3d8bbwe!App.AppX3vhsrrrr4az9vb3h5mjdzkhtshkg5v0x.mca as Unavailable/Unavailable. The error:
"2147942402"
Happened while starting this command:
"C:\Windows\system32\backgroundTaskHost.exe" -ServerName:App.AppXfkd8mejksk4ancwf4vtyhmkvtzn1jcbs.mca

Error: (01/24/2024 10:09:50 PM) (Source: DCOM) (EventID: 10001) (User: DELL-AWARE)
Description: Unable to start a DCOM Server: Microsoft.YourPhone_1.23112.87.0_x64__8wekyb3d8bbwe!App.AppX91kdh3ds06x33j6rj4xkzvqbn983mp49.mca as Unavailable/Unavailable. The error:
"2147942402"
Happened while starting this command:
"C:\Windows\system32\backgroundTaskHost.exe" -ServerName:App.AppXfkd8mejksk4ancwf4vtyhmkvtzn1jcbs.mca

Error: (01/24/2024 10:09:50 PM) (Source: DCOM) (EventID: 10001) (User: DELL-AWARE)
Description: Unable to start a DCOM Server: Microsoft.YourPhone_1.23112.87.0_x64__8wekyb3d8bbwe!App.AppX3vhsrrrr4az9vb3h5mjdzkhtshkg5v0x.mca as Unavailable/Unavailable. The error:
"2147942402"
Happened while starting this command:
"C:\Windows\system32\backgroundTaskHost.exe" -ServerName:App.AppXfkd8mejksk4ancwf4vtyhmkvtzn1jcbs.mca

Error: (01/24/2024 10:08:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Audio service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (01/24/2024 10:07:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Audio service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (01/24/2024 09:59:12 PM) (Source: DCOM) (EventID: 10001) (User: DELL-AWARE)
Description: Unable to start a DCOM Server: Microsoft.YourPhone_1.23112.87.0_x64__8wekyb3d8bbwe!App.AppX91kdh3ds06x33j6rj4xkzvqbn983mp49.mca as Unavailable/Unavailable. The error:
"2147942402"
Happened while starting this command:
"C:\Windows\system32\backgroundTaskHost.exe" -ServerName:App.AppXfkd8mejksk4ancwf4vtyhmkvtzn1jcbs.mca

Error: (01/24/2024 09:49:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Mozilla Maintenance Service service terminated with the following error:
Incorrect function.


Windows Defender:
================
Date: 2024-01-23 22:00:33
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2024-01-23 21:55:53
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2024-01-21 23:03:43
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-02-18 16:27:45
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-02-18 16:22:42
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===============
Date: 2024-01-24 22:12:02
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2024-01-24 22:10:53
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: Dell Inc. 1.23.1 10/02/2023
Motherboard: Dell Inc. 0H1TR9
Processor: 11th Gen Intel® Core™ i5-1135G7 @ 2.40GHz
Percentage of memory in use: 62%
Total physical RAM: 11919.49 MB
Available physical RAM: 4433.3 MB
Total Virtual: 13711.49 MB
Available Virtual: 5371.97 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:220.87 GB) (Free:88.51 GB) (Model: PM991 NVMe Samsung 256GB) (Protected) NTFS
Drive d: (Storage) (Fixed) (Total:931.39 GB) (Free:450.24 GB) (Model: WDC WD10SPZX-75Z10T3) (Protected) NTFS

\\?\Volume{684c3d4a-c862-4581-a7b4-5c97cdda73b3}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.37 GB) NTFS
\\?\Volume{c15026fd-1126-46cb-a6a3-f4940b3c8da0}\ (Image) (Fixed) (Total:14.8 GB) (Free:0.15 GB) NTFS
\\?\Volume{512529dc-bb46-4392-a04b-7d2df97f1506}\ (DELLSUPPORT) (Fixed) (Total:1.55 GB) (Free:0.72 GB) NTFS
\\?\Volume{54456a02-9c41-463b-98ce-88879010ba53}\ (ESP) (Fixed) (Total:0.14 GB) (Free:0.06 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: EDF168EC)

Partition: GPT.

==========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: EDF168D5)

Partition: GPT.

==================== End of Addition.txt =======================


  • 0

#5
BrianR1976
Posted 25 January 2024 - 06:52 PM

BrianR1976

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 355 posts

Process    CPU    Private Bytes    Working Set    PID    Description    Company Name    Verified Signer
SearchApp.exe    Suspended    238,612 K    322,756 K    9792    Search application    Microsoft Corporation    (Verified) Microsoft Windows
explorer.exe    < 0.01    199,796 K    230,424 K    1640    Windows Explorer    Microsoft Corporation    (Verified) Microsoft Windows
aswidsagent.exe    < 0.01    136,484 K    152,144 K    7152            
MsMpEng.exe        233,752 K    148,664 K    5768            
dwm.exe    < 0.01    82,652 K    115,480 K    1584    Desktop Window Manager    Microsoft Corporation    (Verified) Microsoft Windows
aswEngSrv.exe        109,016 K    111,784 K    4860    Avast Antivirus engine server    AVAST Software    (Verified) Avast Software s.r.o.
msedge.exe    < 0.01    47,312 K    110,420 K    4248    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
StartMenuExperienceHost.exe        58,064 K    107,828 K    9596            (Verified) Microsoft Windows
SmartByteNetworkService.exe    < 0.01    89,944 K    101,952 K    5676    SmartByte Network Service    Rivet Networks    (Verified) Rivet Networks LLC
Memory Compression        272 K    101,132 K    3076            
svchost.exe        86,276 K    94,768 K    4412    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
Registry        11,876 K    94,696 K    124            
aswToolsSvc.exe        53,908 K    86,352 K    4120    Avast Antivirus    AVAST Software    (Verified) Avast Software s.r.o.
ServiceShell.exe        56,696 K    83,324 K    12936    ServiceShell        (Verified) Dell Inc
TextInputHost.exe        45,416 K    81,816 K    10776        Microsoft Corporation    (Verified) Microsoft Windows
procexp64.exe    0.76    78,376 K    81,200 K    10284    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
DellSupportAssistRemedationService.exe    < 0.01    56,464 K    80,644 K    3280    DCFWinService    Dell INC.    (Verified) Dell Inc
WavesSvc64.exe        63,960 K    76,560 K    12808    Waves MaxxAudio Service Application    Waves Audio Ltd.    (Verified) Waves Inc
ShellExperienceHost.exe    Suspended    50,604 K    70,888 K    3504    Windows Shell Experience Host    Microsoft Corporation    (Verified) Microsoft Windows
OneApp.IGCC.WinService.exe        36,432 K    50,488 K    5348    Intel® Graphics Command Center Service    Intel Corporation    (Verified) Intel Corporation
acumbrellaagent.exe    < 0.01    32,068 K    49,212 K    10720    Cisco AnyConnect Roaming Security Agent    Cisco Systems, Inc.    (Verified) Cisco Systems, Inc.
IntelAudioService.exe        39,208 K    46,748 K    5400    IntelAudioService    Intel    (Verified) Intel Corporation
AvastSvc.exe    < 0.01    168,792 K    46,464 K    3980            
msedge.exe        57,716 K    44,860 K    13384    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
svchost.exe        16,168 K    38,688 K    5356    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        9,224 K    38,012 K    8864    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
CCleaner64.exe    < 0.01    60,180 K    36,428 K    4216    CCleaner    Piriform Software Ltd    (Verified) PIRIFORM SOFTWARE LIMITED
svchost.exe    < 0.01    10,616 K    35,160 K    8820    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
WavesSysSvc64.exe        13,536 K    29,728 K    5732    WavesSysSvc Service Application    Waves Audio Ltd.    (Verified) Waves Inc
msedge.exe    < 0.01    10,484 K    29,708 K    13392    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
RuntimeBroker.exe    < 0.01    7,992 K    29,552 K    9884    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
afwServ.exe    < 0.01    15,916 K    29,256 K    4964    Avast firewall service    AVAST Software    (Verified) Avast Software s.r.o.
svchost.exe    < 0.01    17,956 K    28,432 K    4632    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
SearchIndexer.exe        22,452 K    28,220 K    6748    Microsoft Windows Search Indexer    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        10,132 K    27,748 K    1104    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
ApplicationFrameHost.exe        9,304 K    27,140 K    2852    Application Frame Host    Microsoft Corporation    (Verified) Microsoft Windows
sihost.exe        5,868 K    26,860 K    8792    Shell Infrastructure Host    Microsoft Corporation    (Verified) Microsoft Windows
lsass.exe    < 0.01    9,536 K    25,868 K    880            
svchost.exe        15,132 K    24,392 K    4312    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
RuntimeBroker.exe        5,668 K    23,852 K    9660    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        4,884 K    23,432 K    9028    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
WmiPrvSE.exe    0.76    11,812 K    23,160 K    4716    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
vpnagent.exe        7,232 K    23,140 K    3800    VPN Agent Service    Cisco Systems, Inc.    (Verified) Cisco Systems, Inc.
svchost.exe    < 0.01    4,836 K    21,644 K    5900    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    3,676 K    21,512 K    8244    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        5,668 K    21,480 K    8336    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        19,592 K    21,464 K    1900    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
ctfmon.exe        4,284 K    20,804 K    10256    CTF Loader    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    < 0.01    6,516 K    19,732 K    3840    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
RuntimeBroker.exe        4,520 K    19,652 K    11828    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    < 0.01    5,240 K    18,972 K    8292    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
RuntimeBroker.exe        5,400 K    18,632 K    8184    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        9,240 K    18,544 K    5368    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
CCleanerPerformanceOptimizerService.exe        5,260 K    18,456 K    5304    CCleaner Performance Optimizer Service    Piriform Software Ltd    (Verified) PIRIFORM SOFTWARE LIMITED
svchost.exe    < 0.01    6,764 K    18,404 K    1672    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    5,004 K    18,356 K    9960    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
AvastUI.exe    < 0.01    40,504 K    18,240 K    12964    Avast Antivirus    AVAST Software    (Verified) Avast Software s.r.o.
msedge.exe    < 0.01    8,368 K    18,076 K    13428    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
svchost.exe        8,460 K    17,444 K    4160            
RAPSService.exe    < 0.01    14,324 K    17,412 K    6948    Windows Service Wrapper    Rivet Networks, LLC.    (Verified) Rivet Networks LLC
wsc_proxy.exe    < 0.01    8,208 K    17,288 K    3008            
svchost.exe        9,244 K    17,224 K    8496    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,412 K    16,940 K    9072            
TabTip.exe        4,228 K    16,624 K    10288    Touch Keyboard and Handwriting Panel    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        5,108 K    16,448 K    14292    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6,464 K    16,020 K    1880    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,988 K    15,420 K    2488    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
spoolsv.exe        5,300 K    15,348 K    4376    Spooler SubSystem App    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        3,284 K    15,224 K    9312    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    7,432 K    15,156 K    1224    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,472 K    15,124 K    3896    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
dllhost.exe        6,728 K    14,644 K    11612    COM Surrogate    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    < 0.01    3,972 K    14,556 K    3024    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6,004 K    14,436 K    2828    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
RtkAudUService64.exe        4,772 K    14,292 K    12616    Realtek HD Audio Universal Service    Realtek Semiconductor    (Verified) Realtek Semiconductor Corp.
igfxEMN.exe        3,956 K    14,292 K    6204    igfxEM Module    Intel Corporation    (Verified) Intel Corporation
svchost.exe        2,384 K    14,156 K    7896    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
SearchProtocolHost.exe        2,448 K    14,156 K    12632    Microsoft Windows Search Protocol Host    Microsoft Corporation    (Verified) Microsoft Windows
SecurityHealthService.exe        3,704 K    14,080 K    12444            
svchost.exe        3,432 K    14,068 K    2112    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    3,772 K    13,860 K    6528    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
taskhostw.exe        4,376 K    13,476 K    8976    Host Process for Windows Tasks    Microsoft Corporation    (Verified) Microsoft Windows
RAPS.exe    < 0.01    5,696 K    13,364 K    7140    RivetAPS    Rivet Networks LLC    (Verified) Rivet Networks LLC
RuntimeBroker.exe        2,748 K    13,332 K    11916    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        3,356 K    13,240 K    3652    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
conhost.exe    < 0.01    6,736 K    13,148 K    7172    Console Window Host    Microsoft Corporation    (Verified) Microsoft Windows
RtkAudUService64.exe        3,996 K    12,752 K    5636    Realtek HD Audio Universal Service    Realtek Semiconductor    (Verified) Realtek Semiconductor Corp.
procexp.exe        4,500 K    12,664 K    9612    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
svchost.exe        4,628 K    12,628 K    2464    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
WMIRegistrationService.exe        2,588 K    12,244 K    5824    Intel® Management Engine WMI Provider Registration    Intel Corporation    (Verified) Intel Corporation
winlogon.exe        2,664 K    11,880 K    1448    Windows Logon Application    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        3,444 K    11,644 K    7132            
svchost.exe        2,680 K    11,484 K    9508    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
dllhost.exe        3,156 K    11,444 K    9092    COM Surrogate    Microsoft Corporation    (Verified) Microsoft Windows
services.exe        6,160 K    11,232 K    612            
svchost.exe        2,408 K    11,200 K    3628    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,984 K    11,008 K    5408    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,152 K    10,976 K    3904    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,284 K    10,872 K    2660    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    3,420 K    10,672 K    2972    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    2,680 K    10,636 K    1872    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    3,012 K    10,600 K    1796    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
RtkAudUService64.exe        2,760 K    10,340 K    10492    Realtek HD Audio Universal Service    Realtek Semiconductor    (Verified) Realtek Semiconductor Corp.
WmiPrvSE.exe        3,012 K    10,188 K    7284    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
conhost.exe        6,416 K    10,148 K    13812    Console Window Host    Microsoft Corporation    (Verified) Microsoft Windows
conhost.exe        6,412 K    10,104 K    11444    Console Window Host    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        4,164 K    10,072 K    11976    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
DellOSDService.exe    < 0.01    2,492 K    10,056 K    5320    DellOSDService for Iceman/Colossus        (No signature was present in the subject)
AdobeNotificationClient.exe    Suspended    43,508 K    9,952 K    8888    Adobe Notification Client    Adobe Inc.    (Verified) Adobe Inc.
UserOOBEBroker.exe        2,340 K    9,856 K    13628    User OOBE Broker    Microsoft Corporation    (Verified) Microsoft Windows
conhost.exe        6,216 K    9,760 K    3160    Console Window Host    Microsoft Corporation    (Verified) Microsoft Windows
MediaButtons.exe    < 0.01    1,768 K    9,564 K    7164    DELL Application        (No signature was present in the subject)
svchost.exe        2,988 K    9,508 K    1664    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
unsecapp.exe    < 0.01    2,316 K    9,460 K    1712    Sink to receive asynchronous callbacks for WMI client application    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        2,496 K    9,460 K    5800    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
igfxCUIServiceN.exe        2,112 K    9,420 K    2940    igfxCUIService Module    Intel Corporation    (Verified) Intel Corporation
svchost.exe        1,832 K    9,348 K    13912    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
LMS.exe        2,864 K    9,304 K    5536    Intel® Local Management Service    Intel Corporation    (Verified) Intel Corporation
SecurityHealthSystray.exe        1,832 K    9,268 K    12360    Windows Security notification icon    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        2,476 K    9,132 K    13956    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,828 K    8,956 K    1696    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    2,336 K    8,956 K    3408    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,852 K    8,948 K    2088    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
fontdrvhost.exe        4,076 K    8,900 K    1512    Usermode Font Driver Host    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        2,048 K    8,672 K    2544    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    2,740 K    8,664 K    1280    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,192 K    8,484 K    4464    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,956 K    8,416 K    1888    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
WUDFHost.exe        5,440 K    8,400 K    1136    Windows Driver Foundation - User-mode Driver Framework Host Process    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    < 0.01    3,364 K    8,372 K    2844    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,868 K    8,340 K    3736    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,956 K    8,304 K    3336    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,780 K    8,172 K    2608    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,768 K    8,136 K    5392    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,112 K    7,944 K    1652    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,768 K    7,936 K    3572    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,000 K    7,928 K    2212    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    2,444 K    7,876 K    2052    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,104 K    7,796 K    5844    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
SearchFilterHost.exe        1,504 K    7,756 K    3928    Microsoft Windows Search Filter Host    Microsoft Corporation    (Verified) Microsoft Windows
msedge.exe        2,460 K    7,712 K    12060    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
svchost.exe    < 0.01    2,528 K    7,640 K    5888    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,020 K    7,592 K    7652    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,940 K    7,580 K    2456    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,936 K    7,440 K    3324    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,500 K    7,396 K    2240    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
WUDFHost.exe        1,672 K    7,272 K    1316    Windows Driver Foundation - User-mode Driver Framework Host Process    Microsoft Corporation    (Verified) Microsoft Windows
WUDFHost.exe        1,660 K    7,248 K    1372    Windows Driver Foundation - User-mode Driver Framework Host Process    Microsoft Corporation    (Verified) Microsoft Windows
AdobeUpdateService.exe    < 0.01    2,012 K    7,216 K    5340    Creative Cloud Update Service    Adobe Inc.    (Verified) Adobe Inc.
SgrmBroker.exe    < 0.01    5,660 K    7,172 K    13844            
wininit.exe        1,468 K    6,992 K    532            
unsecapp.exe        1,392 K    6,988 K    9040    Sink to receive asynchronous callbacks for WMI client application    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        1,804 K    6,912 K    3792    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,584 K    6,796 K    5592    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
dnscryptproxy.exe    < 0.01    3,840 K    6,792 K    13828    Cisco Umbrella DNSCryptProxy v2    Cisco Systems, Inc.    (Verified) Cisco Systems, Inc.
dnscryptproxy.exe    < 0.01    3,748 K    6,656 K    11428    Cisco Umbrella DNSCryptProxy v2    Cisco Systems, Inc.    (Verified) Cisco Systems, Inc.
svchost.exe        2,036 K    6,628 K    2148    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,488 K    6,468 K    5580    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
csrss.exe    < 0.01    2,896 K    6,376 K    568            
wlanext.exe        1,320 K    6,324 K    4080    Windows Wireless LAN 802.11 Extensibility Framework    Microsoft Corporation    (Verified) Microsoft Windows
jhi_service.exe        1,320 K    6,244 K    6056    Intel® Dynamic Application Loader Host Interface    Intel Corporation    (Verified) Intel® Embedded Subsystems and IP Blocks Group
armsvc.exe        1,604 K    6,124 K    5312    Acrobat Update Service    Adobe Inc.    (Verified) Adobe Inc.
svchost.exe    < 0.01    1,476 K    6,104 K    1864    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,388 K    6,084 K    4616    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,296 K    6,040 K    5236    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
taskhostw.exe        3,076 K    5,952 K    1580    Host Process for Windows Tasks    Microsoft Corporation    (Verified) Microsoft Windows
csrss.exe        2,280 K    5,912 K    972            
SmartByteAnalyticsService.exe        1,504 K    5,884 K    5612    SmartByte Analytics Service    Rivet Networks    (Verified) Rivet Networks LLC
svchost.exe        1,140 K    5,852 K    5460    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,340 K    5,840 K    3016    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
IntelCpHDCPSvc.exe        1,288 K    5,732 K    1852    Intel HD Graphics Drivers for Windows®    Intel Corporation    (Verified) Intel Corporation
svchost.exe        1,264 K    5,516 K    5932    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,304 K    5,484 K    7404    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
WirelessKB850NotificationService.exe        1,152 K    5,268 K    5960    WirelessKB850NotificationService.exe    Microsoft Corporation    (Verified) Microsoft Corporation
SystemSettings.exe    Suspended    57,620 K    4,836 K    9384    Settings    Microsoft Corporation    (Verified) Microsoft Windows
fontdrvhost.exe        1,668 K    3,560 K    1124    Usermode Font Driver Host    Microsoft Corporation    (Verified) Microsoft Windows
System    < 0.01    200 K    2,016 K    4            
GoogleCrashHandler.exe        1,584 K    1,128 K    8288    Google Crash Handler    Google LLC    (Verified) Google LLC
GoogleCrashHandler64.exe        1,620 K    880 K    8360    Google Crash Handler    Google LLC    (Verified) Google LLC
smss.exe        1,084 K    824 K    704            
System Idle Process    98.96    60 K    8 K    0            
Interrupts    < 0.01    0 K    0 K    n/a    Hardware Interrupts and DPCs        


 


  • 0

#6
BrianR1976
Posted 25 January 2024 - 06:54 PM

BrianR1976

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 355 posts

----------------------------------------------------------------------------
CrystalDiskInfo 9.2.2 © 2008-2024 hiyohiyo
                                Crystal Dew World: https://crystalmark.info/
----------------------------------------------------------------------------

    OS : Windows 10  [10.0 Build 19045] (x64)
  Date : 2024/01/25 17:54:23

-- Controller Map ----------------------------------------------------------
 + Standard SATA AHCI Controller [ATA]
   - WDC WD10SPZX-75Z10T3
 - Microsoft Storage Spaces Controller [SCSI]
 + Standard NVM Express Controller [SCSI]
   - PM991 NVMe Samsung 256GB

-- Disk List ---------------------------------------------------------------
 (01) PM991 NVMe Samsung 256GB : 256.0 GB [1/1/0, sq] - nv
 (02) WDC WD10SPZX-75Z10T3 : 1000.2 GB [0/0/0, pd1]

----------------------------------------------------------------------------
 (01) PM991 NVMe Samsung 256GB
----------------------------------------------------------------------------
           Model : PM991 NVMe Samsung 256GB
        Firmware : 25309039
   Serial Number :       S50ANF1N931168
       Disk Size : 256.0 GB
       Interface : NVM Express
        Standard : NVM Express 1.3
   Transfer Mode : PCIe 3.0 x4 | PCIe 3.0 x4
  Power On Hours : 1092 hours
  Power On Count : 1489 count
      Host Reads : 16346 GB
     Host Writes : 11816 GB
     Temperature : 45 C (113 F)
   Health Status : Good (95 %)
        Features : S.M.A.R.T., TRIM, VolatileWriteCache
    Drive Letter : C:

-- S.M.A.R.T. --------------------------------------------------------------
ID RawValues(6) Attribute Name
01 000000000000 Critical Warning
02 00000000013E Composite Temperature
03 000000000064 Available Spare
04 000000000032 Available Spare Threshold
05 000000000005 Percentage Used
06 0000020B1850 Data Units Read
07 0000017A1D41 Data Units Written
08 00001E575869 Host Read Commands
09 00001AEBB207 Host Write Commands
0A 000000000E81 Controller Busy Time
0B 0000000005D1 Power Cycles
0C 000000000444 Power On Hours
0D 000000000035 Unsafe Shutdowns
0E 000000000000 Media and Data Integrity Errors
0F 00000000121B Number of Error Information Log Entries

-- IDENTIFY_DEVICE ---------------------------------------------------------
        0    1    2    3    4    5    6    7    8    9
000: 144D 144D 2020 2020 2020 3553 4130 464E 4E31 3339
010: 3131 3836 4D50 3939 2031 564E 654D 5320 6D61 7573
020: 676E 3220 3635 4247 2020 2020 2020 2020 2020 2020
030: 2020 2020 3532 3033 3039 3933 3802 0025 0900 0005
040: 0300 0001 86A0 0001 1200 007A 0200 0000 0000 0000
050: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
060: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
070: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
080: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
090: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
100: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0017 0307
130: 0E16 043F 0101 0164 0166 0000 4000 0000 1000 0000
140: 6000 9E65 003B 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0023 0400
160: 0000 0001 0139 0166 0002 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 0000

-- SMART_NVME --------------------------------------------------------------
     +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 00 3E 01 64 32 05 00 00 00 00 00 00 00 00 00 00
010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
020: 50 18 0B 02 00 00 00 00 00 00 00 00 00 00 00 00
030: 41 1D 7A 01 00 00 00 00 00 00 00 00 00 00 00 00
040: 69 58 57 1E 00 00 00 00 00 00 00 00 00 00 00 00
050: 07 B2 EB 1A 00 00 00 00 00 00 00 00 00 00 00 00
060: 81 0E 00 00 00 00 00 00 00 00 00 00 00 00 00 00
070: D1 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00
080: 44 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00
090: 35 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0B0: 1B 12 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 3E 01 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 1A 00 00 00 00 00 00 00
0E0: 22 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

----------------------------------------------------------------------------
 (02) WDC WD10SPZX-75Z10T3
----------------------------------------------------------------------------
           Model : WDC WD10SPZX-75Z10T3
        Firmware : 14244514
   Serial Number : WXG2A701JE1H
       Disk Size : 1000.2 GB (8.4/137.4/1000.2/1000.2)
     Buffer Size : Unknown
     Queue Depth : 32
    # of Sectors : 1953525168
   Rotation Rate : 5400 RPM
       Interface : Serial ATA
   Major Version : ACS-3
   Minor Version : ACS-3 Revision 5
   Transfer Mode : SATA/600 | SATA/600
  Power On Hours : 2495 hours
  Power On Count : 1467 count
     Temperature : 28 C (82 F)
   Health Status : Good
        Features : S.M.A.R.T., APM, NCQ, TRIM, GPL
       APM Level : 0080h [ON]
       AAM Level : ----
    Drive Letter : D:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Read Error Rate
03 195 191 _21 0000000004C9 Spin-Up Time
04 _92 _92 __0 00000000226D Start/Stop Count
05 200 200 140 000000000000 Reallocated Sectors Count
07 200 200 __0 000000000000 Seek Error Rate
09 _97 _97 __0 0000000009BF Power-On Hours
0A 100 100 __0 000000000000 Spin Retry Count
0B 100 100 __0 000000000000 Recalibration Retries
0C _99 _99 __0 0000000005BB Power Cycle Count
BF _71 _71 __0 00000000001D G-Sense Error Rate
C0 200 200 __0 00000000000C Power-off Retract Count
C1 187 187 __0 000000009AF9 Load/Unload Cycle Count
C2 115 _97 __0 00000000001C Temperature
C4 200 200 __0 000000000000 Reallocation Event Count
C5 200 200 __0 000000000000 Current Pending Sector Count
C6 100 253 __0 000000000000 Uncorrectable Sector Count
C7 200 200 __0 000000000000 UltraDMA CRC Error Count
C8 100 253 __0 000000000000 Write Error Rate
F0 100 100 __0 000000000164 Head Flying Hours
F1 200 200 __0 0000642C4C40 Total Host Writes
F2 200 200 __0 0000593CDC3E Total Host Reads
FE 200 200 __0 000000000000 Free Fall Protection

-- IDENTIFY_DEVICE ---------------------------------------------------------
        0    1    2    3    4    5    6    7    8    9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 5758 4732 4137 3031 4A45 3148
020: 0000 0000 0000 3134 3234 3435 3134 5744 4320 5744
030: 3130 5350 5A58 2D37 355A 3130 5433 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4001 0000 0000 0006 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 4D08
070: 0000 0000 0000 0000 0000 001F 9F0E 0006 004C 0040
080: 07FE 006D 706B 7469 6123 7069 B449 6123 017F 005D
090: 005D 0080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 000A 6003 0000 5001 4EE2
110: 1303 6FBC 0000 0000 0000 0000 0000 0000 0000 4118
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 3D48
130: 50C8 7836 11E8 ADC0 FA7A E01B BEBC 2020 3130 3739
140: 3632 0000 0004 8160 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 1028 0000 4000 0000 0000 0001
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0001
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 3035 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 107E 0000 0000 0000 0000 0000 0000 0000
230: 6DB0 7470 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 83A5

-- SMART_READ_DATA ---------------------------------------------------------
     +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 C3 BF C9 04 00 00 00 00 00 04 32 00 5C 5C 6D
020: 22 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 61 61 BF 09 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 63 63 BB 05 00 00 00 00 00 BF 32
070: 00 47 47 1D 00 00 00 00 00 00 C0 32 00 C8 C8 0C
080: 00 00 00 00 00 00 C1 32 00 BB BB F9 9A 00 00 00
090: 00 00 C2 22 00 73 61 1C 00 00 00 00 00 00 C4 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C5 32 00 C8 C8 00
0B0: 00 00 00 00 00 00 C6 30 00 64 FD 00 00 00 00 00
0C0: 00 00 C7 32 00 C8 C8 00 00 00 00 00 00 00 C8 08
0D0: 00 64 FD 00 00 00 00 00 00 00 F0 32 00 64 64 64
0E0: 01 00 00 00 00 00 F1 32 00 C8 C8 40 4C 2C 64 00
0F0: 00 00 F2 32 00 C8 C8 3E DC 3C 59 00 00 00 FE 32
100: 00 C8 C8 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 34 17 01 71
170: 03 00 01 00 02 FF 02 10 01 00 00 00 00 00 00 00
180: 00 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 EA

-- SMART_READ_THRESHOLD ----------------------------------------------------
     +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 00 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 BF 00
070: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
080: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C4 00
0A0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0B0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0C0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 C8 00
0D0: 00 00 00 00 00 00 00 00 00 00 F0 00 00 00 00 00
0E0: 00 00 00 00 00 00 F1 00 00 00 00 00 00 00 00 00
0F0: 00 00 F2 00 00 00 00 00 00 00 00 00 00 00 FE 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 34 17 01 71
170: 03 00 01 00 02 FF 02 10 01 00 00 00 00 00 00 00
180: 00 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 35


 


  • 0

#7
BrianR1976
Posted 25 January 2024 - 06:58 PM

BrianR1976

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 355 posts

_________________________________________________________________________________________________________
CONCLUSION
_________________________________________________________________________________________________________
Your system appears to be suitable for handling real-time audio and other tasks without dropouts.
LatencyMon has been analyzing your system for  0:01:58  (h:mm:ss) on all processors.


_________________________________________________________________________________________________________
SYSTEM INFORMATION
_________________________________________________________________________________________________________
Computer name:                                        DELL-AWARE
OS version:                                           Windows 10, 10.0, version 2009, build: 19045 (x64)
Hardware:                                             Inspiron 5400 AIO, Dell Inc.
BIOS:                                                 1.23.1
CPU:                                                  GenuineIntel 11th Gen Intel® Core™ i5-1135G7 @ 2.40GHz
Logical processors:                                   8
Processor groups:                                     1
Processor group size:                                 8
RAM:                                                  11919 MB total


_________________________________________________________________________________________________________
CPU SPEED
_________________________________________________________________________________________________________
Reported CPU speed (WMI):                             2419 MHz
Reported CPU speed (registry):                        2419 MHz

Note: reported execution times may be calculated based on a fixed reported CPU speed. Disable variable speed settings like Intel Speed Step and AMD Cool N Quiet in the BIOS setup for more accurate results.


_________________________________________________________________________________________________________
MEASURED INTERRUPT TO USER PROCESS LATENCIES
_________________________________________________________________________________________________________
The interrupt to process latency reflects the measured interval that a usermode process needed to respond to a hardware request from the moment the interrupt service routine started execution. This includes the scheduling and execution of a DPC routine, the signaling of an event and the waking up of a usermode thread from an idle wait state in response to that event.

Highest measured interrupt to process latency (µs):   781.90
Average measured interrupt to process latency (µs):   10.106456

Highest measured interrupt to DPC latency (µs):       678.50
Average measured interrupt to DPC latency (µs):       2.177823


_________________________________________________________________________________________________________
 REPORTED ISRs
_________________________________________________________________________________________________________
Interrupt service routines are routines installed by the OS and device drivers that execute in response to a hardware interrupt signal.

Highest ISR routine execution time (µs):              24.770980
Driver with highest ISR routine execution time:       Wdf01000.sys - Kernel Mode Driver Framework Runtime, Microsoft Corporation

Highest reported total ISR routine time (%):          0.000172
Driver with highest ISR total time:                   Wdf01000.sys - Kernel Mode Driver Framework Runtime, Microsoft Corporation

Total time spent in ISRs (%)                          0.000172

ISR count (execution time <250 µs):                   278
ISR count (execution time 250-500 µs):                0
ISR count (execution time 500-1000 µs):               0
ISR count (execution time 1000-2000 µs):              0
ISR count (execution time 2000-4000 µs):              0
ISR count (execution time >=4000 µs):                 0


_________________________________________________________________________________________________________
REPORTED DPCs
_________________________________________________________________________________________________________
DPC routines are part of the interrupt servicing dispatch mechanism and disable the possibility for a process to utilize the CPU while it is interrupted until the DPC has finished execution.

Highest DPC routine execution time (µs):              691.218685
Driver with highest DPC routine execution time:       rspLLL64.sys - Resplendence Latency Monitoring and Auxiliary Kernel Library, Resplendence Software Projects Sp.

Highest reported total DPC routine time (%):          0.019527
Driver with highest DPC total execution time:         storport.sys - Microsoft Storage Port Driver, Microsoft Corporation

Total time spent in DPCs (%)                          0.042208

DPC count (execution time <250 µs):                   112382
DPC count (execution time 250-500 µs):                0
DPC count (execution time 500-10000 µs):              15
DPC count (execution time 1000-2000 µs):              0
DPC count (execution time 2000-4000 µs):              0
DPC count (execution time >=4000 µs):                 0


_________________________________________________________________________________________________________
 REPORTED HARD PAGEFAULTS
_________________________________________________________________________________________________________
Hard pagefaults are events that get triggered by making use of virtual memory that is not resident in RAM but backed by a memory mapped file on disk. The process of resolving the hard pagefault requires reading in the memory from disk while the process is interrupted and blocked from execution.

NOTE: some processes were hit by hard pagefaults. If these were programs producing audio, they are likely to interrupt the audio stream resulting in dropouts, clicks and pops. Check the Processes tab to see which programs were hit.

Process with highest pagefault count:                 aswidsagent.exe

Total number of hard pagefaults                       35864
Hard pagefault count of hardest hit process:          35680
Number of processes hit:                              15


_________________________________________________________________________________________________________
 PER CPU DATA
_________________________________________________________________________________________________________
CPU 0 Interrupt cycle time (s):                       5.710584
CPU 0 ISR highest execution time (µs):                24.770980
CPU 0 ISR total execution time (s):                   0.001637
CPU 0 ISR count:                                      278
CPU 0 DPC highest execution time (µs):                691.218685
CPU 0 DPC total execution time (s):                   0.159869
CPU 0 DPC count:                                      36201
_________________________________________________________________________________________________________
CPU 1 Interrupt cycle time (s):                       1.815454
CPU 1 ISR highest execution time (µs):                0.0
CPU 1 ISR total execution time (s):                   0.0
CPU 1 ISR count:                                      0
CPU 1 DPC highest execution time (µs):                236.413394
CPU 1 DPC total execution time (s):                   0.010721
CPU 1 DPC count:                                      784
_________________________________________________________________________________________________________
CPU 2 Interrupt cycle time (s):                       1.274595
CPU 2 ISR highest execution time (µs):                0.0
CPU 2 ISR total execution time (s):                   0.0
CPU 2 ISR count:                                      0
CPU 2 DPC highest execution time (µs):                131.373708
CPU 2 DPC total execution time (s):                   0.011841
CPU 2 DPC count:                                      1081
_________________________________________________________________________________________________________
CPU 3 Interrupt cycle time (s):                       1.329185
CPU 3 ISR highest execution time (µs):                0.0
CPU 3 ISR total execution time (s):                   0.0
CPU 3 ISR count:                                      0
CPU 3 DPC highest execution time (µs):                291.374948
CPU 3 DPC total execution time (s):                   0.010975
CPU 3 DPC count:                                      593
_________________________________________________________________________________________________________
CPU 4 Interrupt cycle time (s):                       1.468598
CPU 4 ISR highest execution time (µs):                0.0
CPU 4 ISR total execution time (s):                   0.0
CPU 4 ISR count:                                      0
CPU 4 DPC highest execution time (µs):                278.769740
CPU 4 DPC total execution time (s):                   0.129504
CPU 4 DPC count:                                      47359
_________________________________________________________________________________________________________
CPU 5 Interrupt cycle time (s):                       1.262557
CPU 5 ISR highest execution time (µs):                0.0
CPU 5 ISR total execution time (s):                   0.0
CPU 5 ISR count:                                      0
CPU 5 DPC highest execution time (µs):                272.915668
CPU 5 DPC total execution time (s):                   0.002008
CPU 5 DPC count:                                      149
_________________________________________________________________________________________________________
CPU 6 Interrupt cycle time (s):                       1.346691
CPU 6 ISR highest execution time (µs):                0.0
CPU 6 ISR total execution time (s):                   0.0
CPU 6 ISR count:                                      0
CPU 6 DPC highest execution time (µs):                122.064076
CPU 6 DPC total execution time (s):                   0.073255
CPU 6 DPC count:                                      26038
_________________________________________________________________________________________________________
CPU 7 Interrupt cycle time (s):                       1.188869
CPU 7 ISR highest execution time (µs):                0.0
CPU 7 ISR total execution time (s):                   0.0
CPU 7 ISR count:                                      0
CPU 7 DPC highest execution time (µs):                214.366680
CPU 7 DPC total execution time (s):                   0.002696
CPU 7 DPC count:                                      192
_________________________________________________________________________________________________________

 


  • 0

#8
BrianR1976
Posted 25 January 2024 - 07:02 PM

BrianR1976

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 355 posts

Here is the drivers info

Attached Thumbnails

  • Drivers.jpg

Edited by BrianR1976, 25 January 2024 - 07:02 PM.

  • 0

#9
BrianR1976
Posted 25 January 2024 - 07:27 PM

BrianR1976

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 355 posts

I am going to run the other one too just because

 

01/25/2024 18:06
Scan of C:

Scan of *STARTUP

File C:\Users\16025\OneDrive\Desktop\PVCC\MLAinMins\drive-download-20210423T194227Z-001.zip Error 0xC000003E {Data Error}
Number of searched folders: 237670
Number of tested files: 617196
Number of infected files: 0

 


  • 0

#10
BrianR1976
Posted 25 January 2024 - 10:18 PM

BrianR1976

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 355 posts

One final thing the EST Scan

 

1/25/2024 21:17:27 PM
Files scanned: 655493
Detected files: 2
Cleaned files: 2
Total scan time 00:56:08
Scan status: Finished
D:\Brians\Zip Files\Downloads\ccsetup554.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    cleaned by deleting

D:\Brians\Zip Files\Downloads\ccsetup557.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    cleaned by deleting


 


  • 0

Advertisements

#11
RKinner
Posted 26 January 2024 - 06:37 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

You are getting crashes in:

 

Firefox

Windows Audio

Microsoft.YourPhone

 

As it is unlikely you are using your PC as a phone you can just uninstall YourPhone:

 

Copy the following line:

Get-AppxPackage | select Name, PackageFullName | Format-List

Right click on the start button and you should see Windows Powershell (Admin) in the list.  Select it.

 

(If you don't see it you can Search for Powershell and when it finds Windows Powershell, right click and Run As Admiin.)

 

Once you have powershell up just right click in its window and the copied text should appear.  Hit Enter.

You will get a long list of installed programs.  They should be in alphabetical order so just scroll down (or up) until you find one that looks likes this:

 

 

 
Name            : Microsoft.YourPhone
PackageFullName : Microsoft.YourPhone_1.23112.87.0_x64__8wekyb3d8bbwe
 
 
Copy the PackageFullName: info (in bold) by highlighting and then hitting Enter.
 
Scroll down to the the bottom to the prompt and right click to paste the PackageFullName but do not hit Enter.
 
Now use the left arrow key to move to the start of the line and type
Remove-AppxPackage (you can also copy and paste as before) so that the line now reads:
 
Remove-AppxPackage Microsoft.YourPhone_1.23112.87.0_x64__8wekyb3d8bbwe
 
(or similar.  Your info after the first "_" may be different.)
 
Hit Enter.
 
IF you need more instructions you can go to:
 
(Don't download anything they offer)
 
For the Audio problem, search for Device Manager and hit Enter then scroll down to where it says Sound Video and Game controllers (open it up by clicking on the > in front of it if you don't see anything listed under it).  Usually the critical driver is the first one.  What is its name?  Right click on it and select properties then Drivers tab.  What is the Driver Date and Version?  Go to the Details tab and change where it says Device Description to Hardware Ids
 
You will see something like:
 
HDAUDIO\FUNC_01&VEN_1002&DEV_AA01&SUBSYS_00AA0100&REV_1003
HDAUDIO\FUNC_01&VEN_1002&DEV_AA01&SUBSYS_00AA0100
 
Click on the top line then right click and Copy.  Move to a Reply and Paste (Ctrl + v).
 
For Firefox I would click on the three dashes in the upper right and select Add-ons and themes then disable all of the add ons and extensions.  Close and reopen Firefox.  See if one of them is the culprit.  
 
A quick way to see the crashes is to use Vino Event Viewer to quickly read the events:
1. Please download the Event Viewer Tool by Vino Rosso
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
 
* System
4. Under 'Select type to list', select:
* Error
* Warning
 
 
Then use the 'Number of events' as follows:
 
 
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
 
 
You will have to look at the time stamp to see if its a new error or you may want to just clear all of the events after trying something:
 
To clear all events just download this fixlist,
Attached File  fixlist.txt   160bytes   40 downloads
open FRST and hit Fix:
 
No need to rerun a FRST scan or post the fixlog
 
 
 
 

  • 0

#12
BrianR1976
Posted 27 January 2024 - 12:15 AM

BrianR1976

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 355 posts

I did the Your Phone thing. I think something happened. Not entirely sure though.


  • 0

#13
BrianR1976
Posted 27 January 2024 - 12:17 AM

BrianR1976

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 355 posts

The top Audio driver is: Intel Smart Sound Technology for Bluetooth Audio

The driver date is 6/8/22

top hardware id: INTELAUDIO\CTLR_DEV_A0C8&LINKTYPE_03&DEVTYPE_00&VEN_8086&DEV_AE30&SUBSYS_0A061028&REV_0001


 


  • 0

#14
BrianR1976
Posted 27 January 2024 - 12:22 AM

BrianR1976

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 355 posts

Firefox crashing isn't really an issue I have been experiencing. It'll lag a little bit but I figure thats from too many windows being open. I do see that I have 3 different popup blockers: Adblocker Ultimate, Popup Blocker Ultimate, and uBlock Origin. This is in addition to the Malwarebytes Browser Guard. I assume I probably dont need 3 popup blockers running do I?


  • 0

#15
RKinner
Posted 27 January 2024 - 08:15 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

See if this helps the audio.  Got it off the intel site:

 

Resolution
  1. Open Device manager
  2. In System devices > Intel® Smart Sound Technology (Intel® SST) Audio Controller
  3. Right click and select Update driver
  4. Select Browse my computer for driver software
  5. Select let me pick from a list of available drivers on my computer
  6. Select High Definition Audio controller and install.
  7.  
Sounds like intel is admitting that their driver is worthless and recommending that you use the generic Windows driver.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP