My Windows 11 is running very slow. And today it had trouble booting up. It failed to load user profile the first 2 or 3 attempts. It finally loaded user profile and is running now. But very slow.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07.06.2024
Ran by jhauk (administrator) on DESKTOP-6JBP3L9 (Dell Inc. Inspiron 3670) (08-06-2024 16:18:42)
Running from C:\Users\jhauk\Desktop\FRST64.exe
Loaded Profiles: jhauk
Platform: Microsoft Windows 11 Home Version 23H2 22631.3593 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(C:\Program Files\Google\Drive File Stream\91.0.2.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\91.0.2.0\crashpad_handler.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.13200.10.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.92\msedgewebview2.exe <6>
(C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe ->) (Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\laclient.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(explorer.exe ->) (Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\jhauk\AppData\Local\WebEx\WebexHost.exe
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\91.0.2.0\GoogleDriveFS.exe <8>
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(explorer.exe ->) (Opera Software AS -> Opera Software) C:\Users\jhauk\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe <2>
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13>
(Pro Softnet Corporation -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_bglaunch.exe
(Pro Softnet Corporation -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_tray.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(services.exe ->) (Dell Inc -> Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9cf4db1a1fd1b22d\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ffb22091d2be88a5\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ffb22091d2be88a5\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_component.inf_amd64_0219cc1c7085a93f\igfxCUIService.exe
(services.exe ->) (Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel® Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_9c788f1d162b1224\RstMwService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe
(services.exe ->) (PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe
(services.exe ->) (Pro Softnet Corporation -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_service.exe
(services.exe ->) (Qualcomm Atheros -> Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_18c775e07a6aaafd\RtkAudUService64.exe <3>
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_444d52e511fbcc11\WavesSysSvc64.exe
(services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe
(sihost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2403.21002.0_x64__8wekyb3d8bbwe\MicrosoftSecurityApp\MicrosoftSecurityApp.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.StorePurchaseApp_22403.1401.1.0_x64__8wekyb3d8bbwe\StoreExperienceHost.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftTeams_24137.2402.2884.4157_x64__8wekyb3d8bbwe\msteamsupdate.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.13200.10.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_18c775e07a6aaafd\RtkAudUService64.exe [1257032 2021-04-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [DellMobileConnectWelcome] => C:\Program Files\Dell\DellMobileConnectDrivers\DellMobileConnectWStartup.exe [313064 2018-10-05] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [320056 2019-12-10] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1668000 2021-06-09] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_444d52e511fbcc11\WavesSvc64.exe [1237696 2020-12-06] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM-x32\...\Run: [IDrive Background process] => C:\Program Files (x86)\IDriveWindows\id_bglaunch.exe [78176 2020-02-18] (Pro Softnet Corporation -> Prosoftnet)
HKLM-x32\...\Run: [IDrive Tray] => C:\Program Files (x86)\IDriveWindows\id_tray.exe [1977696 2020-02-18] (Pro Softnet Corporation -> Prosoftnet)
HKLM-x32\...\Run: [uupdate] => C:\ProgramData\wDcLibs\uhelper.exe [512280 2019-11-28] (Shenzhen Yi Xing Investment Co., Ltd. -> ) <==== ATTENTION
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [271496 2017-11-02] (Canon Inc. -> CANON INC.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\91.0.2.0\GoogleDriveFS.exe [60955424 2024-05-22] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\91.0.2.0\GoogleDriveFS.exe [60955424 2024-05-22] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\91.0.2.0\GoogleDriveFS.exe [60955424 2024-05-22] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4384104 2024-03-06] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\Run: [Amazon Music Helper] => C:\Users\jhauk\AppData\Local\Amazon Music\Amazon Music Helper.exe [2361288 2022-06-06] (Amazon.com Services LLC -> Amazon.com Services LLC)
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\Run: [Amazon Music] => C:\Users\jhauk\AppData\Local\Amazon Music\Amazon Music.exe [21368776 2022-06-06] (Amazon.com Services LLC -> Amazon.com Services LLC)
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\jhauk\AppData\Local\WebEx\WebexHost.exe [7272032 2023-12-28] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\Run: [MicrosoftEdgeAutoLaunch_C3B4745A586F470C4B29567DA633CD3C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4136912 2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\jhauk\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\91.0.2.0\GoogleDriveFS.exe [60955424 2024-05-22] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\BJ Print Processor4: C:\Windows\System32\spool\prtprocs\x64\CNBPP4.DLL [84992 2011-08-30] (CANON INC.) [File not signed]
HKLM\...\Windows x64\Print Processors\Canon MP970 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD91.DLL [27648 2007-05-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon TS8300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDFT.DLL [529408 2020-06-21] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\BJ Language Monitor4: C:\WINDOWS\system32\CNBLM4.DLL [267776 2011-08-30] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP970 series: C:\WINDOWS\system32\CNMLM91.DLL [258560 2007-05-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS8300 series: C:\WINDOWS\system32\CNMLMFT.DLL [959488 2020-06-21] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [252416 2012-08-30] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\125.0.6422.142\Installer\chrmstp.exe [2024-06-04] (Google LLC -> Google LLC)
Startup: C:\Users\jhauk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\firefox.exe - Shortcut.lnk [2019-10-12]
ShortcutTarget: firefox.exe - Shortcut.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NotificationTool.lnk [2020-02-13]
ShortcutTarget: NotificationTool.lnk -> C:\Program Files (x86)\Canon\hdAlbum EZ\NotificationTool.exe (Canon Inc. -> CANON INC.)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2D2F2AC9-681A-4A95-A2BB-E3CF13CBF4D6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {ADDE2C7E-0006-4546-938F-6B890BF92244} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5439240 2024-05-15] (Microsoft Windows -> Microsoft Corporation)
Task: {CCA79BEA-4AB7-4017-88B1-401682E442F8} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem127.0.6490.0{41415382-AA10-4DD8-B29B-D1DEBF8D6028} => C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
Task: {1438B4C6-F818-4D1B-BB21-32F717D5670A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28498912 2024-05-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {A08577DB-85A3-4BDA-B3EE-B1267E05CDFE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28498912 2024-05-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {1DC90102-9470-45CD-9282-C841EE004E21} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309912 2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {B27AE3FE-5799-4ADA-AB62-25418C060A81} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309912 2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {92B4FBF9-3D04-4E19-B740-EB42E86B440A} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [169648 2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {EDFF0B54-722B-4DB3-93E5-B0A4BC32CA25} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16\OLicenseHeartbeat.exe [504304 2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => %systemroot%\system32\MusNotification.exe ForcedRebootRetry (No File)
Task: {852C9880-83E8-4533-8B9E-420D084BA3C6} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {1C29836D-4150-4C72-A134-BF7A2A93C83A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {01809A38-6C7B-4607-8427-F70DE2A0A5EC} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => %systemroot%\system32\MusNotification.exe Display (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {7EC05B01-DF66-419B-93D3-8DF3252D95D7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F3314AFA-3AE3-4A4B-A295-D523918CE086} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2515B6AB-7324-48BB-AB91-A6FB650D0362} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A9F31EDF-6481-4764-8C57-454BF30F7E46} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {155C3E5D-0899-4636-B4E4-9C556E2E219A} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [673696 2024-05-29] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {6428B4DE-2A82-4A3A-9E4A-0C6E56804B18} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-1015540938-3996997567-1391499832-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [673696 2024-05-29] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {F4B6147B-D8A5-4D58-AF10-9BFBD26B64A7} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [33696 2024-05-29] (Mozilla Corporation -> Mozilla Foundation)
Task: {B8E6C0FB-ED4C-4C76-BB49-61017BF5A97C} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1702118505 => C:\Users\jhauk\AppData\Local\Programs\Opera GX\launcher.exe [2251680 2024-05-28] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\jhauk\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {5E052495-EE59-4B84-8006-E451ECF2B861} - System32\Tasks\Opera GX scheduled Autoupdate 1702086698 => C:\Users\jhauk\AppData\Local\Programs\Opera GX\launcher.exe [2251680 2024-05-28] (Opera Norway AS -> Opera Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{e6d416ea-722e-4537-9bf4-49c06dbe3514}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{e6d416ea-722e-4537-9bf4-49c06dbe3514}: [DhcpDomain] attlocal.net
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\jhauk\AppData\Local\Microsoft\Edge\User Data\Default [2024-06-08]
Edge DownloadDir: Default -> C:\Users\jhauk\Desktop
Edge Extension: (Google Docs Offline) - C:\Users\jhauk\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-28]
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\jhauk\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2024-06-03]
Edge Extension: (Edge relevant text changes) - C:\Users\jhauk\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-31]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: ou4ydgfb.default-1553941110074
FF ProfilePath: C:\Users\jhauk\AppData\Roaming\Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074 [2024-06-08]
FF DownloadDir: C:\Users\jhauk\Desktop
FF Homepage: Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074 -> hxxps://www.facebook.com/|hxxps://mail.google.com/mail/u/0/?ui=2#inbox|hxxps://calendar.google.com/calendar/u/0/r/day?tab=mc
FF Notifications: Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074 -> hxxps://www.facebook.com; hxxps://usa.life; hxxps://mail.google.com
FF Extension: (Activist – Soft) - C:\Users\jhauk\AppData\Roaming\Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074\Extensions\[email protected] [2023-03-15]
FF Extension: (F.B Purity - Cleans up Facebook) - C:\Users\jhauk\AppData\Roaming\Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074\Extensions\[email protected] [2024-04-01] [UpdateUrl:hxxps://www.fbpurity.com/FF-FBP-Ext-Updates.json]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\jhauk\AppData\Roaming\Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074\Extensions\[email protected] [2024-05-17]
FF Extension: (Zoom Extension) - C:\Users\jhauk\AppData\Roaming\Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074\Extensions\{bf855ead-d7c3-4c7b-9f88-9a7e75c0efdf}.xpi [2024-05-30]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-05-11] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2015-10-29] (CANON INC.) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default [2024-06-08]
CHR DownloadDir: C:\Users\jhauk\Desktop
CHR Notifications: Default -> hxxps://re-captha-version-2-5.top
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-05-29]
CHR Extension: (Google Docs Offline) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-26]
CHR Extension: (Mountain River) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\hldnnpdpbcplkacehcbafmncblojlead [2020-05-19]
CHR Extension: (Fluff Busting Purity) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkinhboiljjkhaknpaeaicmdjhagpep [2024-03-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-28]
CHR Profile: C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-02-16]
CHR Profile: C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-02-16]
CHR Extension: (Slides) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-01-21]
CHR Extension: (Docs) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2022-01-21]
CHR Extension: (Google Drive) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-01-21]
CHR Extension: (YouTube) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-01-21]
CHR Extension: (Sheets) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-01-21]
CHR Extension: (Google Docs Offline) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-02-25]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-02-25]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-01-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-21]
CHR Extension: (Gmail) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-01-21]
CHR Profile: C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\System Profile [2023-02-16]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-1015540938-3996997567-1391499832-1001) Opera GXStable - "C:\Users\jhauk\AppData\Local\Programs\Opera GX\Launcher.exe"
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14012520 2024-05-26] (Microsoft Corporation -> Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [426528 2021-07-13] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3834400 2021-07-13] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [452640 2021-07-13] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe [1020584 2021-07-05] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [47320 2022-10-29] (Dell Inc -> )
S2 GoogleUpdaterInternalService127.0.6490.0; C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
S2 GoogleUpdaterService127.0.6490.0; C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
R2 IDriveService; C:\Program Files (x86)\IDriveWindows\id_service.exe [334688 2020-02-18] (Pro Softnet Corporation -> Prosoftnet)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [443344 2020-05-25] (Canon Inc. -> )
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe [1505416 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39968 2021-07-17] (Dell Inc -> Dell Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe [3236728 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe [133704 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\TunesGo\DriverInstall.exe [107624 2018-12-13] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
S3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [42376 2020-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
R1 googledrivefs31357; C:\WINDOWS\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2023-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 MpKsla71356b0; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3C6A3955-77ED-44A1-A354-195DD1014B1D}\MpKslDrv.sys [271648 2024-06-08] (Microsoft Windows -> Microsoft Corporation)
R3 PCDSRVC{B3325DDC-86EB73E3-06040000}_0; c:\program files\dell\supportassistagent\pcd\supportassist\pcdsrvc_x64.pkms [56672 2021-07-05] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [27744 2021-03-09] (Daniel Terhell -> Resplendence Software Projects Sp.)
R3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22080 2024-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [602520 2024-06-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105880 2024-06-05] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-06-08 16:18 - 2024-06-08 16:21 - 000032473 _____ C:\Users\jhauk\Desktop\FRST.txt
2024-06-08 16:15 - 2024-06-08 16:15 - 002395136 _____ (Farbar) C:\Users\jhauk\Desktop\FRST64.exe
2024-06-08 07:47 - 2024-06-08 07:47 - 000000000 ____D C:\Users\TEMP.DESKTOP-6JBP3L9
2024-06-08 07:47 - 2023-02-18 17:38 - 000000000 ____D C:\Users\TEMP.DESKTOP-6JBP3L9\AppData\Roaming\Microsoft\Network
2024-06-08 07:47 - 2023-02-18 16:37 - 000000000 ____D C:\Users\TEMP.DESKTOP-6JBP3L9\AppData\Roaming\Microsoft\Windows
2024-06-08 07:47 - 2022-05-07 01:24 - 000000000 ____D C:\Users\TEMP.DESKTOP-6JBP3L9\AppData\Roaming\Microsoft\Spelling
2024-06-08 07:47 - 2019-12-02 08:31 - 000000000 ____D C:\Users\TEMP.DESKTOP-6JBP3L9\AppData\Roaming\Intel Corporation
2024-06-08 07:39 - 2024-06-08 07:47 - 000000000 ____D C:\Users\TEMP
2024-06-08 07:39 - 2023-02-18 17:38 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\Microsoft\Network
2024-06-08 07:39 - 2023-02-18 16:37 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\Microsoft\Windows
2024-06-08 07:39 - 2022-05-07 01:24 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\Microsoft\Spelling
2024-06-08 07:39 - 2019-12-02 08:31 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\Intel Corporation
2024-06-03 06:44 - 2024-06-03 06:44 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-05-30 00:31 - 2024-05-30 00:31 - 011247458 _____ C:\Users\jhauk\Documents\FUNK (2024-05-30).rmgb
2024-05-29 01:27 - 2024-06-08 07:50 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-05-28 22:01 - 2024-05-28 22:01 - 000004218 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1702086698
2024-05-28 22:01 - 2024-05-28 22:01 - 000001440 _____ C:\Users\jhauk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera GX Browser.lnk
2024-05-28 01:12 - 2024-05-28 01:12 - 011245324 _____ C:\Users\jhauk\Documents\FUNK (2024-05-28).rmgb
2024-05-27 01:54 - 2024-05-27 01:54 - 011238755 _____ C:\Users\jhauk\Documents\FUNK (2024-05-27).rmgb
2024-05-25 07:31 - 2024-06-07 07:47 - 000000000 ____D C:\Users\jhauk\Desktop\CHOG Historical Society
2024-05-25 03:07 - 2024-05-25 03:07 - 011236833 _____ C:\Users\jhauk\Documents\FUNK (2024-05-25).rmgb
2024-05-24 03:30 - 2024-05-24 03:30 - 013318743 _____ C:\Users\jhauk\Desktop\Anton Spitzig citizenship.pdf
2024-05-24 03:26 - 2024-05-24 03:29 - 010086305 _____ C:\Users\jhauk\Desktop\G. Anthony Spitzig family group.pdf
2024-05-24 03:20 - 2024-05-24 03:21 - 004463306 _____ C:\Users\jhauk\Desktop\Ship Hohenzollern.pdf
2024-05-24 03:16 - 2024-05-24 03:17 - 007437261 _____ C:\Users\jhauk\Desktop\Arrival Records for Anton Spitzig.pdf
2024-05-24 03:13 - 2024-05-24 03:13 - 001036477 _____ C:\Users\jhauk\Desktop\Pedigree chart so far 5-24-24.pdf
2024-05-22 01:30 - 2024-05-22 23:24 - 011231130 _____ C:\Users\jhauk\Documents\FUNK (2024-05-22).rmgb
2024-05-21 02:48 - 2024-05-21 02:48 - 011222839 _____ C:\Users\jhauk\Documents\FUNK (2024-05-21).rmgb
2024-05-20 02:37 - 2024-05-20 02:37 - 011218318 _____ C:\Users\jhauk\Documents\FUNK (2024-05-20).rmgb
2024-05-18 18:00 - 2024-05-18 23:58 - 011209078 _____ C:\Users\jhauk\Documents\FUNK (2024-05-18).rmgb
2024-05-18 16:46 - 2024-05-18 16:46 - 000005120 _____ C:\Users\jhauk\Documents\FUNK.DUP
2024-05-16 08:01 - 2024-05-16 08:01 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-05-16 08:01 - 2024-05-16 08:01 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-05-16 08:01 - 2024-05-16 08:01 - 000002065 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-05-15 21:02 - 2024-05-15 21:04 - 006582815 _____ C:\Users\jhauk\Desktop\How Was Church.pdf
2024-05-11 23:42 - 2024-05-11 23:42 - 011187473 _____ C:\Users\jhauk\Documents\FUNK (2024-05-11).rmgb
2024-05-10 07:12 - 2024-05-10 07:12 - 000000000 ____D C:\WINDOWS\pss
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-06-08 16:21 - 2019-03-18 10:16 - 000000000 ____D C:\ProgramData\IDrive
2024-06-08 16:20 - 2023-05-20 11:31 - 000000000 ____D C:\FRST
2024-06-08 16:15 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-06-08 16:14 - 2022-02-09 23:17 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-06-08 16:13 - 2023-02-18 17:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-06-08 16:13 - 2022-05-07 01:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-06-08 16:13 - 2019-03-18 09:23 - 000000000 ___SD C:\Users\jhauk\AppData\Roaming\Microsoft\Credentials
2024-06-08 09:04 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-06-08 08:59 - 2022-05-07 01:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-06-08 08:52 - 2020-06-20 06:07 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-06-08 08:26 - 2020-06-08 06:52 - 000000000 ____D C:\Users\jhauk\Documents\Outlook Files
2024-06-08 08:14 - 2019-04-03 00:54 - 000000000 ____D C:\Users\jhauk\AppData\Roaming\Microsoft\Excel
2024-06-08 08:14 - 2019-04-03 00:42 - 000000000 ____D C:\Users\jhauk\AppData\Roaming\Microsoft\Word
2024-06-08 07:59 - 2023-01-25 07:38 - 000000000 ____D C:\Users\jhauk\AppData\Local\WebEx
2024-06-08 07:58 - 2019-03-18 09:26 - 000000000 ____D C:\Users\jhauk\AppData\Local\Packages
2024-06-08 07:56 - 2023-02-18 16:37 - 000000000 ____D C:\Users\jhauk
2024-06-08 07:52 - 2019-03-18 09:30 - 000000000 ____D C:\ProgramData\Packages
2024-06-08 07:51 - 2022-05-07 01:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-06-08 07:51 - 2018-11-21 04:09 - 000000000 __RHD C:\Users\Public\AccountPictures
2024-06-08 07:50 - 2023-02-18 18:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-06-08 07:50 - 2020-08-05 02:33 - 000012288 ___SH C:\DumpStack.log.tmp
2024-06-08 07:50 - 2019-03-18 09:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-06-08 04:15 - 2019-03-18 18:50 - 000000000 ____D C:\Users\jhauk\Documents\Bren
2024-06-08 00:51 - 2019-03-18 12:25 - 000000000 ____D C:\Users\jhauk\AppData\Local\D3DSCache
2024-06-07 21:44 - 2023-02-18 18:00 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-06-07 21:44 - 2023-02-18 18:00 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-06-07 13:47 - 2019-03-18 18:57 - 000000000 ____D C:\Users\jhauk\Desktop\John
2024-06-05 21:15 - 2022-05-07 01:22 - 000000000 ____D C:\WINDOWS\INF
2024-06-05 01:10 - 2018-11-21 03:18 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-06-04 20:12 - 2019-03-18 09:35 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-06-04 03:08 - 2019-04-02 23:10 - 000000000 ____D C:\Users\jhauk\AppData\Roaming\Microsoft\Office
2024-06-04 02:59 - 2019-03-27 11:34 - 000000000 ____D C:\Users\jhauk\Desktop\Lou Ann - Choruses; Print-Scan, save to comp., doc. (pdf)
2024-06-03 06:42 - 2019-04-02 08:43 - 000000000 ____D C:\Program Files\Microsoft Office
2024-06-02 22:24 - 2021-10-07 09:41 - 000000000 ____D C:\Users\jhauk\AppData\Local\CrashDumps
2024-06-01 06:57 - 2019-03-19 05:21 - 000000000 ____D C:\Users\Aukerman\Desktop\John
2024-06-01 00:41 - 2019-04-08 06:46 - 041373696 _____ C:\Users\jhauk\Documents\FUNK.rmgc
2024-06-01 00:20 - 2020-02-13 14:56 - 000000000 ____D C:\ProgramData\CanonIJPLM
2024-05-29 06:52 - 2019-03-18 09:43 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-05-22 14:03 - 2021-02-03 14:32 - 000002172 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2024-05-22 14:03 - 2019-03-18 09:34 - 000000000 ____D C:\Program Files (x86)\Google
2024-05-15 15:46 - 2022-05-07 01:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-05-15 15:37 - 2023-02-18 17:35 - 000852164 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-05-15 15:29 - 2022-05-07 01:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-05-15 07:36 - 2022-05-07 01:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-05-15 07:34 - 2019-03-19 06:00 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-05-15 07:29 - 2019-03-19 06:00 - 196465576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-05-15 03:36 - 2023-02-18 17:28 - 000543568 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-05-15 03:32 - 2023-10-13 02:34 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-05-15 03:32 - 2022-05-07 01:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-05-15 03:32 - 2022-05-07 01:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-05-15 03:32 - 2022-05-07 01:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-05-15 03:32 - 2022-05-07 01:24 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-05-15 03:32 - 2022-05-07 01:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-05-15 03:32 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\UUS
2024-05-15 03:32 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-05-15 03:32 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2024-05-15 03:32 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-05-15 03:32 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-05-15 03:32 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-05-15 03:32 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-05-15 03:32 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2024-05-15 03:32 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-05-15 03:32 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-05-15 03:32 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\setup
2024-05-15 03:32 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-05-15 03:32 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-05-15 03:32 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-05-15 03:32 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2024-05-15 03:32 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-05-15 03:32 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-05-15 03:31 - 2022-05-07 01:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-05-15 03:31 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\SystemApps
2024-05-15 03:31 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-05-15 03:31 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-05-15 03:31 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\BrowserCore
2024-05-15 03:31 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-05-15 03:31 - 2022-05-07 01:17 - 000000000 ____D C:\WINDOWS\servicing
2024-05-15 00:43 - 2023-02-18 17:33 - 003214336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-05-12 21:29 - 2019-07-30 07:16 - 004664320 _____ C:\Users\jhauk\Documents\aukerman20190730.rmgc
==================== Files in the root of some directories ========
2021-01-18 13:44 - 2021-01-18 13:44 - 000000171 _____ () C:\Users\jhauk\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07.06.2024
Ran by jhauk (08-06-2024 16:25:47)
Running from C:\Users\jhauk\Desktop
Microsoft Windows 11 Home Version 23H2 22631.3593 (X64) (2023-02-18 22:01:33)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1015540938-3996997567-1391499832-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1015540938-3996997567-1391499832-503 - Limited - Disabled)
Guest (S-1-5-21-1015540938-3996997567-1391499832-501 - Limited - Disabled)
jhauk (S-1-5-21-1015540938-3996997567-1391499832-1001 - Administrator - Enabled) => C:\Users\jhauk
WDAGUtilityAccount (S-1-5-21-1015540938-3996997567-1391499832-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
4K Video Downloader 4.8 (HKLM\...\{2FA2F521-494C-4E8F-8C30-3D3E81590413}) (Version: 4.8.0.2852 - Open Media LLC)
AceMoney (HKLM-x32\...\AceMoney_is1) (Version: - MechCAD Software)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 24.002.20759 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Amazon Music (HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\Amazon Amazon Music) (Version: 9.1.0.2339 - Amazon.com Services LLC)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version: - )
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.10.2 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: - )
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.30.1.52 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.5.5.3 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.3.0 - Canon Inc.)
Canon MP970 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP970_series) (Version: - )
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.5.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.5.2 - Canon Inc.)
Canon TS8300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS8300_series) (Version: 1.02 - Canon Inc.)
Cisco Webex Meetings (HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\ActiveTouchMeetingClient) (Version: 43.1.0 - Cisco Webex LLC)
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 5.59 - NCH Software)
Dell Update for Windows Universal (HKLM\...\{F68DA8E2-38B6-47A7-AB62-BFE8B740F792}) (Version: 4.7.0 - Dell Inc.)
Discord (HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\Discord) (Version: 1.0.9003 - Discord Inc.)
Dynamic Application Loader Host Interface Service (HKLM\...\{3252E69D-9075-40FD-A9EF-F6D96091B5BF}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 125.0.6422.142 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 91.0.2.0 - Google LLC)
hdAlbum EZ (HKLM-x32\...\{014BBF3C-D9C4-4FD0-857D-E7DDC95263C0}) (Version: 1.7.1.6 - Canon Inc.)
IDrive version 6.7.3.6 (HKLM-x32\...\IDrive_is1) (Version: 6.7.3.6 - Pro Softnet Corp)
Intel® Chipset Device Software (HKLM\...\{148D6ED8-24B8-443D-9C5B-5D6BF506671B}) (Version: 10.1.17903.8106 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{70281077-96c3-4f75-938c-dc4746110c00}) (Version: 10.1.17903.8106 - Intel® Corporation)
Intel® Icls (HKLM\...\{4625C928-49BB-44DC-92E3-B9EC0972C72D}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® LMS (HKLM\...\{C6577DC3-0C37-48BF-817B-54941E2A9D5F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1932.12.0.1298 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{8A47F310-D3B6-4894-AE24-5E997B13999B}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{D80FDFD4-0702-4950-A949-CC2AE3B36F23}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Driver (HKLM\...\{434309ED-354E-460C-B241-0803232C7CC9}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® OEM Extension (HKLM\...\{FEB772C1-919E-4145-9691-AFFAC915496F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.8141 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.5.9.1040 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{6B487AA5-94E3-4B20-A1AF-2FA0CEA5BD13}) (Version: 17.5.9.1040 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.56.87.0 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.56.87.0 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{05817e4d-5f15-49b4-afec-7edb31fc7dd6}) (Version: 1.56.87.0 - Intel Corporation) Hidden
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{C81FD018-F151-460F-B4F9-0D58039503E2}) (Version: 17.2.4.9002 - Intel Corporation)
Jihosoft Phone Transfer version 3.4.2.0 (HKLM-x32\...\{116B8806-B959-4600-8591-35E60440BD3D}_is1) (Version: 3.4.2.0 - HONGKONG JIHO CO., LIMITED)
LatencyMon 7.20 (HKLM\...\LatencyMon_is1) (Version: 7.20 - Resplendence Software Projects Sp.)
Logitech Options (HKLM\...\LogiOptions) (Version: 8.54.161 - Logitech)
Logitech Unifying Software 2.52 (HKLM\...\Logitech Unifying) (Version: 2.52.33 - Logitech)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.17628.20110 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 125.0.2535.92 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 125.0.2535.92 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{92418797-A53F-4B3E-A56A-F8B739B6F1FF}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{B12E6B2E-1E47-4D58-A45E-AA92A5F8F8FD}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24215 (HKLM\...\{EF1EC6A9-17DE-3DA9-B040-686A1E8A8B04}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24215 (HKLM\...\{50A2BC33-C9CD-3BF1-A8FF-53C10A0B183C}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30135 (HKLM-x32\...\{b7a2b241-3f54-4d7d-94d1-8ce0146e03c7}) (Version: 14.29.30135.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30135 (HKLM-x32\...\{77EB1EA9-8E1B-459D-8CDC-1984D0FF15B6}) (Version: 14.29.30135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30135 (HKLM-x32\...\{36A1E79B-581A-4FE5-843D-84C2D3C9431E}) (Version: 14.29.30135 - Microsoft Corporation) Hidden
Movavi Screen Recorder Studio 10 (HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\Movavi Screen Recorder Studio 10) (Version: 10.2.0 - Movavi)
Movavi Video Editor Plus 2022 (HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\Movavi Video Editor Plus 2022) (Version: 22.1.0 - Movavi)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 126.0.1 (x64 en-US)) (Version: 126.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0.2 - Mozilla)
MusicTime Deluxe (HKLM-x32\...\MusicTime Deluxe 4.0.4) (Version: 4.0.4 - Passport)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 30.1.1 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17628.20110 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17628.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Opera GX Stable 109.0.5097.108 (HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\Opera GX 109.0.5097.108) (Version: 109.0.5097.108 - Opera Software)
Printer Registration (HKLM-x32\...\Canon EISRegistration) (Version: 1.7.5 - Canon Inc.)
Qualcomm WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.18362.31252 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8791.1 - Realtek Semiconductor Corp.)
Roblox Studio for jhauk (HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\roblox-studio) (Version: - Roblox Corporation)
RootsMagic 7.6.1.0 (HKLM-x32\...\{D6286873-A757-4A4D-A6EF-0081B3EE32CA}_is1) (Version: RootsMagic 7.6.1.0 - RootsMagic, Inc.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Switch Sound File Converter (HKLM-x32\...\Switch) (Version: 10.40 - NCH Software)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{FBA3961B-D1DF-493C-BC1F-E67D3B832895}) (Version: 2.56.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 - Microsoft Corporation)
vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
VSDC Free Video Editor version 6.3.9.49 (HKLM\...\VSDC Free Video Editor_is1) (Version: 6.3.9.49 - Flash-Integro LLC)
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Web Launch Recorder (HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\WebLaunchRecorder) (Version: 2.0 - )
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22391 - Microsoft Corporation)
Windows 11 Installation Assistant (HKLM-x32\...\{115DF11E-4B4C-4EA9-9A79-00DB0C7EF02D}) (Version: 1.4.19041.2063 - Microsoft Corporation)
Windows PC Health Check (HKLM\...\{804A0628-543B-4984-896C-F58BF6A54832}) (Version: 3.7.2204.15001 - Microsoft Corporation)
Windows PC Health Check (HKLM\...\{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Wondershare TunesGo ( Version 9.7.3 ) (HKLM-x32\...\{0B31C808-8274-460D-8846-C711D40544A0}_is1) (Version: 9.7.3 - Wondershare)
Youtube Downloader HD v. 4.4.2 (HKLM-x32\...\Youtube Downloader HD_is1) (Version: - YoutubeDownloaderHD.com)
Zoom (HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\ZoomUMX) (Version: 5.9.3 (3169) - Zoom Video Communications, Inc.)
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-03-28] ()
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5487.0_x64__8j3eq9eme6ctt [2024-06-08] (INTEL CORP) [Startup Task]
Audacity 2 -> C:\Program Files\WindowsApps\42109FactoriaDatacenter.Audacity2_2.3.2.0_neutral__zaf1c6h4vqsbt [2019-05-29] (Repackagerexpress.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_3.14.1.0_x64__kgqvnymyfvs32 [2024-06-03] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2792.1.0_x64__kgqvnymyfvs32 [2024-06-06] (king.com)
Canon Office Printer Utility -> C:\Program Files\WindowsApps\34791E63.CanonOfficePrinterUtility_12.7.0.0_x64__6e5tt8cgb93ep [2024-05-15] (Canon Inc.)
Corel PaintShop Pro -> C:\Program Files\WindowsApps\CorelCorporation.PaintShopPro_25.2.60.0_x64__wbjqpk9xt50t4 [2023-08-24] (Corel Corporation)
Cut Video App -> C:\Program Files\WindowsApps\AnywaySoftInc.CutVideoApp_1.2.6.0_x64__0qkrc2qacwvfm [2024-05-15] (AnywaySoft, Inc.)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.10.4.0_x64__htrsf667h5kn2 [2023-11-15] (Dell Inc)
Downloader for YouTube. Free Coverter to MP3, MP4 & AVI. -> C:\Program Files\WindowsApps\13240GoodBuzzMedia.DownloaderforYouTube.FreeCovert_1.1.17.0_x64__pkybfkfh0fpqa [2020-11-03] (Good Buzz Media)
Express Burn CD and DVD Burner -> C:\Program Files\WindowsApps\NCHSoftware.ExpressBurnFree_12.0.0.0_x86__7kedsbyvzns34 [2023-07-15] (NCH Software)
Free Instant Youtube Downloader -> C:\Program Files\WindowsApps\356E5ED5.FreeInstantYoutubeDownloader_1.5.2.0_x64__n9erwrkheyjxe [2020-02-05] (Prospera Software Inc.) [MS Ad]
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2021-11-13] (INTEL CORP)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa [2024-05-09] (Apple Inc.) [Startup Task]
Libby, by OverDrive -> C:\Program Files\WindowsApps\2FA138F6.LibbybyOverDrive_1.4.2.0_x64__daecb9042jmvt [2024-05-15] (OverDrive Inc.)
Media Player -> C:\Program Files\WindowsApps\YellowElephantProductions.MediaPlayerS_1.333.43.0_x64__p3e1zgp7z7szg [2024-05-06] (Yellow Elephant Productions)
Media Suite Essentials -> C:\Program Files\WindowsApps\DB6EA5DB.MediaSuiteEssentialsforDell_2.6.15823.0_x86__mcezb6ze687jp [2024-02-27] (CYBERLINK CORPORATION.)
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1809.1.0_x64__8wekyb3d8bbwe [2024-06-08] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1809.1.0_x86__8wekyb3d8bbwe [2024-06-08] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2024-06-08] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2024-06-08] (Microsoft Corporation) [MS Ad]
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2403.21002.0_x64__8wekyb3d8bbwe [2024-04-12] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-15] (Microsoft Corp.)
Microsoft.MPEG2VideoExtension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-08-09] (Microsoft Corporation)
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24051.39.0_x64__cw5n1h2txyewy [2024-06-08] (Microsoft Windows) [Startup Task]
Minecraft for Windows -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.20.8101.0_x64__8wekyb3d8bbwe [2024-04-30] (Microsoft Studios)
MuseScore 3 -> C:\Program Files\WindowsApps\64051MuseScoreBVBA.MuseScoreNotationSoftware_3.3.4.0_x64__pz631wrhsw9tj [2023-05-20] (MuseScore BVBA)
My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_2.2.6.0_x64__htrsf667h5kn2 [2024-06-08] (Dell Inc)
OpenShot Video Editor - MS Store Port -> C:\Program Files\WindowsApps\37559StorePorts.OpenShotVideoEditor-MSStorePort_1.1.2.0_x64__gbs9e2cxjv4vj [2020-02-22] (Store Ports)
Photos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2024.11050.29009.0_x64__8wekyb3d8bbwe [2024-06-03] (Microsoft Corporation) [Startup Task]
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2023-05-20] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-05-20] (Microsoft Corporation)
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_3.27.25.0_x64__nfy108tqq3p12 [2024-05-25] (Thumbmunkeys Ltd)
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2024-05-15] (Plex)
Power Media Player for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerMediaPlayerforDell_14.2.4925.0_x86__mcezb6ze687jp [2022-08-12] (CYBERLINK CORPORATION.)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.628.388.0_x64__55nm5eh3cm0pr [2024-06-08] (Roblox Corporation)
Screen Recorder Lite -> C:\Program Files\WindowsApps\YellowElephantProductions.ScreenRecorderLite_1.304.144.0_x64__p3e1zgp7z7szg [2024-06-07] (Yellow Elephant Productions) [Startup Task]
SHARE.it -> C:\Program Files\WindowsApps\30608Paradox.SHAREit81_1.7.18.0_x64__ghshvk1r7eapp [2019-04-30] (SHAREit Technologies Co.Ltd) [MS Ad]
Slack -> C:\Program Files\WindowsApps\91750D7E.Slack_4.38.127.0_x64__8she8kybcnzg4 [2024-05-24] (Slack Technologies Inc.) [Startup Task]
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2024-05-16] (Microsoft Corporation)
TW PLAYER -> C:\Program Files\WindowsApps\42731GoodMediaGroup.VidsTokforTwitchGamingLiveStre_1.1.45.0_x64__wzw6dymc89v9p [2024-06-08] (Good Media Group)
Ultra Screen Recorder -> C:\Program Files\WindowsApps\D5BE6627.UltraScreenRecorder_2.0.9.0_x86__9pm2v9747qaaa [2021-03-29] (CompuClever Systems Inc.)
VideoPad Video Editor Software -> C:\Program Files\WindowsApps\NCHSoftware.VideoPadVideoEditorFree_16.1.9.0_x86__7kedsbyvzns34 [2024-05-24] (NCH Software)
VLC -> C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a [2024-05-15] (VideoLAN)
Waves MaxxAudio Pro for Dell -> C:\Program Files\WindowsApps\WavesAudio.WavesMaxxAudioProforDell_1.1.131.0_x64__fh4rh281wavaa [2024-05-15] (Waves Audio)
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.119.156.0_x64__8wekyb3d8bbwe [2024-06-04] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_5001.119.156.0_x64__8wekyb3d8bbwe [2024-06-04] (Microsoft Corp.)
Windows CoPilot MSIX Pack -> C:\Program Files\WindowsApps\MicrosoftWindows.Client.CoPilot_724.1301.930.5_x64__cw5n1h2txyewy [2024-05-18] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.LKG_cw5n1h2txyewy [2024-05-15] (Microsoft Windows)
Zalo Desktop -> C:\Program Files\WindowsApps\VNGOnline.Zalofordesktop_19.8.1.0_x64__z59ddpn1nx8g0 [2023-05-20] (VNG Online)
ZAPYA -> C:\Program Files\WindowsApps\EBAC32FB.ZAPYA_1.2.6.0_x86__7pjp2xjm0bc9w [2024-05-15] (邻动(北京)技术有限公司)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1015540938-3996997567-1391499832-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
ShellIconOverlayIdentifiers: [ 0001IDSIcon1] -> {0FA6DCC0-CF0B-427D-A8AF-97C466AB5769} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2020-02-18] (Pro Softnet Corporation -> Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers: [ 0001IDSIcon2] -> {66357BBE-D2E5-453C-95FF-8102EB32419D} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2020-02-18] (Pro Softnet Corporation -> Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers: [ 0001IDSIcon3] -> {904E6336-8B13-43FA-B4C3-5B62C1C91971} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2020-02-18] (Pro Softnet Corporation -> Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\91.0.2.0\drivefsext.dll [2024-05-22] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\91.0.2.0\drivefsext.dll [2024-05-22] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\91.0.2.0\drivefsext.dll [2024-05-22] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\91.0.2.0\drivefsext.dll [2024-05-22] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-02-25] () [File not signed] [File is in use]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\91.0.2.0\drivefsext.dll [2024-05-22] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2020-02-18] () [File not signed]
ContextMenuHandlers2: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2020-02-18] () [File not signed]
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-02-25] () [File not signed] [File is in use]
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\91.0.2.0\drivefsext.dll [2024-05-22] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2020-02-18] () [File not signed]
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\91.0.2.0\drivefsext.dll [2024-05-22] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\cui_component.inf_amd64_0219cc1c7085a93f\igfxDTCM.dll [2018-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [msacm.voxacm160] => C:\WINDOWS\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.scg726] => C:\WINDOWS\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\WINDOWS\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lame] => C:\WINDOWS\system32\lame.ax [245760 2005-08-01] () [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\WINDOWS\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [File not signed]
HKLM\...\Drivers32: [vidc.mpg4] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp42] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\WINDOWS\system32\xvidvfw.dll [139264 2004-07-03] () [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\WINDOWS\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP62] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.LAGS] => C:\WINDOWS\system32\lagarith.dll [216064 2011-12-07] () [File not signed]
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-02-23 19:04 - 2020-02-18 13:19 - 000834048 _____ () [File not signed] C:\Program Files (x86)\IDriveWindows\sqlite3.dll
2021-05-27 10:29 - 2021-05-27 10:29 - 000144896 _____ () [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\libssh2.dll
2021-05-27 10:29 - 2021-05-27 10:29 - 000077824 _____ () [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\zlib.dll
2021-06-27 16:45 - 2016-10-21 16:06 - 000318976 _____ (CANON INC) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\scchmpm.dll
2021-06-27 16:45 - 2017-06-27 10:59 - 000219648 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\cnmpu2.dll
2021-06-27 16:45 - 2017-11-02 15:36 - 000008192 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_ENU.DLL
2021-06-27 16:45 - 2017-11-02 15:36 - 000104960 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_IMG.dll
2011-08-30 08:06 - 2011-08-30 08:06 - 000267776 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNBLM4.DLL
2019-03-19 05:52 - 2012-08-30 11:18 - 000252416 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2019-03-18 09:21 - 2011-08-30 08:06 - 000084992 _____ (CANON INC.) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\CNBPP4.DLL
2019-02-25 15:15 - 2019-02-25 15:15 - 000126976 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll
2020-12-01 01:14 - 2020-12-01 01:14 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Interop.dll
2021-05-27 10:29 - 2021-05-27 10:29 - 000355840 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\LIBCURL.dll
2021-05-27 10:29 - 2021-05-27 10:29 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\LIBEAY32.dll
2021-05-27 10:29 - 2021-05-27 10:29 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\SSLEAY32.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\oldnational.com -> hxxps://www.oldnational.com
IE trusted site: HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\pnc.com -> hxxps://www.onlinebanking.pnc.com
IE trusted site: HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\sharepoint.com -> hxxps://anderson0-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-11 19:38 - 2018-04-11 19:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2021-07-12 06:56 - 2021-07-12 06:56 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\jhauk\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\2023 10 27 Railroad Escapes.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "DellMobileConnectWelcome"
HKLM\...\StartupApproved\Run: => "WavesSvc"
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\StartupApproved\Run: => "Zalo"
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\StartupApproved\Run: => "GarminExpress"
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_C3B4745A586F470C4B29567DA633CD3C"
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\StartupApproved\Run: => "Amazon Music Helper"
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\StartupApproved\Run: => "Steam"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C969EE14-DF4D-4FA1-B141-DD46589DE147}] => (Allow) LPort=34000
FirewallRules: [{219FADE3-AB6A-4BAF-8B7E-0A25FDD611A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\My Singing Monsters\MySingingMonsters.exe () [File not signed]
FirewallRules: [{57DA26D0-DFCD-4BA7-81CC-12FC7C00F7EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\My Singing Monsters\MySingingMonsters.exe () [File not signed]
FirewallRules: [{5BB1E956-7286-4823-ADC7-D7385777E5A9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E7740F51-85DE-46F0-89E0-69FA4D4CE253}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A38BC89D-160E-4E61-B9B9-29402C038CE8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7A0FA5F6-58A4-4B03-97B2-B932FDF2539F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{0EB6AD0E-517D-4501-B57A-D1F3C781128D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A17E8691-8314-4A4C-B51E-E8862B5E60BF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EF44B2B3-CF16-4D4B-AD98-044D5988633E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2F77443A-2BBF-4DF0-B3F2-7713C3AF592F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6C8BDF5C-688F-44CC-97D4-5D424F8C21C5}] => (Allow) C:\Users\jhauk\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{0BF25BA8-8276-4A70-9625-7D0BC5C469D6}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{3AA89511-D6C1-4D99-B70B-6B07A506BA62}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{05D6B342-78F3-482C-B53E-0D3E4467F99D}] => (Allow) C:\Users\jhauk\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{482CD256-9F6B-400E-B563-E6821169580F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C2006FCD-AD51-45E0-B4A4-B874E7474F91}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{55DBA7B1-5982-433F-8D38-DE7E7E51F490}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{D545A722-3337-485D-BDC1-704C1A98AB82}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{88D6118D-6A11-4619-897E-735523227F99}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{7023B499-2448-4724-8081-517C15763D1F}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{3F2A6D7E-9815-45CF-B176-9C8BC9FA27E0}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{D8DD128A-FB4A-448A-85E4-37BFF4E1E1A5}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector -> Flash-Integro LLC)
FirewallRules: [TCP Query User{565B4B4A-B93A-4ECA-975E-380E884EDBFF}C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.2.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\openshot-qt.exe] => (Allow) C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.2.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\openshot-qt.exe (0D24FC62-2DEF-4425-A3E6-06E53F20567C -> OpenShot Studios, LLC)
FirewallRules: [UDP Query User{6E23B3D1-7A4F-4AF6-9719-0D263E97DE6D}C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.2.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\openshot-qt.exe] => (Allow) C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.2.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\openshot-qt.exe (0D24FC62-2DEF-4425-A3E6-06E53F20567C -> OpenShot Studios, LLC)
FirewallRules: [{036C20CF-D6E6-4B34-B413-9459073ED26F}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{EFAE7FA9-91D4-4DA9-B435-B080634A4E28}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (6B081F61-C764-4F21-995F-B463D0640577 -> Screenovate Technologies Ltd.)
FirewallRules: [{E9FAE067-76E3-48EB-BAA1-F793EE97358A}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (6B081F61-C764-4F21-995F-B463D0640577 -> Screenovate Technologies Ltd.)
FirewallRules: [{1E4F745B-2AA1-47F7-94B1-607B25D96ABD}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5412F391-76E1-41DC-8B16-9A0060B74927}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bugsnax\Bugsnax.exe () [File not signed]
FirewallRules: [{7C85B502-8176-4E8E-9798-3FD04B354C5A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bugsnax\Bugsnax.exe () [File not signed]
FirewallRules: [{6D8C6826-BEEC-4C59-BAA0-3EF31FDD3883}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe => No File
FirewallRules: [{49FAB286-DF18-4CCB-8BDF-E22A861E56E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe => No File
FirewallRules: [{1F7F05D4-FE3B-4998-ABF0-CABC460EB11E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{B2797910-A74D-4145-874E-FED4492A0B3A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{D63A2C63-CD36-4C95-B4DD-B5A3B296F6A6}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{830505A3-C8FF-4F2E-802A-DA88F09F8754}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{738E9442-D22B-4DA3-990F-A6C729876A6E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{5E921953-7657-468F-A1D8-4DA07413C841}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{3E4D96EA-9BD5-4ABA-87E8-A117D2796F73}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{3B0CFEB0-6B7F-4913-A1FA-4011B6AE0550}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{F17C1045-054A-4FE6-8B8B-965B777CC577}] => (Allow) C:\Program Files\WindowsApps\91750D7E.Slack_4.38.127.0_x64__8she8kybcnzg4\app\Slack.exe (B25A2379-D5D0-455B-826A-BFFC7EBB5713 -> Slack Technologies Inc.)
FirewallRules: [{0E739A79-C06B-46D2-A79C-30DB4631F47F}] => (Allow) C:\Program Files\WindowsApps\91750D7E.Slack_4.38.127.0_x64__8she8kybcnzg4\app\Slack.exe (B25A2379-D5D0-455B-826A-BFFC7EBB5713 -> Slack Technologies Inc.)
FirewallRules: [{75CF0C66-5D30-4CA9-9386-6B9E83AA9689}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5D351202-D661-4C97-8714-6FC62F5F0FEA}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24137.2402.2884.4157_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A5255D8E-FB84-4916-A46D-7C4F009444D6}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24137.2402.2884.4157_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9CA0DCB7-C412-47F4-B1CD-B4E467EB0C15}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.92\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
08-06-2024 08:47:22 Windows Update
08-06-2024 08:47:22 Windows Update
08-06-2024 08:47:23 Windows Update
==================== Faulty Device Manager Devices ============
Name: Dell Data Vault Control Device
Description: Dell Data Vault Control Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Dell Technologies
Service: DDDriver
Problem: : The software for this device has been blocked from starting because it is known to have problems with Windows. Contact the hardware vendor for a new driver. (Code 48)
Resolution: Download the latest drivers from the manufacturer, uninstall the current driver, and then install the latest drivers.
==================== Event log errors: ========================
Application errors:
==================
Error: (06/08/2024 07:55:50 AM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Faulting application name: pcdrsysinfosoftware.p5x, version: 6.0.7303.327, time stamp: 0x60e3eb9d
Faulting module name: ucrtbase.dll, version: 10.0.22621.3593, time stamp: 0x10c46e71
Exception code: 0xc0000409
Fault offset: 0x000000000007f6fe
Faulting process id: 0x0x1968
Faulting application start time: 0x0x1dab99ac80aba60
Faulting application path: C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\pcdrsysinfosoftware.p5x
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: e17a1ec4-989b-4e7e-8cbb-9351f3780b79
Faulting package full name:
Faulting package-relative application ID:
Error: (06/08/2024 07:52:56 AM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-6JBP3L9)
Description: Faulting application name: Explorer.EXE, version: 10.0.22621.3527, time stamp: 0x00c8ba7a
Faulting module name: ucrtbase.dll, version: 10.0.22621.3593, time stamp: 0x10c46e71
Exception code: 0xc0000409
Fault offset: 0x000000000007f6fe
Faulting process id: 0x0x124c
Faulting application start time: 0x0x1dab99a244ae13f
Faulting application path: C:\WINDOWS\Explorer.EXE
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: a8853701-01d1-4a90-8adf-0e7394e440a6
Faulting package full name:
Faulting package-relative application ID:
Error: (06/08/2024 07:50:53 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: DESKTOP-6JBP3L9)
Description: Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.
Error: (06/08/2024 07:47:47 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1500) (User: DESKTOP-6JBP3L9)
Description: Windows cannot log you on because your profile cannot be loaded. Check that you are connected to the network, and that your network is functioning correctly.
DETAIL - Access is denied.
Error: (06/08/2024 07:47:47 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.
DETAIL - Access is denied.
for C:\Users\TEMP.DESKTOP-6JBP3L9.000\ntuser.dat
Error: (06/08/2024 07:47:46 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: DESKTOP-6JBP3L9)
Description: Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.
Error: (06/08/2024 07:47:46 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.
DETAIL - Access is denied.
for C:\Users\TEMP.DESKTOP-6JBP3L9\ntuser.dat
Error: (06/08/2024 07:47:46 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.
DETAIL - Access is denied.
for C:\Users\TEMP.DESKTOP-6JBP3L9\ntuser.dat
System errors:
=============
Error: (06/08/2024 08:00:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The DellWAL service failed to start due to the following error:
The system cannot find the file specified.
Error: (06/08/2024 08:00:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The DellWAL service failed to start due to the following error:
The system cannot find the file specified.
Error: (06/08/2024 07:55:50 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {F32D97DF-E3E5-4CB9-9E3E-0EB5B4E49801} did not register with DCOM within the required timeout.
Error: (06/08/2024 07:55:24 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-6JBP3L9)
Description: Unable to start a DCOM Server: MicrosoftWindows.Client.WebExperience_524.13200.10.0_x64__cw5n1h2txyewy!WindowsUdk.UI.Shell.Dashboard.DashboardExtension as Unavailable/Unavailable. The error:
"2147942402"
Happened while starting this command:
"C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.13200.10.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe" -ServerName:Microsoft.Windows.DashboardServer
Error: (06/08/2024 07:55:24 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-6JBP3L9)
Description: Unable to start a DCOM Server: MicrosoftWindows.Client.WebExperience_524.13200.10.0_x64__cw5n1h2txyewy!WindowsUdk.UI.Shell.Dashboard.DashboardExtension as Unavailable/Unavailable. The error:
"2147942402"
Happened while starting this command:
"C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.13200.10.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe" -ServerName:Microsoft.Windows.DashboardServer
Error: (06/08/2024 07:55:24 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-6JBP3L9)
Description: Unable to start a DCOM Server: MicrosoftWindows.Client.WebExperience_524.13200.10.0_x64__cw5n1h2txyewy!WindowsUdk.UI.Shell.Dashboard.DashboardExtension as Unavailable/Unavailable. The error:
"2147942402"
Happened while starting this command:
"C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.13200.10.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe" -ServerName:Microsoft.Windows.DashboardServer
Error: (06/08/2024 07:55:24 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-6JBP3L9)
Description: Unable to start a DCOM Server: MicrosoftWindows.Client.WebExperience_524.13200.10.0_x64__cw5n1h2txyewy!WindowsUdk.UI.Shell.Dashboard.DashboardExtension as Unavailable/Unavailable. The error:
"2147942402"
Happened while starting this command:
"C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.13200.10.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe" -ServerName:Microsoft.Windows.DashboardServer
Error: (06/08/2024 07:55:22 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-6JBP3L9)
Description: Unable to start a DCOM Server: MicrosoftWindows.Client.WebExperience_524.13200.10.0_x64__cw5n1h2txyewy!WindowsUdk.UI.Shell.Dashboard.DashboardExtension as Unavailable/Unavailable. The error:
"2147942402"
Happened while starting this command:
"C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.13200.10.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe" -ServerName:Microsoft.Windows.DashboardServer
Windows Defender:
================
Date: 2024-06-08 03:17:45
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-06-07 01:58:01
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-06-06 02:01:24
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-06-05 08:02:55
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-06-05 03:06:17
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]
Date: 2024-04-20 11:09:56
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80004005
Error description: Unspecified error
Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.
Date: 2024-04-10 01:31:15
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence and will attempt to revert to a previous version.
Security intelligence Attempted: Current
Error Code: 0x80501102
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.
Security intelligence Version: 1.409.160.0;1.409.160.0
Engine Version: 1.1.24030.4
Date: 2024-03-01 02:16:49
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Network Inspection System
Error Code: 0x8007042d
Error description: The service did not start due to a logon failure.
Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the device.
Date: 2023-12-31 00:20:56
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.403.1377.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.23110.2
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2023-12-31 00:20:56
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.403.1377.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.23110.2
Error code: 0x80070102
Error description: The wait operation timed out.
CodeIntegrity:
===============
Date: 2023-11-16 01:48:02
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-10-29 07:18:50
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-10-05 07:04:04
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ffb22091d2be88a5\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. 2.21.0 12/03/2021
Motherboard: Dell Inc. 0H4VK7
Processor: Intel® Core i3-8100 CPU @ 3.60GHz
Percentage of memory in use: 29%
Total physical RAM: 24390.97 MB
Available physical RAM: 17194.23 MB
Total Virtual: 25926.97 MB
Available Virtual: 17618.84 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:917.05 GB) (Free:489.24 GB) (Model: ST1000DM010-2EP102) NTFS
Drive g: (Google Drive) (Fixed) (Total:917.05 GB) (Free:464.78 GB) (Model: ST1000DM010-2EP102) FAT32
\\?\Volume{ddeb6c84-810c-46a1-aec6-44f8c7ccad3a}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.07 GB) NTFS
\\?\Volume{df0a5467-a661-4a6f-af6f-55c9d5055271}\ (Image) (Fixed) (Total:11.66 GB) (Free:0.22 GB) NTFS
\\?\Volume{5da840b2-c364-4272-bd43-d66afc350687}\ (DELLSUPPORT) (Fixed) (Total:1.07 GB) (Free:0.21 GB) NTFS
\\?\Volume{7f86ac07-f133-4645-b879-12d32c99ea96}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.56 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 926B0D78)
Partition: GPT.
==================== End of Addition.txt =======================