Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Pc Restarts on Shutdown


  • Please log in to reply

#1
ClearGreen

ClearGreen

    Member

  • Member
  • PipPip
  • 14 posts

Hi

 

Just recently my Pc has begun restarting after I try to shut it down.  At first it only happened occasionally, but now it happens every time I try to shut it down and I have to switch off the power to the Pc.

 

The only thing I can think that started occurring at about the same time is a blue screen coming up after I've clicked Shut Down saying that there is still an app running.  When this has happened in the dim and distant past I've always had time to click on Wait or Shut down.  This time the screen disappears so quickly I can't even see what the name of the app is.

 

That's about it.  Below are the contents of the .txt files as requested.

 

Kind regards

Paul

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-01-2025
Ran by Paul (administrator) on PC (Micro-Star International Co., Ltd. MS-7B89) (05-01-2025 15:36:18)
Running from C:\Users\Paul\Desktop\FRST64.exe
Loaded Profiles: Paul
Platform: Microsoft Windows 10 Pro Version 22H2 19045.5247 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(C:\Program Files\Bitdefender Agent\ProductAgentService.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\27.0.1.290\DiscoverySrv.exe
(C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bduserhost.exe <2>
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (S.C. BITDEFENDER S.R.L. -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\wsccommunicator.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <43>
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\safepay\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3>
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(services.exe ->) (Gen Digital Inc. -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvrfi.inf_amd64_075e0a1c13484a5c\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Pango LLC -> Pango Inc.) C:\Program Files (x86)\Hotspot Shield\12.9.6\bin\cmw_srv.exe
(services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(services.exe ->) (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Program Files\Common Files\Zoom\Support\CptService.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2450.6.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe [1088776 2024-12-13] (Bitdefender SRL -> Bitdefender)
HKLM\...\Run: [BdagentApp] => C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe [1088776 2024-12-13] (Bitdefender SRL -> Bitdefender)
HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [455968 2023-05-26] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2756368 2023-08-09] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\101.0.3.0\GoogleDriveFS.exe [61998176 2024-12-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\101.0.3.0\GoogleDriveFS.exe [61998176 2024-12-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45381424 2024-12-04] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\Paul\AppData\Local\WebEx\WebexHost.exe [7272032 2024-04-01] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\...\Run: [MicrosoftEdgeAutoLaunch_A4C619A52FD641FDF622FAB8D686879D] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3911240 2024-12-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\101.0.3.0\GoogleDriveFS.exe [61998176 2024-12-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E1YATIBJE.EXE [484712 2021-11-02] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\...\Run: [EPSDNMON] => C:\Program Files (x86)\Epson Software\Download Navigator\EPSDNMON.EXE [350032 2022-07-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\101.0.3.0\GoogleDriveFS.exe [61998176 2024-12-16] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\EPSON XP-2200 Series 64MonitorBE: C:\Windows\system32\E1YLMBBJE.DLL [237568 2021-09-21] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EPSON XP-243 245 247 Series 64MonitorBE: C:\Windows\system32\E_YLMBRFE.DLL [182784 2015-12-09] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\131.0.6778.205\Installer\chrmstp.exe [2024-12-20] (Google LLC -> Google LLC)
Startup: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\How do you practice your scaless.txt [2024-12-15] () [File not signed]
Startup: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Shopping List - Shortcut.lnk [2024-04-10]
ShortcutTarget: Shopping List - Shortcut.lnk -> C:\Users\Paul\Documents\Shopping List.txt () [File not signed]
Startup: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trading Record - Shortcut.lnk [2023-04-16]
ShortcutTarget: Trading Record - Shortcut.lnk -> C:\Users\Paul\Desktop\Trading Record.ods () [File not signed]
Startup: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Weekend Jobs - Shortcut.lnk [2024-09-21]
ShortcutTarget: Weekend Jobs - Shortcut.lnk -> C:\Users\Paul\Desktop\Weekend Jobs.txt () [File not signed]
Startup: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zFocus.png [2022-05-20] () [File not signed]
 
==================== Scheduled Tasks (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {3A49606B-D2AC-479C-8706-96E2E5C4F03F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1574856 2024-09-25] (Adobe Inc. -> Adobe Inc.)
Task: {800ED48C-2C77-4777-B04B-57D9E13B4109} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\27.0.1.290\WatchDog.exe [1156904 2024-11-20] (Bitdefender SRL -> Bitdefender) -> C:\Program Files\Bitdefender Agent\27.0.1.290\repair
Task: {1469E9A9-E61F-4EC5-833A-3E4DC3936BD0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-12-04] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {7658B18C-400C-4600-8EC3-631200BA9845} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5983536 2024-12-04] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "b35de6a0-b0ac-4c31-8661-ee573150ae11" --version "6.31.11415" --silent
Task: {A2981FED-A1F2-4DB3-A42C-EE7435478D86} - System32\Tasks\CCleanerSkipUAC - Paul => C:\Program Files\CCleaner\CCleaner.exe [39151920 2024-12-04] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {A77E6A33-039F-4BC4-894B-DF2CD7515ED5} - System32\Tasks\EPSON XP-2200 Series Update {0D9DFF8A-49C0-411E-86B1-088BC1D0D91E} => C:\Windows\System32\spool\drivers\x64\3\E1YTSBJE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {01B5839F-434E-4284-B97C-D221E10F9F04} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{44EFD25D-BA25-443B-90E7-6E424404615B} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\Windows\Tasks\EPSON XP-2200 Series Update {0D9DFF8A-49C0-411E-86B1-088BC1D0D91E}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E1YTSBJE.EXE:/EXE:{0D9DFF8A-49C0-411E-86B1-088BC1D0D91E} /F:UpdateWORKGROUP\DESKTOP-VR0LFER$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog5 04 C:\Windows\SysWOW64\wshbth.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog5 05 C:\Windows\SysWOW64\NLAapi.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog5-x64 01 C:\Windows\system32\napinsp.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog5-x64 02 C:\Windows\system32\pnrpnsp.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog5-x64 03 C:\Windows\system32\pnrpnsp.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog5-x64 04 C:\Windows\system32\wshbth.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog5-x64 05 C:\Windows\system32\NLAapi.dll [0 2024-03-13] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog5-x64 06 C:\Windows\System32\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog5-x64 07 C:\Windows\System32\winrnr.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9-x64 01 C:\Windows\system32\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9-x64 02 C:\Windows\system32\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9-x64 03 C:\Windows\system32\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9-x64 04 C:\Windows\system32\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9-x64 05 C:\Windows\system32\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9-x64 06 C:\Windows\system32\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9-x64 07 C:\Windows\system32\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9-x64 08 C:\Windows\system32\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9-x64 09 C:\Windows\system32\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9-x64 10 C:\Windows\system32\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9-x64 11 C:\Windows\system32\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9-x64 12 C:\Windows\system32\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9-x64 13 C:\Windows\system32\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9-x64 14 C:\Windows\system32\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{18365fca-403b-4752-a8c2-0dc032073b75}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{3a60f4d1-e2a9-4d23-ad7c-a43fab8f0ee6}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b7a94f67-f047-4b0a-bafd-77eca18e84b3}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b7a94f67-f047-4b0a-bafd-77eca18e84b3}: [DhcpDomain] lan
Tcpip\..\Interfaces\{b7a94f67-f047-4b0a-bafd-77eca18e84b3}\14E64627F69646140523540314: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{b7a94f67-f047-4b0a-bafd-77eca18e84b3}\821405139202338302D4F6F6270225F61646: [DhcpNameServer] 192.168.1.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
 
Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Paul\AppData\Local\Microsoft\Edge\User Data\Default [2025-01-04]
Edge Extension: (Bitdefender Anti-tracker) - C:\Users\Paul\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dbconhplchnbippmjabbcedokimacfjl [2024-07-28]
Edge Extension: (Google Docs Offline) - C:\Users\Paul\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-17]
Edge Extension: (Edge relevant text changes) - C:\Users\Paul\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-27]
Edge HKLM-x32\...\Edge\Extension: [dbconhplchnbippmjabbcedokimacfjl]
 
FireFox:
========
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-12-05] (Adobe Systems Inc.) <==== ATTENTION [zero byte File/Folder]
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN) <==== ATTENTION [zero byte File/Folder]
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN) <==== ATTENTION [zero byte File/Folder]
FF Plugin-x32: @videolan.org/vlc,version=3.0.19 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN) <==== ATTENTION [zero byte File/Folder]
FF Plugin-x32: @videolan.org/vlc,version=3.0.20 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN) <==== ATTENTION [zero byte File/Folder]
FF Plugin-x32: @videolan.org/vlc,version=3.0.21 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN) <==== ATTENTION [zero byte File/Folder]
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default [2025-01-05]
CHR DownloadDir: C:\Users\Paul\Desktop
CHR Notifications: Default -> hxxps://community.mymensa.mensa.org.uk
CHR HomePage: Default -> hxxp://www.virginmedia.com/
CHR StartupUrls: Default -> "hxxps://www.metoffice.gov.uk/weather/forecast/u10g8x4vg#?date=2024-07-20","hxxps://calendar.google.com/calendar/u/0/r","hxxps://mail.google.com/mail/u/0/#inbox","hxxps://www.forexfactory.com/calendar"
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-12-18]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-12-10]
CHR Extension: (Dashlane — Password Manager) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2024-12-24]
CHR Extension: (Google Docs Offline) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-18]
CHR Extension: (Cisco Webex Extension) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2022-07-22]
CHR Extension: (Bitdefender Anti-tracker) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2024-07-19]
CHR Extension: (Application launcher for Drive (by Google)) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-11]
CHR Extension: (Send from Gmail (by Google)) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc [2024-06-04]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-09-25] (Adobe Inc. -> Adobe Inc.)
R2 BDAppSrv; C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe [851640 2024-12-13] (Bitdefender SRL -> Bitdefender)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [852152 2024-12-13] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [852152 2024-12-13] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2946088 2023-08-31] (Bitdefender SRL -> Bitdefender)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [2577184 2023-07-20] (Bitdefender SRL -> Bitdefender)
R2 BDSafepaySrv; C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe [852152 2024-12-13] (Bitdefender SRL -> Bitdefender)
R2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-12-04] (Gen Digital Inc. -> Piriform Software Ltd)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [206304 2022-07-13] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 hshld_12.9.6; C:\Program Files (x86)\Hotspot Shield\12.9.6\bin\cmw_srv.exe [259592 2024-12-12] (Pango LLC -> Pango Inc.)
S4 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvrfi.inf_amd64_075e0a1c13484a5c\Display.NvContainer\NVDisplay.Container.exe [1275000 2024-09-28] (NVIDIA Corporation -> NVIDIA Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [714200 2024-11-20] (Bitdefender SRL -> Bitdefender)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559368 2024-11-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [291224 2024-12-13] (Bitdefender SRL -> Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [852152 2024-12-13] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 McAfee WebAdvisor; "C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe" [X]
R2 ZoomCptService; "C:\Program Files\Common Files\Zoom\Support\CptService.exe" -user_path "C:\Users\Paul\AppData\Roaming\Zoom"
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 atc; C:\Windows\System32\DRIVERS\atc.sys [7505856 2024-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci4; C:\Windows\system32\DRIVERS\bddci4.sys [969664 2024-11-20] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [24568 2023-11-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
S3 bdprivmon; C:\Windows\System32\DRIVERS\bdprivmon.sys [49200 2023-08-21] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender SRL)
S3 bduefiscan; C:\Windows\system32\DRIVERS\bduefiscan.sys [42432 2024-09-06] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 Gemma; C:\Windows\System32\DRIVERS\gemma.sys [1490896 2024-09-06] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA)
R2 googledrivefs31626; C:\Program Files\Google\Drive File Stream\Drivers\31626\googledrivefs31626.sys [384096 2024-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 hsstap; C:\Windows\System32\drivers\hsstap.sys [39424 2020-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Pango)
S3 Ignisv2; C:\Windows\system32\DRIVERS\ignisv2.sys [849968 2024-05-30] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R1 pango_netfilter2; C:\Windows\System32\drivers\pango_netfilter2.sys [89088 2024-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Pango Inc)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R2 trufos; C:\Windows\System32\DRIVERS\trufos.sys [629184 2023-11-15] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 usbscan; C:\Windows\system32\DRIVERS\usbscan.sys [49664 2022-07-13] (Microsoft Corporation) [File not signed]
R0 vlflt; C:\Windows\System32\DRIVERS\vlflt.sys [1403456 2024-11-20] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2025-01-05 15:36 - 2025-01-05 15:36 - 000028079 _____ C:\Users\Paul\Desktop\FRST.txt
2025-01-05 15:35 - 2025-01-05 15:36 - 000000000 ____D C:\FRST
2025-01-05 15:34 - 2025-01-05 15:34 - 002403840 _____ (Farbar) C:\Users\Paul\Desktop\FRST64.exe
2025-01-05 12:35 - 2025-01-05 12:40 - 000000000 ____D C:\Users\Paul\Desktop\Tregembo
2025-01-04 14:57 - 2025-01-04 16:48 - 000014895 _____ C:\Users\Paul\Desktop\Carb Cycling.ods
2025-01-04 14:54 - 2025-01-04 16:48 - 000000037 _____ C:\Users\Paul\Desktop\Jobs.txt
2025-01-04 14:50 - 2025-01-04 14:50 - 000000671 _____ C:\Users\Paul\Desktop\TGIF.txt
2024-12-28 14:33 - 2024-12-28 14:33 - 000000108 _____ C:\Users\Paul\Desktop\How to fold a Pop-up Sauna.txt
2024-12-21 09:55 - 2024-12-21 09:55 - 000000851 _____ C:\Users\Paul\Desktop\Turkey drumsticks.txt
2024-12-21 08:28 - 2024-12-21 08:28 - 000390631 _____ C:\Users\Paul\Desktop\21 December 2024.pdf
2024-12-20 05:23 - 2024-12-20 05:23 - 000001242 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk
2024-12-20 05:22 - 2024-12-20 05:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
2024-12-20 05:22 - 2024-12-20 05:22 - 000000000 ____D C:\Program Files (x86)\Hotspot Shield
2024-12-19 07:24 - 2024-12-19 07:24 - 000000000 _____ C:\Users\Paul\Desktop\Windows key + V.txt
2024-12-18 06:32 - 2024-12-18 06:32 - 000198010 _____ C:\Users\Paul\Desktop\UWBill122024.pdf
2024-12-17 18:47 - 2024-12-17 18:47 - 000001693 _____ C:\Users\Paul\Desktop\Carrot, Parsnip, and Potato Latkes.txt
2024-12-17 18:45 - 2024-12-17 18:45 - 000001988 _____ C:\Users\Paul\Desktop\Peanut Butter Shortbread.txt
2024-12-16 07:11 - 2024-12-16 07:11 - 000016454 _____ C:\Users\Paul\Desktop\calendar.pdf
2024-12-16 07:01 - 2024-12-16 07:01 - 000016454 _____ C:\Users\Paul\Desktop\Rubbish Collections.pdf
2024-12-11 07:14 - 2024-12-11 07:14 - 000022205 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-12-11 07:13 - 2024-12-11 07:13 - 000022205 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2024-12-11 06:21 - 2024-12-11 06:21 - 000000000 ___HD C:\$WinREAgent
2024-12-09 06:37 - 2024-12-09 06:37 - 002493878 _____ C:\Users\Paul\Desktop\7 Things We Wish Someone Had Told Us Before We Started Trading.mhtml
2024-12-09 06:32 - 2024-12-09 06:32 - 001485512 _____ C:\Users\Paul\Desktop\FX Market Reactions to Events_ “Millisecond Data Helps Traders Capture 90% of Movements”.mhtml
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2025-01-05 14:55 - 2021-11-11 20:33 - 000795742 _____ C:\Windows\system32\PerfStringBackup.INI
2025-01-05 14:55 - 2019-12-07 09:13 - 000000000 ____D C:\Windows\INF
2025-01-05 14:49 - 2019-12-07 09:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-01-05 14:48 - 2021-11-11 20:32 - 000000000 ____D C:\ProgramData\NVIDIA
2025-01-05 14:48 - 2021-11-11 20:25 - 000008192 ___SH C:\DumpStack.log.tmp
2025-01-05 14:48 - 2021-11-11 20:25 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2025-01-05 14:48 - 2021-11-11 20:25 - 000000000 ____D C:\Windows\system32\SleepStudy
2025-01-05 13:55 - 2019-12-07 09:03 - 000131072 _____ C:\Windows\system32\config\ELAM
2025-01-05 13:49 - 2024-11-15 14:58 - 000311337 _____ C:\Users\Paul\Desktop\Trading Record.ods
2025-01-05 08:28 - 2019-12-07 09:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-01-05 08:28 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\AppReadiness
2025-01-05 08:08 - 2024-09-15 09:27 - 000000326 _____ C:\Users\Paul\Desktop\Weekend Jobs.txt
2025-01-04 16:57 - 2021-11-11 20:33 - 000000000 ____D C:\Users\Paul
2025-01-04 09:24 - 2021-12-10 15:21 - 000003542 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2025-01-03 07:10 - 2021-11-12 17:54 - 000000000 ____D C:\Users\Paul\.oanda
2025-01-03 05:25 - 2021-11-12 17:19 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update
2024-12-29 07:24 - 2024-11-29 07:59 - 000000000 ____D C:\Users\Paul\Desktop\TMS Pay
2024-12-29 06:40 - 2023-01-17 19:12 - 000000000 ____D C:\Users\Paul\Desktop\TMS
2024-12-28 14:11 - 2021-11-12 17:26 - 000000000 ____D C:\Users\Paul\AppData\Roaming\vlc
2024-12-24 18:42 - 2023-02-08 05:08 - 000000000 ____D C:\Users\Paul\Desktop\Moos Folder
2024-12-21 10:31 - 2022-09-30 07:42 - 000000666 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2024-12-21 10:30 - 2021-12-15 15:05 - 000000000 ____D C:\Windows\SystemTemp
2024-12-21 10:30 - 2021-11-12 17:19 - 000000000 ____D C:\Program Files\CCleaner
2024-12-21 06:00 - 2021-11-11 20:25 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-12-20 18:55 - 2021-11-11 20:25 - 000003536 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-12-20 18:55 - 2021-11-11 20:25 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-12-20 06:42 - 2021-11-19 10:48 - 000017220 _____ C:\Users\Paul\Desktop\Payments Out.ods
2024-12-20 05:23 - 2024-09-14 05:52 - 000000000 ____D C:\ProgramData\Hotspot Shield
2024-12-20 05:22 - 2021-11-18 17:44 - 000000000 ____D C:\ProgramData\Package Cache
2024-12-20 05:22 - 2021-11-11 21:15 - 000002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-12-17 19:42 - 2023-02-26 15:11 - 000000000 ____D C:\Program Files\FTMO MetaTrader 5
2024-12-17 06:39 - 2021-11-11 20:34 - 000000000 ____D C:\Users\Paul\AppData\Local\Packages
2024-12-17 06:37 - 2021-12-12 18:24 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1357561984-4161033644-3417195034-1001
2024-12-17 06:37 - 2021-11-11 20:35 - 000003352 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1357561984-4161033644-3417195034-1001
2024-12-17 06:37 - 2021-11-11 20:33 - 000002380 _____ C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-12-16 19:03 - 2024-10-02 12:27 - 000000000 ____D C:\Users\Paul\AppData\Local\CrashDumps
2024-12-16 19:03 - 2023-02-04 12:12 - 000002133 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2024-12-16 19:03 - 2022-09-30 07:42 - 000003382 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2024-12-15 14:23 - 2024-04-10 04:51 - 000000364 _____ C:\Users\Paul\Documents\Shopping List.txt
2024-12-13 06:38 - 2022-10-13 20:59 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-12-11 19:48 - 2021-11-11 20:25 - 000296680 _____ C:\Windows\system32\FNTCACHE.DAT
2024-12-11 19:47 - 2019-12-07 09:03 - 000524288 _____ C:\Windows\system32\config\BBI
2024-12-11 19:46 - 2024-07-10 09:28 - 000000000 ____D C:\Windows\system32\compatrel
2024-12-11 19:46 - 2019-12-07 09:14 - 000000000 ___RD C:\Windows\PrintDialog
2024-12-11 19:46 - 2019-12-07 09:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-12-11 19:46 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-12-11 19:46 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SystemResources
2024-12-11 19:46 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\ShellExperiences
2024-12-11 19:46 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\setup
2024-12-11 19:46 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2024-12-11 19:46 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\oobe
2024-12-11 19:46 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\appraiser
2024-12-11 19:46 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\ShellExperiences
2024-12-11 19:46 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\ShellComponents
2024-12-11 19:46 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\bcastdvr
2024-12-11 18:57 - 2019-12-07 09:03 - 000000000 ____D C:\Windows\CbsTemp
2024-12-11 07:13 - 2021-11-11 20:29 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-01-2025
Ran by Paul (05-01-2025 15:37:27)
Running from C:\Users\Paul\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.5247 (X64) (2021-11-11 20:27:08)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
(If an entry is included in the fixlist, it will be removed.)
 
Administrator (S-1-5-21-1357561984-4161033644-3417195034-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1357561984-4161033644-3417195034-503 - Limited - Disabled)
Guest (S-1-5-21-1357561984-4161033644-3417195034-501 - Limited - Disabled)
Paul (S-1-5-21-1357561984-4161033644-3417195034-1001 - Administrator - Enabled) => C:\Users\Paul
WDAGUtilityAccount (S-1-5-21-1357561984-4161033644-3417195034-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Bitdefender Antivirus (Enabled - Up to date) {0F59B032-EA77-E3A8-2382-74A4346E5522}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 24.005.20320 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601102}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Amazon Kindle (HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\...\Amazon Kindle) (Version: 1.39.1.65323 - Amazon)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 27.0.1.290 - Bitdefender)
Bitdefender Antivirus Plus (HKLM\...\Bitdefender) (Version: 26.0.32.109 - Bitdefender)
CCleaner (HKLM\...\CCleaner) (Version: 6.31 - Piriform)
Cisco Webex Meetings (HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\...\ActiveTouchMeetingClient) (Version: 42.8.4 - Cisco Webex LLC)
Epson Event Manager (HKLM-x32\...\{067039C9-A41C-42F5-9571-B06E0700AAA4}) (Version: 3.11.77 - Seiko Epson Corporation)
Epson Manuals (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 2.0.4.0 - Seiko Epson Corporation)
Epson Photo+ (HKLM-x32\...\{1E900386-22F3-43A8-8121-81C5A5512A0C}) (Version: 3.7.3.0 - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{DE32F90E-1A29-4D74-BCF1-E7DDB25D713A}) (Version: 3.4.0.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version:  - Seiko Epson Corporation)
EPSON Scan PDF EXtensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.02 - SEIKO EPSON Corp.)
Epson ScanSmart (HKLM-x32\...\{1A1B60BB-F156-4F6D-AD79-8A096B67E9AB}) (Version: 3.7.10 - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{711E8536-AB71-4455-A6C4-357FDBBEBF91}) (Version: 4.6.7 - Seiko Epson Corporation)
EPSON XP-2200 Series Printer Uninstall (HKLM\...\EPSON XP-2200 Series) (Version:  - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
FTMO MetaTrader 4 (HKLM-x32\...\FTMO MetaTrader 4) (Version: 4.00 - MetaQuotes Ltd.)
FTMO MetaTrader 5 (HKLM\...\FTMO MetaTrader 5) (Version: 5.00 - MetaQuotes Ltd.)
FXCM MetaTrader4 (HKLM-x32\...\FXCM MetaTrader4) (Version: 4.00 - MetaQuotes Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 131.0.6778.205 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 101.0.3.0 - Google LLC)
Hotspot Shield 12.9.6 (HKLM-x32\...\{AF599C42-A2E5-4251-B7EE-492511B712F8}) (Version: 12.9.6.12245 - Pango Inc.) Hidden
Hotspot Shield 12.9.6 (HKLM-x32\...\HotspotShield) (Version: 12.9.6 - Pango Inc.) Hidden
HotspotShield TAP-Windows 9.24.4 (HKLM\...\HotspotShield TAP-Windows) (Version: 9.24.4 - Pango Inc.) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{185db067-38cd-4521-a43e-c39b96ee1389}) (Version: 19.50.1 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{8C497266-8C62-4A79-AA01-763DA804E8C7}) (Version: 19.50.0.0945 - Intel Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 131.0.2903.112 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 131.0.2903.112 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\...\OneDriveSetup.exe) (Version: 24.226.1110.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.40.33810 (HKLM-x32\...\{47109d57-d746-4f8b-9618-ed6a17cc922b}) (Version: 14.40.33810.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.40.33810 (HKLM-x32\...\{5EA6C998-D5AC-4ED9-89C3-9F25B17CCD3D}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.40.33810 (HKLM-x32\...\{0C3457A0-3DCE-4A33-BEF0-9B528C557771}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
MyEpson Portal (HKLM-x32\...\{3361D415-BA35-4143-B301-661991BA6219}) (Version: 1.1.3.6 - SEIKO EPSON CORPORATION) Hidden
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version:  - Seiko Epson Corporation)
NVIDIA Graphics Driver 536.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 536.23 - NVIDIA Corporation)
OANDA Desktop (HKLM-x32\...\{BE91B0FB-1165-4248-BB64-A75205450D1F}) (Version: 5.0.2 - OANDA)
OpenOffice 4.1.15 (HKLM-x32\...\{82A24788-8CDB-49B9-AA92-6C357E2F8D40}) (Version: 4.115.9813 - Apache Software Foundation)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
TechSmith Capture (HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\...\RelayRecorder) (Version: 2.1.4 - TechSmith Corporation)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.21 - VideoLAN)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Zoom Workplace (64-bit) (HKLM\...\{78A47191-A0AD-4F93-8DF9-F2E5DCDEB418}) (Version: 6.2.47507 - Zoom)
 
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-12-13] ()
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa [2024-10-25] (Apple Inc.) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_7.0.8.0_neutral__mcm4njqhnhss8 [2024-07-23] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.967.0_x64__56jybvy8sckqj [2024-12-27] (NVIDIA Corp.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-05-31] (Microsoft Corporation)
Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.171.0_x64__pwbj9vvecjh7j [2025-01-03] (Amazon Development Centre (London) Ltd)
TradingView -> C:\Program Files\WindowsApps\TradingView.Desktop_2.9.4.6649_x64__n534cwy3pjxzj [2024-12-12] (TradingView, Inc.) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2450.6.0_x64__cv1g1gvanyjgm [2024-12-20] (WhatsApp Inc.) [Startup Task]
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1357561984-4161033644-3417195034-1001_Classes\CLSID\{32E26FD9-F435-4A20-A561-35D4B987CFDC}\InprocServer32 -> C:\Users\Paul\AppData\Local\WebEx\WebEx64\Meetings\atucfobj.dll (Cisco WebEx LLC -> Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-1357561984-4161033644-3417195034-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
ShellIconOverlayIdentifiers: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\101.0.3.0\drivefsext.dll [2024-12-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\101.0.3.0\drivefsext.dll [2024-12-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\101.0.3.0\drivefsext.dll [2024-12-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\101.0.3.0\drivefsext.dll [2024-12-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers-x32: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\101.0.3.0\drivefsext.dll [2024-12-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers-x32: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\101.0.3.0\drivefsext.dll [2024-12-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers-x32: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\101.0.3.0\drivefsext.dll [2024-12-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers-x32: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\101.0.3.0\drivefsext.dll [2024-12-16] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\101.0.3.0\drivefsext.dll [2024-12-16] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\101.0.3.0\drivefsext.dll [2024-12-16] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2022-11-22] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\101.0.3.0\drivefsext.dll [2024-12-16] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvrfi.inf_amd64_075e0a1c13484a5c\nvshext.dll [2024-09-28] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2022-11-22] (Piriform Software Ltd -> Piriform Software Ltd)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\Paul\My Drive\Desktop\Google Drive.lnk -> C:\Program Files\Google\Drive File Stream\launch.bat ()
 
==================== Loaded Modules (Whitelisted) =============
 
2021-11-19 19:11 - 2015-12-09 04:08 - 000182784 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Windows\System32\E_YLMBRFE.DLL
2016-09-14 13:31 - 2016-09-14 13:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [File not signed] C:\Windows\System32\enppmon.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Paul\Desktop\FRST64.exe:BDU [0]
 
==================== Safe Mode (Whitelisted) ==================
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) =============
 
BHO: Bitdefender Anti-tracker -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security App\bdtrackerstbie.dll [2024-12-13] (Bitdefender SRL -> Bitdefender)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll => No File
BHO-x32: Bitdefender Anti-tracker -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security App\antispam32\bdtrackerstbie.dll [2024-12-13] (Bitdefender SRL -> Bitdefender)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll => No File
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2019-12-07 09:14 - 2019-12-07 09:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
Network Binding:
=============
Bluetooth Network Connection: Bluetooth Device (Personal Area Network) -> bthpan.sys
WiFi: Intel® Dual Band Wireless-AC 7265 -> Netwtw04.sys
Ethernet 2: Realtek PCIe GbE Family Controller #2 -> rt640x64.sys
HotspotShield Network Adapter: HotspotShield TAP-Windows Adapter V9 -> hsstap.sys
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKLM\...\StartupApproved\Run: => "EPPCCMON"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_A4C619A52FD641FDF622FAB8D686879D"
HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\...\StartupApproved\Run: => "CiscoMeetingDaemon"
HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\...\StartupApproved\Run: => "GoogleDriveFS"
HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\...\StartupApproved\Run: => "utweb"
HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\...\StartupApproved\Run: => "EPSDNMON"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{9FC518C8-E636-4E9A-B451-23361BB45443}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{AD439D60-7660-4378-838C-F997DAACF74E}] => (Allow) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe (Bitdefender SRL -> Bitdefender)
FirewallRules: [{8BFB03A1-CF34-49CA-BD11-FCC78F769B2D}] => (Allow) C:\Users\Paul\AppData\Roaming\Zoom\bin\Zoom.exe => No File
FirewallRules: [{5B45D9EF-AC52-42EF-8A6F-6A67A2B7B886}] => (Allow) C:\Users\Paul\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => No File
FirewallRules: [{0EF0A148-B0E0-46C7-A8A7-4C7B994F6D23}] => (Allow) C:\Users\Paul\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => No File
FirewallRules: [{9126DA9E-467D-4824-AA62-72627051AF52}] => (Allow) C:\Users\Paul\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => No File
FirewallRules: [{EFA319F7-5FDC-45BC-8FBC-5A01AD87F572}] => (Allow) C:\Users\Paul\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => No File
FirewallRules: [{357E694A-3CBC-4F7A-A7D8-CD54FEAD7EC1}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{6A7D9EA9-DB71-4A9E-988F-69D0C9EE6E30}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{96E19EED-738F-4A11-9F0D-43EC5328452C}] => (Allow) C:\Program Files\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{5CF4FD41-C92E-4A80-A627-8E812AC2332D}] => (Allow) C:\Program Files\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{BD4939EE-0B58-4ED9-B7E0-8C3A193CE12D}] => (Allow) C:\Program Files\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{8F3172D0-188D-4490-9714-93664B93608C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{FA636920-DA7D-48E5-A433-7BA7F7818D47}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{448A28A9-0545-46E8-B5F7-91B4E0BDD644}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{8B6247D9-726C-4141-A726-840CB9B7423B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{52A40D29-B39E-4E53-8BF4-565B97B84950}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{DC61B80B-CDDE-4724-8555-6A053FFA363B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{E00ED792-E39F-4489-9220-74C187E30D89}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{6A467FFD-1898-4482-B666-5AABA2DB05B5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{C2D73D66-1042-4618-8EC3-6D4850C4C33D}] => (Allow) C:\Program Files\FTMO MetaTrader 5\metatester64.exe (MetaQuotes Ltd -> MetaQuotes Ltd.)
FirewallRules: [{A80BBA97-DA58-47E9-842F-1E046129D27F}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{962C267A-05B5-48EE-B1BB-2633412CF18B}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.112\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0AADEE35-7335-41C6-BC2D-F74A2B1EA599}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{12DD8E3E-6D76-4648-9775-3445AC1C255C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{52E70027-CFEA-46FE-9A89-A9A05C5BEA36}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{32508CEB-D9FF-4597-A1D7-5FABB89A31B8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
 
==================== Restore Points =========================
 
18-12-2024 19:43:02 Scheduled Checkpoint
27-12-2024 06:05:09 Scheduled Checkpoint
05-01-2025 09:00:22 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices ============
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (01/03/2025 06:20:36 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Windows cannot load the extensible counter DLL "C:\Windows\system32\sysmain.dll" (Win32 error code 126).
 
Error: (12/31/2024 05:52:08 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Windows cannot load the extensible counter DLL "C:\Windows\system32\sysmain.dll" (Win32 error code 126).
 
Error: (12/30/2024 05:50:43 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Windows cannot load the extensible counter DLL "C:\Windows\system32\sysmain.dll" (Win32 error code 126).
 
Error: (12/28/2024 02:12:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program wmplayer.exe version 12.0.19041.3636 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 16e8
 
Start Time: 01db5930efee2a9f
 
Termination Time: 15
 
Application Path: C:\Program Files (x86)\Windows Media Player\wmplayer.exe
 
Report Id: ae34c2c3-71b7-420d-b4ec-fdaa0e3e5272
 
Faulting package full name: 
 
Faulting package-relative application ID: 
 
Hang type: Unknown
 
Error: (12/28/2024 01:58:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program explorer.exe version 10.0.19041.5247 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 1dd0
 
Start Time: 01db592f235501f8
 
Termination Time: 337
 
Application Path: C:\Windows\explorer.exe
 
Report Id: c96b33e1-3176-4e7c-9b64-1c07935b1e23
 
Faulting package full name: 
 
Faulting package-relative application ID: 
 
Hang type: Cross-thread
 
Error: (12/20/2024 05:23:00 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 12) (User: PC)
Description: Microsoft.Windows.Photos_8wekyb3d8bbwe-2147023878
 
Error: (12/19/2024 06:29:49 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Windows cannot load the extensible counter DLL "C:\Windows\system32\sysmain.dll" (Win32 error code 126).
 
Error: (12/18/2024 07:24:57 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Windows cannot load the extensible counter DLL "C:\Windows\system32\sysmain.dll" (Win32 error code 126).
 
 
System errors:
=============
Error: (01/05/2025 02:50:33 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Secure Boot is not enabled on this machine.). For more information, please see https://go.microsoft...?linkid=2169931
 
Error: (01/05/2025 02:48:31 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 14:02:13 on ‎05/‎01/‎2025 was unexpected.
 
Error: (01/05/2025 02:02:13 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 14:00:25 on ‎05/‎01/‎2025 was unexpected.
 
Error: (01/05/2025 02:02:06 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225595A fatal error occurred processing the restoration data.
 
Error: (01/05/2025 02:00:25 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 13:57:43 on ‎05/‎01/‎2025 was unexpected.
 
Error: (01/05/2025 01:57:43 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 13:56:13 on ‎05/‎01/‎2025 was unexpected.
 
Error: (01/05/2025 01:57:33 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225595A fatal error occurred processing the restoration data.
 
Error: (01/05/2025 01:56:03 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225595A fatal error occurred processing the restoration data.
 
 
Windows Defender:
================Event[0]:
 
Date: 2023-01-17 14:53:33
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.303.25.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16400.2
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 
 
Date: 2023-01-17 14:53:33
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.303.25.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16400.2
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 
 
Date: 2023-01-17 14:53:33
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.303.25.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16400.2
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 
 
Date: 2023-01-17 14:53:33
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.303.25.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16400.2
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 
 
Date: 2023-01-17 14:53:33
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.303.25.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16400.2
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 
 
CodeIntegrity:
===============
Date: 2025-01-05 14:50:44
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdamsi\dlls_267085317237112912\antimalware_provider64.dll that did not meet the Windows signing level requirements.
 
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. 2.B0 11/30/2020
Motherboard: Micro-Star International Co., Ltd. B450M MORTAR MAX (MS-7B89)
Processor: AMD Ryzen 5 1600 Six-Core Processor 
Percentage of memory in use: 74%
Total physical RAM: 8117.74 MB
Available physical RAM: 2098.79 MB
Total Virtual: 11317.74 MB
Available Virtual: 2955.77 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:223.46 GB) (Free:66.22 GB) (Model: WDC WDS240G2G0B-00EPW0) NTFS
 
\\?\Volume{5883be86-da96-4d54-9bc9-5fe116bd42c7}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: 5E539B50)
 
Partition: GPT.
 
==================== End of Addition.txt =======================
 
 
 
 

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,713 posts
  • MVP

It looks like your PC might be crashing on shutdown since the event viewer reports

 

The previous system shutdown at 13:56:13 on ‎05/‎01/‎2025 was unexpected.

 

 

 

 

You can turn off Automatic Restart which might give you more details:

 

Settings, System, About then over on the right side click on Advanced System Settings.

 

This will bring up a new window,  Under Startup and Recovery, click on Settings and it should bring up another 

new window.  

 

Under System Failure:

check Write an event to the system log

UNCHECK: Automatically Restart

 

Under Write Debugging Information

it should say:

Small Memory Dump (256KB)

 

OK

OK

 

 

You have a couple of other problems - don't know if they are related but let's address them:

 

:Description: 3221225595A fatal error occurred processing the restoration data.

 

 

 

This is probably a hibernate error.  Try turning off hibernate:

 

Open am Admin Command Prompt ( Search for cmd but don't hit enter.  It should find Command Prompt.  Right click on it and Run As Admin.)

 

Type:

powercfg.exe  /hibernate off

Hit Enter.  (Note to save typing and prevent errors it's best to copy the command (highlight the command then Ctrl + c) then move to the Command Prompt and right click)

 

Now type:

dir  /a  \hiberfil.sys

Enter.

 

It should normally show 

File Not Found

If it finds a file then delete it with:

del  /h  \hiberfil.sys

I would leave it off for a while.  To turn it back on you open an Admin Command Prompt again and type:

powercfg.exe /hibernate on

Finally and rather strange is the large number of zero byte files in your Winsock: Catalog5.

 

Not sure how you are able to get on line without them.  :

 

In the Admin Command Prompt type:

DISM  /Online  /Cleanup-Image  /RestoreHealth

Hit Enter.  Usually takes about 15 minutes but can be longer.  Be patient.

 

When that finishes, type:

SFC  /scannow

Enter.  Should take about 10 minutes.  When it finishes it will tell you if it found any bad files and was able to fix them.  If it says it couldn't fix them let me know.

 

Now let's clear all of the events and reboot.

 

Type:  

FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"

Enter.

 

Now close all windows and reboot.

 

Do you get a blue screen?  What does it say?

 

Once it restarts, rerun FRST as before and post both logs.


  • 0

#3
ClearGreen

ClearGreen

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-01-2025
Ran by Paul (administrator) on PC (Micro-Star International Co., Ltd. MS-7B89) (06-01-2025 07:15:02)
Running from C:\Users\Paul\Desktop\FRST64.exe
Loaded Profiles: Paul
Platform: Microsoft Windows 10 Pro Version 22H2 19045.5247 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(C:\Program Files\Bitdefender Agent\ProductAgentService.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\27.0.1.290\DiscoverySrv.exe
(C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bduserhost.exe <2>
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (S.C. BITDEFENDER S.R.L. -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\wsccommunicator.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe <6>
(Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2024.11120.5010.0_x64__8wekyb3d8bbwe\Photos.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\safepay\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3>
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(services.exe ->) (Gen Digital Inc. -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvrfi.inf_amd64_075e0a1c13484a5c\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Pango LLC -> Pango Inc.) C:\Program Files (x86)\Hotspot Shield\12.9.6\bin\cmw_srv.exe
(services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(services.exe ->) (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Program Files\Common Files\Zoom\Support\CptService.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Paul\AppData\Local\Microsoft\OneDrive\24.226.1110.0004\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.5071_none_7e3c4e707c6a2679\TiWorker.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe [1088776 2024-12-13] (Bitdefender SRL -> Bitdefender)
HKLM\...\Run: [BdagentApp] => C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe [1088776 2024-12-13] (Bitdefender SRL -> Bitdefender)
HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [455968 2023-05-26] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2756368 2023-08-09] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\101.0.3.0\GoogleDriveFS.exe [61998176 2024-12-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\101.0.3.0\GoogleDriveFS.exe [61998176 2024-12-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45381424 2024-12-04] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\Paul\AppData\Local\WebEx\WebexHost.exe [7272032 2024-04-01] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\...\Run: [MicrosoftEdgeAutoLaunch_A4C619A52FD641FDF622FAB8D686879D] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3911240 2024-12-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\101.0.3.0\GoogleDriveFS.exe [61998176 2024-12-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E1YATIBJE.EXE [484712 2021-11-02] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\...\Run: [EPSDNMON] => C:\Program Files (x86)\Epson Software\Download Navigator\EPSDNMON.EXE [350032 2022-07-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\101.0.3.0\GoogleDriveFS.exe [61998176 2024-12-16] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\EPSON XP-2200 Series 64MonitorBE: C:\Windows\system32\E1YLMBBJE.DLL [237568 2021-09-21] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EPSON XP-243 245 247 Series 64MonitorBE: C:\Windows\system32\E_YLMBRFE.DLL [182784 2015-12-09] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\131.0.6778.205\Installer\chrmstp.exe [2024-12-20] (Google LLC -> Google LLC)
Startup: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\How do you practice your scaless.txt [2024-12-15] () [File not signed]
Startup: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Shopping List - Shortcut.lnk [2024-04-10]
ShortcutTarget: Shopping List - Shortcut.lnk -> C:\Users\Paul\Documents\Shopping List.txt () [File not signed]
Startup: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trading Record - Shortcut.lnk [2023-04-16]
ShortcutTarget: Trading Record - Shortcut.lnk -> C:\Users\Paul\Desktop\Trading Record.ods () [File not signed]
Startup: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Weekend Jobs - Shortcut.lnk [2024-09-21]
ShortcutTarget: Weekend Jobs - Shortcut.lnk -> C:\Users\Paul\Desktop\Weekend Jobs.txt () [File not signed]
Startup: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zFocus.png [2022-05-20] () [File not signed]
 
==================== Scheduled Tasks (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {3A49606B-D2AC-479C-8706-96E2E5C4F03F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1574856 2024-09-25] (Adobe Inc. -> Adobe Inc.)
Task: {800ED48C-2C77-4777-B04B-57D9E13B4109} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\27.0.1.290\WatchDog.exe [1156904 2024-11-20] (Bitdefender SRL -> Bitdefender) -> C:\Program Files\Bitdefender Agent\27.0.1.290\repair
Task: {1469E9A9-E61F-4EC5-833A-3E4DC3936BD0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-12-04] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {7658B18C-400C-4600-8EC3-631200BA9845} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5983536 2024-12-04] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "b35de6a0-b0ac-4c31-8661-ee573150ae11" --version "6.31.11415" --silent
Task: {A2981FED-A1F2-4DB3-A42C-EE7435478D86} - System32\Tasks\CCleanerSkipUAC - Paul => C:\Program Files\CCleaner\CCleaner.exe [39151920 2024-12-04] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {A77E6A33-039F-4BC4-894B-DF2CD7515ED5} - System32\Tasks\EPSON XP-2200 Series Update {0D9DFF8A-49C0-411E-86B1-088BC1D0D91E} => C:\Windows\System32\spool\drivers\x64\3\E1YTSBJE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {01B5839F-434E-4284-B97C-D221E10F9F04} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{44EFD25D-BA25-443B-90E7-6E424404615B} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\Windows\Tasks\EPSON XP-2200 Series Update {0D9DFF8A-49C0-411E-86B1-088BC1D0D91E}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E1YTSBJE.EXE:/EXE:{0D9DFF8A-49C0-411E-86B1-088BC1D0D91E} /F:UpdateWORKGROUP\DESKTOP-VR0LFER$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog5 04 C:\Windows\SysWOW64\wshbth.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog5 05 C:\Windows\SysWOW64\NLAapi.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog5-x64 01 C:\Windows\system32\napinsp.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog5-x64 02 C:\Windows\system32\pnrpnsp.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog5-x64 03 C:\Windows\system32\pnrpnsp.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog5-x64 04 C:\Windows\system32\wshbth.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog5-x64 05 C:\Windows\system32\NLAapi.dll [0 2024-03-13] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog5-x64 06 C:\Windows\System32\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog5-x64 07 C:\Windows\System32\winrnr.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9-x64 01 C:\Windows\system32\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9-x64 02 C:\Windows\system32\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9-x64 03 C:\Windows\system32\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9-x64 04 C:\Windows\system32\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9-x64 05 C:\Windows\system32\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9-x64 06 C:\Windows\system32\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9-x64 07 C:\Windows\system32\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9-x64 08 C:\Windows\system32\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9-x64 09 C:\Windows\system32\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9-x64 10 C:\Windows\system32\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9-x64 11 C:\Windows\system32\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9-x64 12 C:\Windows\system32\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9-x64 13 C:\Windows\system32\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Winsock: Catalog9-x64 14 C:\Windows\system32\mswsock.dll [0 2023-11-15] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{18365fca-403b-4752-a8c2-0dc032073b75}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{3a60f4d1-e2a9-4d23-ad7c-a43fab8f0ee6}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b7a94f67-f047-4b0a-bafd-77eca18e84b3}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b7a94f67-f047-4b0a-bafd-77eca18e84b3}: [DhcpDomain] lan
Tcpip\..\Interfaces\{b7a94f67-f047-4b0a-bafd-77eca18e84b3}\14E64627F69646140523540314: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{b7a94f67-f047-4b0a-bafd-77eca18e84b3}\821405139202338302D4F6F6270225F61646: [DhcpNameServer] 192.168.1.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
 
Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Paul\AppData\Local\Microsoft\Edge\User Data\Default [2025-01-06]
Edge Extension: (Bitdefender Anti-tracker) - C:\Users\Paul\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dbconhplchnbippmjabbcedokimacfjl [2024-07-28]
Edge Extension: (Google Docs Offline) - C:\Users\Paul\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-17]
Edge Extension: (Edge relevant text changes) - C:\Users\Paul\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-27]
Edge HKLM-x32\...\Edge\Extension: [dbconhplchnbippmjabbcedokimacfjl]
 
FireFox:
========
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-12-05] (Adobe Systems Inc.) <==== ATTENTION [zero byte File/Folder]
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN) <==== ATTENTION [zero byte File/Folder]
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN) <==== ATTENTION [zero byte File/Folder]
FF Plugin-x32: @videolan.org/vlc,version=3.0.19 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN) <==== ATTENTION [zero byte File/Folder]
FF Plugin-x32: @videolan.org/vlc,version=3.0.20 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN) <==== ATTENTION [zero byte File/Folder]
FF Plugin-x32: @videolan.org/vlc,version=3.0.21 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN) <==== ATTENTION [zero byte File/Folder]
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default [2025-01-06]
CHR DownloadDir: C:\Users\Paul\Desktop
CHR Notifications: Default -> hxxps://community.mymensa.mensa.org.uk
CHR HomePage: Default -> hxxp://www.virginmedia.com/
CHR StartupUrls: Default -> "hxxps://www.metoffice.gov.uk/weather/forecast/u10g8x4vg#?date=2024-07-20","hxxps://calendar.google.com/calendar/u/0/r","hxxps://mail.google.com/mail/u/0/#inbox","hxxps://www.forexfactory.com/calendar"
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-12-18]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-12-10]
CHR Extension: (Dashlane — Password Manager) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2024-12-24]
CHR Extension: (Google Docs Offline) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-18]
CHR Extension: (Cisco Webex Extension) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2022-07-22]
CHR Extension: (Bitdefender Anti-tracker) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2024-07-19]
CHR Extension: (Application launcher for Drive (by Google)) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-11]
CHR Extension: (Send from Gmail (by Google)) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc [2024-06-04]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-09-25] (Adobe Inc. -> Adobe Inc.)
R2 BDAppSrv; C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe [851640 2024-12-13] (Bitdefender SRL -> Bitdefender)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [852152 2024-12-13] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [852152 2024-12-13] (Bitdefender SRL -> Bitdefender)
S2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2946088 2023-08-31] (Bitdefender SRL -> Bitdefender)
S2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [2577184 2023-07-20] (Bitdefender SRL -> Bitdefender)
R2 BDSafepaySrv; C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe [852152 2024-12-13] (Bitdefender SRL -> Bitdefender)
R2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-12-04] (Gen Digital Inc. -> Piriform Software Ltd)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [206304 2022-07-13] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 hshld_12.9.6; C:\Program Files (x86)\Hotspot Shield\12.9.6\bin\cmw_srv.exe [259592 2024-12-12] (Pango LLC -> Pango Inc.)
S4 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvrfi.inf_amd64_075e0a1c13484a5c\Display.NvContainer\NVDisplay.Container.exe [1275000 2024-09-28] (NVIDIA Corporation -> NVIDIA Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [714200 2024-11-20] (Bitdefender SRL -> Bitdefender)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559368 2024-11-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [291224 2024-12-13] (Bitdefender SRL -> Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [852152 2024-12-13] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 McAfee WebAdvisor; "C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe" [X]
R2 ZoomCptService; "C:\Program Files\Common Files\Zoom\Support\CptService.exe" -user_path "C:\Users\Paul\AppData\Roaming\Zoom"
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 atc; C:\Windows\System32\DRIVERS\atc.sys [7505856 2024-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci4; C:\Windows\system32\DRIVERS\bddci4.sys [969664 2024-11-20] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [24568 2023-11-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
S3 bdprivmon; C:\Windows\System32\DRIVERS\bdprivmon.sys [49200 2023-08-21] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender SRL)
S3 bduefiscan; C:\Windows\system32\DRIVERS\bduefiscan.sys [42432 2024-09-06] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 Gemma; C:\Windows\System32\DRIVERS\gemma.sys [1490896 2024-09-06] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA)
R2 googledrivefs31626; C:\Program Files\Google\Drive File Stream\Drivers\31626\googledrivefs31626.sys [384096 2024-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 hsstap; C:\Windows\System32\drivers\hsstap.sys [39424 2020-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Pango)
S3 Ignisv2; C:\Windows\system32\DRIVERS\ignisv2.sys [849968 2024-05-30] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R1 pango_netfilter2; C:\Windows\System32\drivers\pango_netfilter2.sys [89088 2024-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Pango Inc)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R2 trufos; C:\Windows\System32\DRIVERS\trufos.sys [629184 2023-11-15] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 usbscan; C:\Windows\system32\DRIVERS\usbscan.sys [49664 2022-07-13] (Microsoft Corporation) [File not signed]
R0 vlflt; C:\Windows\System32\DRIVERS\vlflt.sys [1403456 2024-11-20] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2025-01-06 07:15 - 2025-01-06 07:15 - 000028405 _____ C:\Users\Paul\Desktop\FRST.txt
2025-01-05 15:50 - 2025-01-05 15:50 - 000000000 ____D C:\Users\Paul\Desktop\Geeks
2025-01-05 15:35 - 2025-01-06 07:15 - 000000000 ____D C:\FRST
2025-01-05 15:34 - 2025-01-05 15:34 - 002403840 _____ (Farbar) C:\Users\Paul\Desktop\FRST64.exe
2025-01-05 12:35 - 2025-01-05 12:40 - 000000000 ____D C:\Users\Paul\Desktop\Tregembo
2025-01-04 14:57 - 2025-01-04 16:48 - 000014895 _____ C:\Users\Paul\Desktop\Carb Cycling.ods
2025-01-04 14:54 - 2025-01-04 16:48 - 000000037 _____ C:\Users\Paul\Desktop\Jobs.txt
2025-01-04 14:50 - 2025-01-04 14:50 - 000000671 _____ C:\Users\Paul\Desktop\TGIF.txt
2024-12-28 14:33 - 2024-12-28 14:33 - 000000108 _____ C:\Users\Paul\Desktop\How to fold a Pop-up Sauna.txt
2024-12-21 09:55 - 2024-12-21 09:55 - 000000851 _____ C:\Users\Paul\Desktop\Turkey drumsticks.txt
2024-12-21 08:28 - 2024-12-21 08:28 - 000390631 _____ C:\Users\Paul\Desktop\21 December 2024.pdf
2024-12-20 05:23 - 2024-12-20 05:23 - 000001242 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk
2024-12-20 05:22 - 2024-12-20 05:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
2024-12-20 05:22 - 2024-12-20 05:22 - 000000000 ____D C:\Program Files (x86)\Hotspot Shield
2024-12-19 07:24 - 2024-12-19 07:24 - 000000000 _____ C:\Users\Paul\Desktop\Windows key + V.txt
2024-12-18 06:32 - 2024-12-18 06:32 - 000198010 _____ C:\Users\Paul\Desktop\UWBill122024.pdf
2024-12-17 18:47 - 2024-12-17 18:47 - 000001693 _____ C:\Users\Paul\Desktop\Carrot, Parsnip, and Potato Latkes.txt
2024-12-17 18:45 - 2024-12-17 18:45 - 000001988 _____ C:\Users\Paul\Desktop\Peanut Butter Shortbread.txt
2024-12-16 07:11 - 2024-12-16 07:11 - 000016454 _____ C:\Users\Paul\Desktop\calendar.pdf
2024-12-16 07:01 - 2024-12-16 07:01 - 000016454 _____ C:\Users\Paul\Desktop\Rubbish Collections.pdf
2024-12-11 07:14 - 2024-12-11 07:14 - 000022205 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-12-11 07:13 - 2024-12-11 07:13 - 000022205 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2024-12-11 06:21 - 2024-12-11 06:21 - 000000000 ___HD C:\$WinREAgent
2024-12-09 06:37 - 2024-12-09 06:37 - 002493878 _____ C:\Users\Paul\Desktop\7 Things We Wish Someone Had Told Us Before We Started Trading.mhtml
2024-12-09 06:32 - 2024-12-09 06:32 - 001485512 _____ C:\Users\Paul\Desktop\FX Market Reactions to Events_ “Millisecond Data Helps Traders Capture 90% of Movements”.mhtml
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2025-01-06 07:14 - 2019-12-07 09:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-01-06 07:13 - 2021-11-11 20:32 - 000000000 ____D C:\ProgramData\NVIDIA
2025-01-06 07:13 - 2021-11-11 20:25 - 000008192 ___SH C:\DumpStack.log.tmp
2025-01-06 07:13 - 2021-11-11 20:25 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2025-01-06 07:13 - 2019-12-07 09:03 - 000524288 _____ C:\Windows\system32\config\BBI
2025-01-06 07:09 - 2021-11-11 20:33 - 000000000 ____D C:\Users\Paul
2025-01-06 07:05 - 2019-12-07 09:03 - 000000000 ____D C:\Windows\CbsTemp
2025-01-06 06:51 - 2021-11-12 17:54 - 000000000 ____D C:\Users\Paul\.oanda
2025-01-06 06:51 - 2021-11-11 20:25 - 000000000 ____D C:\Windows\system32\SleepStudy
2025-01-06 05:32 - 2021-11-11 20:33 - 000795742 _____ C:\Windows\system32\PerfStringBackup.INI
2025-01-06 05:32 - 2019-12-07 09:13 - 000000000 ____D C:\Windows\INF
2025-01-06 05:29 - 2024-11-15 14:58 - 000312636 _____ C:\Users\Paul\Desktop\Trading Record.ods
2025-01-05 13:55 - 2019-12-07 09:03 - 000131072 _____ C:\Windows\system32\config\ELAM
2025-01-05 08:28 - 2019-12-07 09:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-01-05 08:28 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\AppReadiness
2025-01-05 08:08 - 2024-09-15 09:27 - 000000326 _____ C:\Users\Paul\Desktop\Weekend Jobs.txt
2025-01-04 09:24 - 2021-12-10 15:21 - 000003542 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2025-01-03 05:25 - 2021-11-12 17:19 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update
2024-12-29 07:24 - 2024-11-29 07:59 - 000000000 ____D C:\Users\Paul\Desktop\TMS Pay
2024-12-29 06:40 - 2023-01-17 19:12 - 000000000 ____D C:\Users\Paul\Desktop\TMS
2024-12-28 14:11 - 2021-11-12 17:26 - 000000000 ____D C:\Users\Paul\AppData\Roaming\vlc
2024-12-24 18:42 - 2023-02-08 05:08 - 000000000 ____D C:\Users\Paul\Desktop\Moos Folder
2024-12-21 10:31 - 2022-09-30 07:42 - 000000666 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2024-12-21 10:30 - 2021-12-15 15:05 - 000000000 ____D C:\Windows\SystemTemp
2024-12-21 10:30 - 2021-11-12 17:19 - 000000000 ____D C:\Program Files\CCleaner
2024-12-21 06:00 - 2021-11-11 20:25 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-12-20 18:55 - 2021-11-11 20:25 - 000003536 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-12-20 18:55 - 2021-11-11 20:25 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-12-20 06:42 - 2021-11-19 10:48 - 000017220 _____ C:\Users\Paul\Desktop\Payments Out.ods
2024-12-20 05:23 - 2024-09-14 05:52 - 000000000 ____D C:\ProgramData\Hotspot Shield
2024-12-20 05:22 - 2021-11-18 17:44 - 000000000 ____D C:\ProgramData\Package Cache
2024-12-20 05:22 - 2021-11-11 21:15 - 000002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-12-17 19:42 - 2023-02-26 15:11 - 000000000 ____D C:\Program Files\FTMO MetaTrader 5
2024-12-17 06:39 - 2021-11-11 20:34 - 000000000 ____D C:\Users\Paul\AppData\Local\Packages
2024-12-17 06:37 - 2021-12-12 18:24 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1357561984-4161033644-3417195034-1001
2024-12-17 06:37 - 2021-11-11 20:35 - 000003352 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1357561984-4161033644-3417195034-1001
2024-12-17 06:37 - 2021-11-11 20:33 - 000002380 _____ C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-12-16 19:03 - 2024-10-02 12:27 - 000000000 ____D C:\Users\Paul\AppData\Local\CrashDumps
2024-12-16 19:03 - 2023-02-04 12:12 - 000002133 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2024-12-16 19:03 - 2022-09-30 07:42 - 000003382 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2024-12-15 14:23 - 2024-04-10 04:51 - 000000364 _____ C:\Users\Paul\Documents\Shopping List.txt
2024-12-13 06:38 - 2022-10-13 20:59 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-12-11 19:48 - 2021-11-11 20:25 - 000296680 _____ C:\Windows\system32\FNTCACHE.DAT
2024-12-11 19:46 - 2024-07-10 09:28 - 000000000 ____D C:\Windows\system32\compatrel
2024-12-11 19:46 - 2019-12-07 09:14 - 000000000 ___RD C:\Windows\PrintDialog
2024-12-11 19:46 - 2019-12-07 09:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-12-11 19:46 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-12-11 19:46 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SystemResources
2024-12-11 19:46 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\ShellExperiences
2024-12-11 19:46 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\setup
2024-12-11 19:46 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2024-12-11 19:46 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\oobe
2024-12-11 19:46 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\appraiser
2024-12-11 19:46 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\ShellExperiences
2024-12-11 19:46 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\ShellComponents
2024-12-11 19:46 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\bcastdvr
2024-12-11 07:13 - 2021-11-11 20:29 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-01-2025
Ran by Paul (06-01-2025 07:16:09)
Running from C:\Users\Paul\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.5247 (X64) (2021-11-11 20:27:08)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
(If an entry is included in the fixlist, it will be removed.)
 
Administrator (S-1-5-21-1357561984-4161033644-3417195034-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1357561984-4161033644-3417195034-503 - Limited - Disabled)
Guest (S-1-5-21-1357561984-4161033644-3417195034-501 - Limited - Disabled)
Paul (S-1-5-21-1357561984-4161033644-3417195034-1001 - Administrator - Enabled) => C:\Users\Paul
WDAGUtilityAccount (S-1-5-21-1357561984-4161033644-3417195034-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Bitdefender Antivirus (Enabled - Up to date) {0F59B032-EA77-E3A8-2382-74A4346E5522}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 24.005.20320 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601102}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Amazon Kindle (HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\...\Amazon Kindle) (Version: 1.39.1.65323 - Amazon)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 27.0.1.290 - Bitdefender)
Bitdefender Antivirus Plus (HKLM\...\Bitdefender) (Version: 26.0.32.109 - Bitdefender)
CCleaner (HKLM\...\CCleaner) (Version: 6.31 - Piriform)
Cisco Webex Meetings (HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\...\ActiveTouchMeetingClient) (Version: 42.8.4 - Cisco Webex LLC)
Epson Event Manager (HKLM-x32\...\{067039C9-A41C-42F5-9571-B06E0700AAA4}) (Version: 3.11.77 - Seiko Epson Corporation)
Epson Manuals (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 2.0.4.0 - Seiko Epson Corporation)
Epson Photo+ (HKLM-x32\...\{1E900386-22F3-43A8-8121-81C5A5512A0C}) (Version: 3.7.3.0 - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{DE32F90E-1A29-4D74-BCF1-E7DDB25D713A}) (Version: 3.4.0.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version:  - Seiko Epson Corporation)
EPSON Scan PDF EXtensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.02 - SEIKO EPSON Corp.)
Epson ScanSmart (HKLM-x32\...\{1A1B60BB-F156-4F6D-AD79-8A096B67E9AB}) (Version: 3.7.10 - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{711E8536-AB71-4455-A6C4-357FDBBEBF91}) (Version: 4.6.7 - Seiko Epson Corporation)
EPSON XP-2200 Series Printer Uninstall (HKLM\...\EPSON XP-2200 Series) (Version:  - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
FTMO MetaTrader 4 (HKLM-x32\...\FTMO MetaTrader 4) (Version: 4.00 - MetaQuotes Ltd.)
FTMO MetaTrader 5 (HKLM\...\FTMO MetaTrader 5) (Version: 5.00 - MetaQuotes Ltd.)
FXCM MetaTrader4 (HKLM-x32\...\FXCM MetaTrader4) (Version: 4.00 - MetaQuotes Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 131.0.6778.205 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 101.0.3.0 - Google LLC)
Hotspot Shield 12.9.6 (HKLM-x32\...\{AF599C42-A2E5-4251-B7EE-492511B712F8}) (Version: 12.9.6.12245 - Pango Inc.) Hidden
Hotspot Shield 12.9.6 (HKLM-x32\...\HotspotShield) (Version: 12.9.6 - Pango Inc.) Hidden
HotspotShield TAP-Windows 9.24.4 (HKLM\...\HotspotShield TAP-Windows) (Version: 9.24.4 - Pango Inc.) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{185db067-38cd-4521-a43e-c39b96ee1389}) (Version: 19.50.1 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{8C497266-8C62-4A79-AA01-763DA804E8C7}) (Version: 19.50.0.0945 - Intel Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 131.0.2903.112 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 131.0.2903.112 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\...\OneDriveSetup.exe) (Version: 24.226.1110.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.40.33810 (HKLM-x32\...\{47109d57-d746-4f8b-9618-ed6a17cc922b}) (Version: 14.40.33810.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.40.33810 (HKLM-x32\...\{5EA6C998-D5AC-4ED9-89C3-9F25B17CCD3D}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.40.33810 (HKLM-x32\...\{0C3457A0-3DCE-4A33-BEF0-9B528C557771}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
MyEpson Portal (HKLM-x32\...\{3361D415-BA35-4143-B301-661991BA6219}) (Version: 1.1.3.6 - SEIKO EPSON CORPORATION) Hidden
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version:  - Seiko Epson Corporation)
NVIDIA Graphics Driver 536.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 536.23 - NVIDIA Corporation)
OANDA Desktop (HKLM-x32\...\{BE91B0FB-1165-4248-BB64-A75205450D1F}) (Version: 5.0.2 - OANDA)
OpenOffice 4.1.15 (HKLM-x32\...\{82A24788-8CDB-49B9-AA92-6C357E2F8D40}) (Version: 4.115.9813 - Apache Software Foundation)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
TechSmith Capture (HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\...\RelayRecorder) (Version: 2.1.4 - TechSmith Corporation)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.21 - VideoLAN)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Zoom Workplace (64-bit) (HKLM\...\{78A47191-A0AD-4F93-8DF9-F2E5DCDEB418}) (Version: 6.2.47507 - Zoom)
 
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-12-13] ()
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa [2024-10-25] (Apple Inc.) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_7.0.8.0_neutral__mcm4njqhnhss8 [2024-07-23] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.967.0_x64__56jybvy8sckqj [2024-12-27] (NVIDIA Corp.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-05-31] (Microsoft Corporation)
Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.171.0_x64__pwbj9vvecjh7j [2025-01-03] (Amazon Development Centre (London) Ltd)
TradingView -> C:\Program Files\WindowsApps\TradingView.Desktop_2.9.4.6649_x64__n534cwy3pjxzj [2024-12-12] (TradingView, Inc.) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2450.6.0_x64__cv1g1gvanyjgm [2024-12-20] (WhatsApp Inc.) [Startup Task]
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1357561984-4161033644-3417195034-1001_Classes\CLSID\{32E26FD9-F435-4A20-A561-35D4B987CFDC}\InprocServer32 -> C:\Users\Paul\AppData\Local\WebEx\WebEx64\Meetings\atucfobj.dll (Cisco WebEx LLC -> Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-1357561984-4161033644-3417195034-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
ShellIconOverlayIdentifiers: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\101.0.3.0\drivefsext.dll [2024-12-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\101.0.3.0\drivefsext.dll [2024-12-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\101.0.3.0\drivefsext.dll [2024-12-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\101.0.3.0\drivefsext.dll [2024-12-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers-x32: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\101.0.3.0\drivefsext.dll [2024-12-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers-x32: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\101.0.3.0\drivefsext.dll [2024-12-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers-x32: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\101.0.3.0\drivefsext.dll [2024-12-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers-x32: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\101.0.3.0\drivefsext.dll [2024-12-16] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\101.0.3.0\drivefsext.dll [2024-12-16] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\101.0.3.0\drivefsext.dll [2024-12-16] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2022-11-22] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\101.0.3.0\drivefsext.dll [2024-12-16] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvrfi.inf_amd64_075e0a1c13484a5c\nvshext.dll [2024-09-28] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2022-11-22] (Piriform Software Ltd -> Piriform Software Ltd)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\Paul\My Drive\Desktop\Google Drive.lnk -> C:\Program Files\Google\Drive File Stream\launch.bat ()
 
==================== Loaded Modules (Whitelisted) =============
 
2021-11-19 19:11 - 2015-12-09 04:08 - 000182784 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Windows\System32\E_YLMBRFE.DLL
2016-09-14 13:31 - 2016-09-14 13:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [File not signed] C:\Windows\System32\enppmon.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Paul\Desktop\FRST64.exe:BDU [0]
 
==================== Safe Mode (Whitelisted) ==================
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) =============
 
BHO: Bitdefender Anti-tracker -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security App\bdtrackerstbie.dll [2024-12-13] (Bitdefender SRL -> Bitdefender)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll => No File
BHO-x32: Bitdefender Anti-tracker -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security App\antispam32\bdtrackerstbie.dll [2024-12-13] (Bitdefender SRL -> Bitdefender)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll => No File
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2019-12-07 09:14 - 2019-12-07 09:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
Network Binding:
=============
Bluetooth Network Connection: Bluetooth Device (Personal Area Network) -> bthpan.sys
WiFi: Intel® Dual Band Wireless-AC 7265 -> Netwtw04.sys
Ethernet 2: Realtek PCIe GbE Family Controller #2 -> rt640x64.sys
HotspotShield Network Adapter: HotspotShield TAP-Windows Adapter V9 -> hsstap.sys
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKLM\...\StartupApproved\Run: => "EPPCCMON"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_A4C619A52FD641FDF622FAB8D686879D"
HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\...\StartupApproved\Run: => "CiscoMeetingDaemon"
HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\...\StartupApproved\Run: => "GoogleDriveFS"
HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\...\StartupApproved\Run: => "utweb"
HKU\S-1-5-21-1357561984-4161033644-3417195034-1001\...\StartupApproved\Run: => "EPSDNMON"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{9FC518C8-E636-4E9A-B451-23361BB45443}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{AD439D60-7660-4378-838C-F997DAACF74E}] => (Allow) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe (Bitdefender SRL -> Bitdefender)
FirewallRules: [{8BFB03A1-CF34-49CA-BD11-FCC78F769B2D}] => (Allow) C:\Users\Paul\AppData\Roaming\Zoom\bin\Zoom.exe => No File
FirewallRules: [{5B45D9EF-AC52-42EF-8A6F-6A67A2B7B886}] => (Allow) C:\Users\Paul\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => No File
FirewallRules: [{0EF0A148-B0E0-46C7-A8A7-4C7B994F6D23}] => (Allow) C:\Users\Paul\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => No File
FirewallRules: [{9126DA9E-467D-4824-AA62-72627051AF52}] => (Allow) C:\Users\Paul\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => No File
FirewallRules: [{EFA319F7-5FDC-45BC-8FBC-5A01AD87F572}] => (Allow) C:\Users\Paul\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => No File
FirewallRules: [{357E694A-3CBC-4F7A-A7D8-CD54FEAD7EC1}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{6A7D9EA9-DB71-4A9E-988F-69D0C9EE6E30}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{96E19EED-738F-4A11-9F0D-43EC5328452C}] => (Allow) C:\Program Files\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{5CF4FD41-C92E-4A80-A627-8E812AC2332D}] => (Allow) C:\Program Files\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{BD4939EE-0B58-4ED9-B7E0-8C3A193CE12D}] => (Allow) C:\Program Files\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{8F3172D0-188D-4490-9714-93664B93608C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{FA636920-DA7D-48E5-A433-7BA7F7818D47}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{448A28A9-0545-46E8-B5F7-91B4E0BDD644}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{8B6247D9-726C-4141-A726-840CB9B7423B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{52A40D29-B39E-4E53-8BF4-565B97B84950}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{DC61B80B-CDDE-4724-8555-6A053FFA363B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{E00ED792-E39F-4489-9220-74C187E30D89}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{6A467FFD-1898-4482-B666-5AABA2DB05B5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{C2D73D66-1042-4618-8EC3-6D4850C4C33D}] => (Allow) C:\Program Files\FTMO MetaTrader 5\metatester64.exe (MetaQuotes Ltd -> MetaQuotes Ltd.)
FirewallRules: [{A80BBA97-DA58-47E9-842F-1E046129D27F}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{962C267A-05B5-48EE-B1BB-2633412CF18B}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.112\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0AADEE35-7335-41C6-BC2D-F74A2B1EA599}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{12DD8E3E-6D76-4648-9775-3445AC1C255C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{52E70027-CFEA-46FE-9A89-A9A05C5BEA36}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{32508CEB-D9FF-4597-A1D7-5FABB89A31B8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
 
==================== Restore Points =========================
 
18-12-2024 19:43:02 Scheduled Checkpoint
27-12-2024 06:05:09 Scheduled Checkpoint
05-01-2025 09:00:22 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices ============
 
==================== Event log errors: ========================
 
Application errors:
==================
 
System errors:
=============
Error: (01/06/2025 07:15:59 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {8018F647-BF07-55BB-82BE-A2D7049F7CE4} did not register with DCOM within the required timeout.
 
Error: (01/06/2025 07:15:54 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Secure Boot is not enabled on this machine.). For more information, please see https://go.microsoft...?linkid=2169931
 
 
CodeIntegrity:
===============
Date: 2025-01-06 07:16:05
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdamsi\dlls_267085317237112912\antimalware_provider64.dll that did not meet the Windows signing level requirements.
 
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. 2.B0 11/30/2020
Motherboard: Micro-Star International Co., Ltd. B450M MORTAR MAX (MS-7B89)
Processor: AMD Ryzen 5 1600 Six-Core Processor 
Percentage of memory in use: 48%
Total physical RAM: 8117.74 MB
Available physical RAM: 4170.95 MB
Total Virtual: 11317.74 MB
Available Virtual: 6432.85 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:223.46 GB) (Free:69.59 GB) (Model: WDC WDS240G2G0B-00EPW0) NTFS
 
\\?\Volume{5883be86-da96-4d54-9bc9-5fe116bd42c7}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: 5E539B50)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

  • 0

#4
ClearGreen

ClearGreen

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
BTW - after I had posted the scan results I tried to shut down the PC. Once again it showed a blue screen warning that there was an application still running, but it flashed up too quickly for me to see which application. The PC then restarted again.
As I had to leave for work I then tried the shutdown again, but this time I was ready, I was recording a video of my monitor so I could see what the application was as detailed on the blue screen.
So sod's law came into play, of course, and the blue screen warning about the application did not come up this time and the PC shut down as normal.
I hope this information helps.
Kind regards
Paul
  • 0

#5
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,713 posts
  • MVP

Search for

msconfig

hit Enter.

 

Click the circle in front of Diagnostic Startup

Hit OK.

 

Restart.

 

Once it restarts, try shutting it down and restarting it a few times.  Does it still restart instead of shutting down?

 

If not then go back into msconfig and click on the Normal Startup circle and then Apply.  Click on the Services tab and then check the box for Hide all Microsoft services

Now uncheck all remaining services.  Apply

Click on Startup tab.  Open Task Manager

Go down the list and if the entry is Enabled click on it and then Disable.

 

Close all programs and restart.

 

Now Shutdown and see if it shuts down correctly.  If so then one of the items that we unchecked or disabled is at fault.

 

Go back into msconfig and recheck all of the Services.  Apply OK and reboot.

 

Tyr the shutdown now.  If it still works OK then the services are not at fault.  Try enabling about 1/2 of the startup items. and repeat.  Remember ithe changes don't take effect until after the restart.

 

You might also want to try ESET's free online scan.  Takes a while but can catch stuff we can't see.

 

https://www.eset.com...online-scanner/

 

Click on One Time Scan then go to your downloads once the download finishes and right click on the file and Run as Admin.  Follow the instructions.  You may want to turn off Bit Defender while this runs.  Will be faster that way.


  • 0

#6
ClearGreen

ClearGreen

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Hi

 

Just a quick up date.  I'm sorry, but I couldn't carry out all of your instructions last night due to work and time restraints.  However, I did manage to run the online scanner you recommended and it came up with nothing.

 

As for the rest, I'll have another go tonight, but I fear getting my head around it and carrying it out may take a while.  I'm old and, according to my children, I shouldn't be allowed near a Pc let alone out on the web without teenage supervision.  As there aren't any millennials around, I'm afraid you've just got me.

 

Anyway, if the worst comes to the worst, I've got a couple of days off work at the end of the week.  So if I haven't sorted it by then, I'll have more time on Thursday and 'Friday.

 

Meanwhile, thank you very much for your help and I'll get back to you as soon as I can.

 

Kind regard

Paul


  • 0

#7
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,713 posts
  • MVP

No hurry.  I'm 78 if that helps.


  • 0

#8
ClearGreen

ClearGreen

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
 
Ok, I'm back at it today.
 
Initially I'm running ESET again; this time without Bitdefender running.  I recall you saying that it by turning off Bitdefender it would make the scan faster, but as I couldn't find an easy way to turn it off, I didn't.  Now with more time I've Googled it and am starting from scratch.
 
Wow, yes it is faster without Bitdefender getting in the way, but still nothing found.
 
I've gone into msconfig and restarted with the 'Diagnostic Startup' button checked and the Pc started up again rather than closing down.
 
The second shutdown - Pc started up again rather than closing down.
The third shutdown - same result, but a blue screen saying that Windows hasn't loaded correctly and offering me Advanced Repair options or to Restart the Pc.  I did the latter.
The fourth shutdown - Pc started up again rather than closing down.
The fifth shutdown - same result, but a blue screen saying that Windows hasn't loaded correctly and offering me Advanced Repair options or to Restart the Pc.  I did the latter.
 
As an aside, after carrying out the above, I noted that the System configuration had switched back to 'Selective Startup' from 'Diagnostic Startup'.  So I restarted the Pc 3 more times each time going back into System Configuration and re-clicking in the 'Diagnostic Startup' circle.
 
The Pc restarted on all of the 3 shutdowns.
 
As nothing is ever easy, after all this I decided I needed a coffee and came back to blank screens, but with the Pc still humming away.  Nothing I tried until got it back up gain until I turned off the power and then powered it back up again.  Now everything seems normal.  FYI - this hasn't happened before.
 
Ok, on we go.
 
I've just unchecked all the Services and clicked Apply and the Bitdefender ticks appeared back in the boxes and I also note that the Services box says that Bitdefender is still running, but I've turned defender off.  I've now tried the 'Disable All' (they disappeared) and 'Apply' (they reappeared).  Should I uninstall Bitdefender?
 
At this juncture I think it best if I stop proceeding and await your comments as I don't want to carry on with the Bitdefender boxes checked without knowing the consequences.
 
I do hope you're one of these people who likes a challenge.  Sorry - if you're not!
 
I look forward to your reply.
 
Kind regards
Paul

  • 0

#9
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,713 posts
  • MVP

OK If the diagnostic start also restarts then it is not some software program causing the problem but something in Windows itself.

 

Some PCs have a Fast Startup option in Setup.  See if yours does:

 

Settings, System, Power & Sleep then on the right select Additional Power Settings.

 

Click on Choose what the Power Buttons Do

 

Change Settings that are currently unavailable.

 

Then look at the bottom where it says Shutdown Settings.  and see if you have

'Turn on fast startup'

If so uncheck it

and Save Changes.

 

 

Another possibility is a BIOS setting.  What make and model PC is this?  I'll do some research and see if your PC has any sleep options in the BIOS.

 

There have also been reports of outdated BIOS software causing this problem so I will also try and find the latest update for your BIOS.


  • 0

#10
ClearGreen

ClearGreen

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Ok, I did as you said and then turned the Pc off and on 3 times.  Each time it closed down as it should.
 
As for the make and model of the Pc.  I'm afraid it's an 'Elliott Special'.  My son built it for me for my birthday and so I guess it's a mishmash of lots of things.  
 
As for the bits on the BIOS, well you have me there.  
 
There best I can think to do regarding the details of the innards is to send you a report by Speccy.  I hope that helps or if there's anything else I can run to tell you what you need, let me know and I'll sort it.
 
Kind regards
Paul
 
Summary
Operating System
Windows 10 Pro 64-bit
CPU
AMD Ryzen 5 23 °C
Pinnacle Ridge 12nm Technology
RAM
8.00GB Dual-Channel DDR4 @ 1199MHz (17-17-17-39)
Motherboard
Micro-Star International Co. Ltd. B450M MORTAR MAX (MS-7B89) (AM4) 24 °C
Graphics
2070W (1920x1080@60Hz)
2070W (1920x1080@60Hz)
2047MB NVIDIA GeForce GTX 1050 (ASUStek Computer Inc) 21 °C
Storage
223GB Western Digital WDC WDS240G2G0B-00EPW0 (SATA (SSD)) 23 °C
Optical Drives
No optical disk drives detected
Audio
NVIDIA High Definition Audio
Operating System
Windows 10 Pro 64-bit
Computer type: Desktop
Installation Date: 11/11/2021 20:27:08
Windows Security Center
User Account Control (UAC) Enabled
Notify level 2 - Default
Firewall Enabled
Windows Update
AutoUpdate Not configured
Windows Defender
Windows Defender Disabled
Antivirus
Bitdefender Antivirus
Antivirus Enabled
Virus Signature Database Up to date
Windows Defender
Antivirus Disabled
Virus Signature Database Up to date
.NET Frameworks installed
v4.8 Full
v4.8 Client
Internet Explorer
Version 11.3636.19041.0
PowerShell
Version 5.1.19041.1
Environment Variables
USERPROFILE C:\Users\Paul
SystemRoot C:\Windows
User Variables
OneDrive C:\Users\Paul\OneDrive
OneDriveConsumer C:\Users\Paul\OneDrive
Path C:\Users\Paul\AppData\Local\Microsoft\WindowsApps
C:\Program Files\Intel\WiFi\bin\
C:\Program Files\Common Files\Intel\WirelessCommon\
TEMP C:\Users\Paul\AppData\Local\Temp
TMP C:\Users\Paul\AppData\Local\Temp
Machine Variables
__PSLockDownPolicy 0
ComSpec C:\Windows\system32\cmd.exe
DriverData C:\Windows\System32\Drivers\DriverData
NUMBER_OF_PROCESSORS 12
OS Windows_NT
Path C:\Windows\system32
C:\Windows
C:\Windows\System32\Wbem
C:\Windows\System32\WindowsPowerShell\v1.0\
C:\Windows\System32\OpenSSH\
C:\Program Files\Intel\WiFi\bin\
C:\Program Files\Common Files\Intel\WirelessCommon\
PATHEXT .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE AMD64
PROCESSOR_IDENTIFIER AMD64 Family 23 Model 8 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL 23
PROCESSOR_REVISION 0802
PSModulePath %ProgramFiles%\WindowsPowerShell\Modules
C:\Windows\system32\WindowsPowerShell\v1.0\Modules
TEMP C:\Windows\TEMP
TMP C:\Windows\TEMP
USERNAME SYSTEM
windir C:\Windows
Power Profile
Active power scheme Balanced
Hibernation Enabled
Turn Off Monitor after: (On AC Power) Never
Turn Off Hard Disk after: (On AC Power) 20 min
Suspend after: (On AC Power) Never
Screen saver Disabled
Uptime
Current Session
Current Time 10/01/2025 07:58:16
Current Uptime 876 sec (0 d, 00 h, 14 m, 36 s)
Last Boot Time 10/01/2025 07:43:40
Services
Running Application Information
Running AppX Deployment Service (AppXSVC)
Running AVCTP service
Running Background Tasks Infrastructure Service
Running Base Filtering Engine
Running Bitdefender App Service
Running Bitdefender Auxiliary Service
Running Bitdefender Desktop Update Service
Running Bitdefender Protected Service
Running Bitdefender RedLine Service
Running Bitdefender Safepay Service
Running Bitdefender Virus Shield
Running Bluetooth Audio Gateway Service
Running Bluetooth Support Service
Running Capability Access Manager Service
Running Clipboard User Service_79b62
Running CNG Key Isolation
Running COM+ Event System
Running Connected Devices Platform Service
Running Connected Devices Platform User Service_79b62
Running Connected User Experiences and Telemetry
Running Contact Data_79b62
Running CoreMessaging
Running Credential Manager
Running Cryptographic Services
Running Data Usage
Running DCOM Server Process Launcher
Running Device Association Service
Running Device Setup Manager
Running DHCP Client
Running Diagnostic Policy Service
Running Diagnostic Service Host
Running Diagnostic System Host
Running Display Policy Service
Running Distributed Link Tracking Client
Running DNS Client
Running Function Discovery Provider Host
Running Function Discovery Resource Publication
Running Geolocation Service
Running Group Policy Client
Running Human Interface Device Service
Running IKE and AuthIP IPsec Keying Modules
Running IP Helper
Running Local Session Manager
Running Microsoft Account Sign-in Assistant
Running Network Connected Devices Auto-Setup
Running Network Connection Broker
Running Network List Service
Running Network Location Awareness
Running Network Store Interface Service
Running Peer Networking Identity Manager
Running Phone Service
Running Plug and Play
Running Power
Running Print Spooler
Running Program Compatibility Assistant Service
Running Radio Management Service
Running Remote Access Connection Manager
Running Remote Procedure Call (RPC)
Running RPC Endpoint Mapper
Running Secure Socket Tunneling Protocol Service
Running Security Accounts Manager
Running Security Center
Running Server
Running Shell Hardware Detection
Running SSDP Discovery
Running State Repository Service
Running Storage Service
Running Sync Host_79b62
Running SysMain
Running System Event Notification Service
Running System Events Broker
Running System Guard Runtime Monitor Broker
Running Task Scheduler
Running TCP/IP NetBIOS Helper
Running Telephony
Running Themes
Running Time Broker
Running Touch Keyboard and Handwriting Panel Service
Running Update Orchestrator Service
Running User Data Access_79b62
Running User Data Storage_79b62
Running User Manager
Running User Profile Service
Running Web Account Manager
Running Windows Audio
Running Windows Audio Endpoint Builder
Running Windows Connection Manager
Running Windows Defender Firewall
Running Windows Event Log
Running Windows Font Cache Service
Running Windows Image Acquisition (WIA)
Running Windows License Manager Service
Running Windows Management Instrumentation
Running Windows Push Notifications System Service
Running Windows Push Notifications User Service_79b62
Running Windows Search
Running Windows Security Service
Running Windows Update
Running WinHTTP Web Proxy Auto-Discovery Service
Running WLAN AutoConfig
Running Workstation
Stopped ActiveX Installer (AxInstSV)
Stopped Adobe Acrobat Update Service
Stopped Agent Activation Runtime_79b62
Stopped AllJoyn Router Service
Stopped App Readiness
Stopped Application Identity
Stopped Application Layer Gateway Service
Stopped Application Management
Stopped AssignedAccessManager Service
Stopped Auto Time Zone Updater
Stopped Background Intelligent Transfer Service
Stopped Bitdefender Agent RedLine Service
Stopped BitLocker Drive Encryption Service
Stopped Block Level Backup Engine Service
Stopped Bluetooth User Support Service_79b62
Stopped BranchCache
Stopped CaptureService_79b62
Stopped CCleaner Performance Optimizer Service
Stopped Cellular Time
Stopped Certificate Propagation
Stopped Client License Service (ClipSVC)
Stopped COM+ System Application
Stopped ConsentUX_79b62
Stopped CredentialEnrollmentManagerUserSvc_79b62
Stopped Data Sharing Service
Stopped Declared Configuration(DC) service
Stopped Delivery Optimization
Stopped Device Install Service
Stopped Device Management Enrollment Service
Stopped Device Management Wireless Application Protocol (WAP) Push message Routing Service
Stopped DeviceAssociationBroker_79b62
Stopped DevicePicker_79b62
Stopped DevicesFlow_79b62
Stopped DevQuery Background Discovery Broker
Stopped Diagnostic Execution Service
Stopped DialogBlockingService
Stopped Display Enhancement Service
Stopped Distributed Transaction Coordinator
Stopped Downloaded Maps Manager
Stopped Embedded Mode
Stopped Encrypting File System (EFS)
Stopped Enterprise App Management Service
Stopped Epson Scanner Service
Stopped Extensible Authentication Protocol
Stopped Fax
Stopped File History Service
Stopped GameDVR and Broadcast User Service_79b62
Stopped GameInput Service
Stopped Google Chrome Elevation Service (GoogleChromeElevationService)
Stopped Google updater internal service (GoogleUpdaterInternalService132.0.6833.0)
Stopped Google updater service (GoogleUpdaterService132.0.6833.0)
Stopped GraphicsPerfSvc
Stopped Hotspot Shield Service 12.9.6
Stopped HV Host Service
Stopped Hyper-V Data Exchange Service
Stopped Hyper-V Guest Service Interface
Stopped Hyper-V Guest Shutdown Service
Stopped Hyper-V Heartbeat Service
Stopped Hyper-V PowerShell Direct Service
Stopped Hyper-V Remote Desktop Virtualization Service
Stopped Hyper-V Time Synchronization Service
Stopped Hyper-V Volume Shadow Copy Requestor
Stopped Intel PROSet/Wireless Event Log
Stopped Intel PROSet/Wireless Registry Service
Stopped Intel PROSet/Wireless Zero Configuration Service
Stopped Internet Connection Sharing (ICS)
Stopped IP Translation Configuration Service
Stopped IPsec Policy Agent
Stopped KtmRm for Distributed Transaction Coordinator
Stopped Language Experience Service
Stopped Link-Layer Topology Discovery Mapper
Stopped Local Profile Assistant Service
Stopped McAfee WebAdvisor
Stopped McpManagementService
Stopped MessagingService_79b62
Stopped Microsoft Diagnostics Hub Standard Collector Service
Stopped Microsoft App-V Client
Stopped Microsoft Cloud Identity Service
Stopped Microsoft Defender Antivirus Network Inspection Service
Stopped Microsoft Defender Antivirus Service
Stopped Microsoft Edge Elevation Service (MicrosoftEdgeElevationService)
Stopped Microsoft Edge Update Service (edgeupdate)
Stopped Microsoft Edge Update Service (edgeupdatem)
Stopped Microsoft iSCSI Initiator Service
Stopped Microsoft Keyboard Filter
Stopped Microsoft Passport
Stopped Microsoft Passport Container
Stopped Microsoft Software Shadow Copy Provider
Stopped Microsoft Storage Spaces SMP
Stopped Microsoft Store Install Service
Stopped Microsoft Update Health Service
Stopped Microsoft Windows SMS Router Service.
Stopped MyEpson Portal Service
Stopped Natural Authentication
Stopped Net.Tcp Port Sharing Service
Stopped Netlogon
Stopped Network Connections
Stopped Network Connectivity Assistant
Stopped Network Setup Service
Stopped NVIDIA Display Container LS
Stopped Offline Files
Stopped OpenSSH Authentication Agent
Stopped Optimise drives
Stopped Parental Controls
Stopped Payments and NFC/SE Manager
Start pending Peer Name Resolution Protocol
Stopped Peer Networking Grouping
Stopped Performance Counter DLL Host
Stopped Performance Logs & Alerts
Stopped PNRP Machine Name Publication Service
Stopped Portable Device Enumerator Service
Stopped Printer Extensions and Notifications
Stopped PrintWorkflow_79b62
Stopped Problem Reports Control Panel Support
Stopped ProductAgentService
Stopped Quality Windows Audio Video Experience
Stopped Recommended Troubleshooting Service
Stopped Remote Access Auto Connection Manager
Stopped Remote Desktop Configuration
Stopped Remote Desktop Services
Stopped Remote Desktop Services UserMode Port Redirector
Stopped Remote Procedure Call (RPC) Locator
Stopped Remote Registry
Stopped Retail Demo Service
Stopped Routing and Remote Access
Stopped Secondary Logon
Stopped Sensor Data Service
Stopped Sensor Monitoring Service
Stopped Sensor Service
Stopped Shared PC Account Manager
Stopped Smart Card
Stopped Smart Card Device Enumeration Service
Stopped Smart Card Removal Policy
Stopped SNMP Trap
Stopped Software Protection
Stopped Spatial Data Service
Stopped Spot Verifier
Stopped Still Image Acquisition Events
Stopped Storage Tiers Management
Stopped Udk User Service_79b62
Stopped UPnP Device Host
Stopped User Experience Virtualization Service
Stopped Virtual Disk
Stopped Volume Shadow Copy
Stopped Volumetric Audio Compositor Service
Stopped WalletService
Stopped WarpJITSvc
Stopped WebClient
Stopped Wi-Fi Direct Services Connection Manager Service
Stopped Windows Backup
Stopped Windows Biometric Service
Stopped Windows Camera Frame Server
Stopped Windows Connect Now - Config Registrar
Stopped Windows Defender Advanced Threat Protection Service
Stopped Windows Encryption Provider Host Service
Stopped Windows Error Reporting Service
Stopped Windows Event Collector
Stopped Windows Insider Service
Stopped Windows Installer
Stopped Windows Management Service
Stopped Windows Media Player Network Sharing Service
Stopped Windows Mixed Reality OpenXR Service
Stopped Windows Mobile Hotspot Service
Stopped Windows Modules Installer
Stopped Windows Perception Service
Stopped Windows Perception Simulation Service
Stopped Windows PushToInstall Service
Stopped Windows Remote Management (WS-Management)
Stopped Windows Time
Stopped Windows Update Medic Service
Stopped Wired AutoConfig
Stopped Wireless PAN DHCP Server
Stopped WMI Performance Adapter
Stopped Work Folders
Stopped WWAN AutoConfig
Stopped Xbox Accessory Management Service
Stopped Xbox Live Auth Manager
Stopped Xbox Live Game Save
Stopped Xbox Live Networking Service
Stopped Zoom Sharing Service
TimeZone
TimeZone GMT
Language English (United Kingdom)
Location United Kingdom
Format English (United Kingdom)
Currency £
Date Format dd/MM/yyyy
Time Format HH:mm:ss
Scheduler
10/01/2025 08:00; MicrosoftEdgeUpdateTaskMachineUA
10/01/2025 08:42; CCleanerCrashReporting
10/01/2025 19:30; MicrosoftEdgeUpdateTaskMachineCore
11/01/2025 06:00; Adobe Acrobat Update Task
11/01/2025 06:28; OneDrive Standalone Update Task-S-1-5-21-1357561984-4161033644-3417195034-1001
11/01/2025 07:37; OneDrive Reporting Task-S-1-5-21-1357561984-4161033644-3417195034-1001
Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
CCleanerSkipUAC - Paul
Hotfixes
Installed
11/12/2024  2024-12 Cumulative Update for Windows 10 Version 22H2 for x64-based Systems (KB5048652)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
02/12/2024  2024-11 Cumulative Update Preview for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 for x64 (KB5048292)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
17/11/2024  9NH2SW16MQ7F-Microsoft.WindowsAppRuntime.1.5
9NH2SW16MQ7F-1152921505698532814
17/11/2024  9N8MHTPHNGVV-Microsoft.Windows.DevHome
9N8MHTPHNGVV-1152921505698356525
17/11/2024  2024-11 Cumulative Update for Windows 10 Version 22H2 for x64-based Systems (KB5046613)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
17/11/2024  2024-11 Security Update for Windows 10 Version 22H2 for x64-based Systems (KB5048239)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
17/11/2024  Windows Malicious Software Removal Tool x64 - v5.130 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
31/10/2024  2024-10 Cumulative Update Preview for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 for x64 (KB5045991)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
12/10/2024  2024-10 Update for Windows 10 Version 22H2 for x64-based Systems (KB5001716)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
10/10/2024  2024-10 Cumulative Update for Windows 10 Version 22H2 for x64-based Systems (KB5044273)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
10/10/2024  2024-10 Security Update for Windows 10 Version 22H2 for x64-based Systems (KB5046400)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
09/10/2024  2024-10 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 for x64 (KB5044091)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
09/10/2024  Windows Malicious Software Removal Tool x64 - v5.129 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
03/10/2024  Security Update for Microsoft Visual C++ 2010 Service Pack 1 Redistributable Package (KB2565063)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
13/09/2024  2024-09 Cumulative Update for Windows 10 Version 22H2 for x64-based Systems (KB5043064)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
13/09/2024  Windows Malicious Software Removal Tool x64 - v5.128 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
14/08/2024  2024-08 Cumulative Update for Windows 10 Version 22H2 for x64-based Systems (KB5041580)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
14/08/2024  2024-08 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 for x64 (KB5042352)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
14/08/2024  Windows Malicious Software Removal Tool x64 - v5.127 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
26/07/2024  2024-07 Cumulative Update Preview for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 for x64 (KB5041355)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
10/07/2024  2024-07 Cumulative Update for Windows 10 Version 22H2 for x64-based Systems (KB5040427)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
10/07/2024  2024-07 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 for x64 (KB5041019)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
10/07/2024  Windows Malicious Software Removal Tool x64 - v5.126 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
07/07/2024  2024-06 Cumulative Update Preview for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 for x64 (KB5040370)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
12/06/2024  2024-06 Cumulative Update for Windows 10 Version 22H2 for x64-based Systems (KB5039211)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
12/06/2024  Windows Malicious Software Removal Tool x64 - v5.125 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
14/05/2024  2024-05 Cumulative Update for Windows 10 Version 22H2 for x64-based Systems (KB5037768)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
14/05/2024  2024-05 Update for Windows 10 Version 22H2 for x64-based Systems (KB5001716)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
14/05/2024  Windows Malicious Software Removal Tool x64 - v5.124 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
06/05/2024  2024-04 Cumulative Update Preview for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 for x64 (KB5037724)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
09/04/2024  2024-04 Cumulative Update for Windows 10 Version 22H2 for x64-based Systems (KB5036892)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
09/04/2024  2024-04 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 for x64 (KB5037036)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
09/04/2024  Windows Malicious Software Removal Tool x64 - v5.123 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
29/03/2024  2024-03 Cumulative Update Preview for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 for x64 (KB5036580)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
13/03/2024  2024-03 Cumulative Update for Windows 10 Version 22H2 for x64-based Systems (KB5035845)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
13/03/2024  Windows Malicious Software Removal Tool x64 - v5.122 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
08/03/2024  2024-03 Update for Windows 10 Version 22H2 for x64-based Systems (KB5001716)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
14/02/2024  2024-02 Cumulative Update for Windows 10 Version 22H2 for x64-based Systems (KB5034763)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
14/02/2024  2024-02 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 for x64 (KB5034685)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
14/02/2024  Windows Malicious Software Removal Tool x64 - v5.121 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
27/01/2024  SAMSUNG Electronics Co., Ltd.  - Modem - 2.19.1.0
SAMSUNG Electronics Co., Ltd. Modem driver update released in
September 2022
27/01/2024  SAMSUNG Electronics Co., Ltd. - USB - 2.19.1.0
SAMSUNG Electronics Co., Ltd. USB driver update released in September
2022
27/01/2024  SAMSUNG Electronics Co., Ltd.  - USB - 2.19.1.0
SAMSUNG Electronics Co., Ltd. USB driver update released in September
2022
11/01/2024  2024-01 Cumulative Update for Windows 10 Version 22H2 for x64-based Systems (KB5034122)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
10/01/2024  2024-01 Security Update for Windows 10 Version 22H2 for x64-based Systems (KB5034441)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
10/01/2024  2024-01 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 for x64 (KB5034275)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
10/01/2024  Windows Malicious Software Removal Tool x64 - v5.120 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
14/12/2023  2023-12 Cumulative Update for Windows 10 Version 22H2 for x64-based Systems (KB5033372)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
15/11/2023  2023-11 Cumulative Update for Windows 10 Version 22H2 for x64-based Systems (KB5032189)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
15/11/2023  2023-11 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 for x64 (KB5032339)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
15/11/2023  Windows Malicious Software Removal Tool x64 - v5.119 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
27/10/2023  2023-10 Cumulative Update Preview for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 for x64 (KB5031904)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
11/10/2023  2023-10 Cumulative Update for Windows 10 Version 22H2 for x64-based Systems (KB5031356)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
11/10/2023  2023-10 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 for x64 (KB5031224)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
11/10/2023  Windows Malicious Software Removal Tool x64 - v5.118 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
05/10/2023  2023-10 Update for Windows 10 Version 22H2 for x64-based Systems (KB5001716)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
14/09/2023  2023-09 Cumulative Update for Windows 10 Version 22H2 for x64-based Systems (KB5030211)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
14/09/2023  2023-09 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 for x64 (KB5030180)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
14/09/2023  Windows Malicious Software Removal Tool x64 - v5.117 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
15/08/2023  NVIDIA - Display - 31.0.15.3623
NVIDIA Display driver update released in June 2023
09/08/2023  2023-08 Cumulative Update for Windows 10 Version 22H2 for x64-based Systems (KB5029244)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
09/08/2023  2023-08 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 for x64 (KB5029649)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
09/08/2023  Windows Malicious Software Removal Tool x64 - v5.116 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
12/07/2023  2023-07 Cumulative Update for Windows 10 Version 22H2 for x64-based Systems (KB5028166)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
12/07/2023  2023-07 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 for x64 (KB5028937)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
12/07/2023  Windows Malicious Software Removal Tool x64 - v5.115 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
04/07/2023  NVIDIA - Display - 31.0.15.3179
NVIDIA Display driver update released in April 2023
01/07/2023  2023-06 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 for x64 (KB5027538)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
30/06/2023  Microsoft .NET Framework 4.8.1 for Windows 10 Version 22H2 for x64 (KB5011048)
The Microsoft .NET Framework 4.8.1 is a highly compatible, in-place
update for all the previous versions of .NET Framework 4.X. After
you install this update, you may have to restart your computer.
14/06/2023  2023-06 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 for x64 (KB5027538)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
14/06/2023  2023-06 Cumulative Update for Windows 10 Version 22H2 for x64-based Systems (KB5027215)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
14/06/2023  Windows Malicious Software Removal Tool x64 - v5.114 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
26/05/2023  2023-05 Cumulative Update Preview for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 for x64 (KB5026958)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
10/05/2023  2023-05 Cumulative Update for Windows 10 Version 22H2 for x64-based Systems (KB5026361)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
10/05/2023  Windows Malicious Software Removal Tool x64 - v5.113 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
04/05/2023  2023-04 Cumulative Update Preview for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 for x64 (KB5025367)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
13/04/2023  2023-04 Cumulative Update for Windows 10 Version 22H2 for x64-based Systems (KB5025221)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
12/04/2023  Windows Malicious Software Removal Tool x64 - v5.112 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
17/03/2023  2023-03 Cumulative Update for Windows 10 Version 22H2 for x64-based Systems (KB5023696)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
17/03/2023  Windows Malicious Software Removal Tool x64 - v5.111 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
16/02/2023  2023-02 Cumulative Update for Windows 10 Version 22H2 for x64-based Systems (KB5022834)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer
16/02/2023  2023-02 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 for x64 (KB5022729)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
16/02/2023  Windows Malicious Software Removal Tool x64 - v5.110 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
21/01/2023  2023-01 Cumulative Update Preview for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 for x64 (KB5022478)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
19/01/2023  Feature update to Windows 10, version 22H2
Install the latest update for Windows 10: Windows 10, version
22H2.
18/01/2023  NVIDIA - Display - 31.0.15.1694
NVIDIA Display driver update released in July 2022
18/01/2023  Windows Malicious Software Removal Tool x64 - v5.109 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
18/01/2023  2022-12 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 21H1 for x64 (KB5021087)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
18/01/2023  2022-11 Update for Windows 10 Version 21H1 for x64-based Systems (KB5001716)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
14/10/2022  2022-10 Cumulative Update for Windows 10 Version 21H1 for x64-based Systems (KB5018410)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
14/10/2022  2022-10 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 21H1 for x64 (KB5018544)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
14/10/2022  Windows Malicious Software Removal Tool x64 - v5.106 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
14/09/2022  2022-09 Cumulative Update for Windows 10 Version 21H1 for x64-based Systems (KB5017308)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
14/09/2022  2022-09 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 21H1 for x64 (KB5017499)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
14/09/2022  Windows Malicious Software Removal Tool x64 - v5.105 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
10/08/2022  2022-08 Cumulative Update for Windows 10 Version 21H1 for x64-based Systems (KB5016616)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
10/08/2022  2022-08 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 21H1 for x64 (KB5015730)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
10/08/2022  2022-08 Security Update for Windows 10 Version 21H1 for x64-based Systems (KB5012170)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
10/08/2022  Windows Malicious Software Removal Tool x64 - v5.104 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
06/08/2022  9NF8H0H7WMLT-NVIDIACorp.NVIDIAControlPanel
9NF8H0H7WMLT-1152921505694391063
06/08/2022  NVIDIA - Display - 30.0.15.1215
NVIDIA Display driver update released in March 2022
13/07/2022  2022-07 Cumulative Update for Windows 10 Version 21H1 for x64-based Systems (KB5015807)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
13/07/2022  Windows Malicious Software Removal Tool x64 - v5.103 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
15/06/2022  2022-06 Cumulative Update for Windows 10 Version 21H1 for x64-based Systems (KB5014699)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
15/06/2022  Windows Malicious Software Removal Tool x64 - v5.102 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
05/06/2022  2022-05 Cumulative Update Preview for .NET Framework 3.5 and 4.8 for Windows 10 Version 21H1 for x64 (KB5013887)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
11/05/2022  2022-05 Cumulative Update for Windows 10 Version 21H1 for x64-based Systems (KB5013942)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
11/05/2022  2022-05 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 21H1 for x64 (KB5013624)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
11/05/2022  Windows Malicious Software Removal Tool x64 - v5.101 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
06/05/2022  Intel - net - 19.51.40.1
Intel net driver update released in February 2022
22/04/2022  2022-04 Update for Windows 10 Version 21H1 for x64-based Systems (KB5005463)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
13/04/2022  2022-04 Cumulative Update for Windows 10 Version 21H1 for x64-based Systems (KB5012599)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
13/04/2022  2022-04 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 21H1 for x64 (KB5012117)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
13/04/2022  Windows Malicious Software Removal Tool x64 - v5.100 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
05/04/2022  Intel Corporation - Bluetooth - 20.100.10.7
Intel Corporation Bluetooth driver update released in December
2021
29/03/2022  Realtek - Net - 10.54.1111.2021
Realtek Net driver update released in November 2021
09/03/2022  2022-03 Cumulative Update for Windows 10 Version 21H1 for x64-based Systems (KB5011487)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
09/03/2022  Windows Malicious Software Removal Tool x64 - v5.99 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
17/02/2022  2022-02 Cumulative Update Preview for .NET Framework 3.5 and 4.8 for Windows 10 Version 21H1 for x64 (KB5010472)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
11/02/2022  2022-02 Cumulative Update for Windows 10 Version 21H1 for x64-based Systems (KB5010342)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
11/02/2022  Windows Malicious Software Removal Tool x64 - v5.98 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
11/02/2022  2022-02 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 21H1 for x64 (KB5009467)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
28/01/2022  Intel Corporation - Bluetooth - 20.100.10.6
Intel Corporation Bluetooth driver update released in October
2021
12/01/2022  2022-01 Cumulative Update for Windows 10 Version 21H1 for x64-based Systems (KB5009543)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
12/01/2022  2022-01 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 21H1 for x64 (KB5008876)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
12/01/2022  Windows Malicious Software Removal Tool x64 - v5.97 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
18/12/2021  NVIDIA - Display - 27.21.14.5671
NVIDIA Display driver update released in September 2020
15/12/2021  2021-12 Cumulative Update for Windows 10 Version 21H1 for x64-based Systems (KB5008212)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
15/12/2021  Windows Malicious Software Removal Tool x64 - v5.96 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
22/11/2021  2021-11 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 21H1 for x64 (KB5006365)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
19/11/2021  EPSON - Printer - 4/22/2009 12:00:00 AM - 10.0.17119.1
EPSON Printer driver update released in April 2009
19/11/2021  Epson - Image - 6/22/2006 12:00:00 AM - 10.0.17119.1
Epson Image driver update released in June 2006
19/11/2021  2021-11 Cumulative Update for Windows 10 Version 21H1 for x64-based Systems (KB5007186)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
19/11/2021  Advanced Micro Devices, Inc - System - 2.2.0.130
Advanced Micro Devices, Inc System driver update released in
March 2020
18/11/2021  2021-11 Cumulative Update for Windows 10 Version 21H1 for x64-based Systems (KB5007186)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
18/11/2021  2021-09 Update for Windows 10 Version 21H1 for x64-based Systems (KB4023057)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
18/11/2021  Windows Malicious Software Removal Tool x64 - v5.95 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
18/11/2021  2021-10 Update for Windows 10 Version 21H1 for x64-based Systems (KB5005463)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
18/11/2021  Intel Corporation - Bluetooth - 20.100.9.2
Intel Corporation Bluetooth driver update released in May 2021
11/11/2021  Advanced Micro Devices Inc. - SecurityDevices - 6/2/2017 12:00:00 AM - 4.4.0.0
Advanced Micro Devices Inc. SecurityDevices driver update released
in June 2017
11/11/2021  Advanced Micro Devices, Inc. - System - 2.0.1.0
Advanced Micro Devices, Inc. System driver update released in
March 2020
11/11/2021  Advanced Micro Devices, Inc - System - 5.12.0.38
Advanced Micro Devices, Inc System driver update released in
March 2020
11/11/2021  NVIDIA - Display - 10/27/2017 12:00:00 AM - 23.21.13.8813
NVIDIA Display driver update released in October 2017
11/11/2021  Advanced Micro Devices - System - 1.0.0.83
Advanced Micro Devices System driver update released in May 2021
Not Installed
26/11/2024  2024-11 Cumulative Update Preview for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 for x64 (KB5048292)
Installation Status Failed
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
03/10/2024  2024-09 Cumulative Update Preview for Windows 10 Version 22H2 for x64-based Systems (KB5043131)
Installation Status Failed
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
10/11/2023  2023-10 Update for Windows 10 Version 22H2 for x64-based Systems (KB4023057)
Installation Status In Progress
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
28/09/2023  9NBLGGH4NNS1-Microsoft.DesktopAppInstaller
Installation Status Failed
9NBLGGH4NNS1-1152921505696828149
28/09/2023  9NMPJ99VJBWV-Microsoft.YourPhone
Installation Status Failed
9NMPJ99VJBWV-1152921505696823071
28/09/2023  9WZDNCRFJ364-MICROSOFT.SKYPEAPP
Installation Status Failed
9WZDNCRFJ364-1152921505696821593
06/09/2023  2023-08 Update for Windows 10 Version 22H2 for x64-based Systems (KB4023057)
Installation Status In Progress
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
14/06/2023  2023-06 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 for x64 (KB5027538)
Installation Status Failed
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
03/05/2023  2023-04 Update for Windows 10 Version 22H2 for x64-based Systems (KB4023057)
Installation Status In Progress
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
27/01/2023  2023-01 Update for Windows 10 Version 22H2 for x64-based Systems (KB4023057)
Installation Status In Progress
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
20/01/2023  2022-10 Update for Windows 10 Version 22H2 for x64-based Systems (KB4023057)
Installation Status In Progress
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
06/04/2022  2022-04 Update for Windows 10 Version 21H1 for x64-based Systems (KB4023057)
Installation Status In Progress
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
11/03/2022  2022-03 Update for Windows 10 Version 21H1 for x64-based Systems (KB4023057)
Installation Status In Progress
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
18/02/2022  2022-01 Update for Windows 10 Version 21H1 for x64-based Systems (KB4023057)
Installation Status In Progress
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
System Folders
Application Data C:\ProgramData
Cookies C:\Users\Paul\AppData\Local\Microsoft\Windows\INetCookies
Desktop C:\Users\Paul\Desktop
Documents C:\Users\Public\Documents
Fonts C:\Windows\Fonts
Global Favorites C:\Users\Paul\Favorites
Internet History C:\Users\Paul\AppData\Local\Microsoft\Windows\History
Local Application Data C:\Users\Paul\AppData\Local
Music C:\Users\Public\Music
Path for burning CD C:\Users\Paul\AppData\Local\Microsoft\Windows\Burn\Burn
Physical Desktop C:\Users\Paul\Desktop
Pictures C:\Users\Public\Pictures
Program Files C:\Program Files
Public Desktop C:\Users\Public\Desktop
Start Menu C:\ProgramData\Microsoft\Windows\Start Menu
Start Menu Programs C:\ProgramData\Microsoft\Windows\Start Menu\Programs
Startup C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Templates C:\ProgramData\Microsoft\Windows\Templates
Temporary Internet Files C:\Users\Paul\AppData\Local\Microsoft\Windows\INetCache
User Favorites C:\Users\Paul\Favorites
Videos C:\Users\Public\Videos
Windows Directory C:\Windows
Windows/System C:\Windows\system32
Process List
AggregatorHost.exe
Process ID 8552
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\AggregatorHost.exe
Memory Usage 4.85 MB
Peak Memory Usage 5.12 MB
ApplicationFrameHost.exe
Process ID 3168
User Paul
Domain PC
Path C:\Windows\System32\ApplicationFrameHost.exe
Memory Usage 28 MB
Peak Memory Usage 30 MB
bdagent.exe
Process ID 11552
User Paul
Domain PC
Path C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe
Memory Usage 47 MB
Peak Memory Usage 64 MB
bdntwrk.exe
Process ID 6608
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe
Memory Usage 19 MB
Peak Memory Usage 21 MB
bdredline.exe
Process ID 7796
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
Memory Usage 13 MB
Peak Memory Usage 13 MB
bdservicehost.exe
Process ID 2044
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Bitdefender\Bitdefender Security App\safepay\bdservicehost.exe
Memory Usage 25 MB
Peak Memory Usage 45 MB
bdservicehost.exe
Process ID 2036
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
Memory Usage 617 MB
Peak Memory Usage 966 MB
bdservicehost.exe
Process ID 5208
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
Memory Usage 33 MB
Peak Memory Usage 34 MB
bdservicehost.exe
Process ID 2840
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
Memory Usage 38 MB
Peak Memory Usage 41 MB
bdservicehost.exe
Process ID 2876
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe
Memory Usage 57 MB
Peak Memory Usage 61 MB
bduserhost.exe
Process ID 9696
User Paul
Domain PC
Path C:\Program Files\Bitdefender\Bitdefender Security\bduserhost.exe
Memory Usage 16 MB
Peak Memory Usage 17 MB
bduserhost.exe
Process ID 3028
User Paul
Domain PC
Path C:\Program Files\Bitdefender\Bitdefender Security\bduserhost.exe
Memory Usage 22 MB
Peak Memory Usage 23 MB
CCleaner64.exe
Process ID 12340
User Paul
Domain PC
Path C:\Program Files\CCleaner\CCleaner64.exe
Memory Usage 35 MB
Peak Memory Usage 63 MB
csrss.exe
Process ID 1012
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\csrss.exe
Memory Usage 5.71 MB
Peak Memory Usage 5.80 MB
csrss.exe
Process ID 1060
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\csrss.exe
Memory Usage 5.40 MB
Peak Memory Usage 13 MB
ctfmon.exe
Process ID 7644
User Paul
Domain PC
Path C:\Windows\System32\ctfmon.exe
Memory Usage 20 MB
Peak Memory Usage 20 MB
dasHost.exe
Process ID 2632
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\dasHost.exe
Memory Usage 16 MB
Peak Memory Usage 17 MB
dllhost.exe
Process ID 2356
User Paul
Domain PC
Path C:\Windows\System32\dllhost.exe
Memory Usage 16 MB
Peak Memory Usage 16 MB
dwm.exe
Process ID 1936
User DWM-1
Domain Window Manager
Path C:\Windows\System32\dwm.exe
Memory Usage 69 MB
Peak Memory Usage 94 MB
EPPCCMON.EXE
Process ID 12256
User Paul
Domain PC
Path C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE
Memory Usage 9.02 MB
Peak Memory Usage 9.25 MB
explorer.exe
Process ID 7924
User Paul
Domain PC
Path C:\Windows\explorer.exe
Memory Usage 179 MB
Peak Memory Usage 203 MB
fontdrvhost.exe
Process ID 1304
User UMFD-0
Domain Font Driver Host
Path C:\Windows\System32\fontdrvhost.exe
Memory Usage 4.21 MB
Peak Memory Usage 4.25 MB
fontdrvhost.exe
Process ID 1432
User UMFD-1
Domain Font Driver Host
Path C:\Windows\System32\fontdrvhost.exe
Memory Usage 5.70 MB
Peak Memory Usage 5.70 MB
LockApp.exe
Process ID 11920
User Paul
Domain PC
Path C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
Memory Usage 69 MB
Peak Memory Usage 74 MB
lsass.exe
Process ID 1152
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\lsass.exe
Memory Usage 21 MB
Peak Memory Usage 22 MB
Memory Compression
Process ID 3360
User SYSTEM
Domain NT AUTHORITY
Memory Usage 54 MB
Peak Memory Usage 159 MB
msedgewebview2.exe
Process ID 1180
User Paul
Domain PC
Path C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.112\msedgewebview2.exe
Memory Usage 34 MB
Peak Memory Usage 35 MB
msedgewebview2.exe
Process ID 7124
User Paul
Domain PC
Path C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.112\msedgewebview2.exe
Memory Usage 100 MB
Peak Memory Usage 103 MB
msedgewebview2.exe
Process ID 10448
User Paul
Domain PC
Path C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.112\msedgewebview2.exe
Memory Usage 7.38 MB
Peak Memory Usage 7.38 MB
msedgewebview2.exe
Process ID 2380
User Paul
Domain PC
Path C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.112\msedgewebview2.exe
Memory Usage 76 MB
Peak Memory Usage 86 MB
msedgewebview2.exe
Process ID 8408
User Paul
Domain PC
Path C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.112\msedgewebview2.exe
Memory Usage 19 MB
Peak Memory Usage 21 MB
msedgewebview2.exe
Process ID 4420
User Paul
Domain PC
Path C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.112\msedgewebview2.exe
Memory Usage 82 MB
Peak Memory Usage 100 MB
PhoneExperienceHost.exe
Process ID 12012
User Paul
Domain PC
Path C:\Program Files\WindowsApps\Microsoft.YourPhone_1.24112.110.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
Memory Usage 147 MB
Peak Memory Usage 148 MB
Registry
Process ID 148
User SYSTEM
Domain NT AUTHORITY
Memory Usage 83 MB
Peak Memory Usage 92 MB
RuntimeBroker.exe
Process ID 12112
User Paul
Domain PC
Path C:\Windows\System32\RuntimeBroker.exe
Memory Usage 34 MB
Peak Memory Usage 43 MB
RuntimeBroker.exe
Process ID 10568
User Paul
Domain PC
Path C:\Windows\System32\RuntimeBroker.exe
Memory Usage 46 MB
Peak Memory Usage 46 MB
RuntimeBroker.exe
Process ID 9972
User Paul
Domain PC
Path C:\Windows\System32\RuntimeBroker.exe
Memory Usage 25 MB
Peak Memory Usage 28 MB
RuntimeBroker.exe
Process ID 12084
User Paul
Domain PC
Path C:\Windows\System32\RuntimeBroker.exe
Memory Usage 22 MB
Peak Memory Usage 23 MB
RuntimeBroker.exe
Process ID 1788
User Paul
Domain PC
Path C:\Windows\System32\RuntimeBroker.exe
Memory Usage 23 MB
Peak Memory Usage 29 MB
RuntimeBroker.exe
Process ID 9352
User Paul
Domain PC
Path C:\Windows\System32\RuntimeBroker.exe
Memory Usage 17 MB
Peak Memory Usage 18 MB
SearchApp.exe
Process ID 10384
User Paul
Domain PC
Path C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Memory Usage 256 MB
Peak Memory Usage 268 MB
SearchApp.exe
Process ID 8944
User Paul
Domain PC
Path C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Memory Usage 76 MB
Peak Memory Usage 76 MB
SearchIndexer.exe
Process ID 5900
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\SearchIndexer.exe
Memory Usage 30 MB
Peak Memory Usage 31 MB
SecurityHealthService.exe
Process ID 2004
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\SecurityHealthService.exe
Memory Usage 14 MB
Peak Memory Usage 14 MB
services.exe
Process ID 1132
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\services.exe
Memory Usage 11 MB
Peak Memory Usage 11 MB
SgrmBroker.exe
Process ID 7908
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\SgrmBroker.exe
Memory Usage 8.32 MB
Peak Memory Usage 9.39 MB
ShellExperienceHost.exe
Process ID 12776
User Paul
Domain PC
Path C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Memory Usage 61 MB
Peak Memory Usage 65 MB
sihost.exe
Process ID 1320
User Paul
Domain PC
Path C:\Windows\System32\sihost.exe
Memory Usage 27 MB
Peak Memory Usage 27 MB
smartscreen.exe
Process ID 14152
User Paul
Domain PC
Path C:\Windows\System32\smartscreen.exe
Memory Usage 27 MB
Peak Memory Usage 27 MB
smss.exe
Process ID 880
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\smss.exe
Memory Usage 1.16 MB
Peak Memory Usage 1.21 MB
Speccy64.exe
Process ID 13796
User Paul
Domain PC
Path C:\Program Files\Speccy\Speccy64.exe
Memory Usage 37 MB
Peak Memory Usage 37 MB
splwow64.exe
Process ID 9012
User Paul
Domain PC
Path C:\Windows\splwow64.exe
Memory Usage 11 MB
Peak Memory Usage 14 MB
spoolsv.exe
Process ID 4888
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\spoolsv.exe
Memory Usage 17 MB
Peak Memory Usage 17 MB
StartMenuExperienceHost.exe
Process ID 8284
User Paul
Domain PC
Path C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
Memory Usage 67 MB
Peak Memory Usage 80 MB
svchost.exe
Process ID 4036
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 9.34 MB
Peak Memory Usage 9.43 MB
svchost.exe
Process ID 4064
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 13 MB
Peak Memory Usage 13 MB
svchost.exe
Process ID 4148
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 8.43 MB
Peak Memory Usage 8.63 MB
svchost.exe
Process ID 4156
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 10 MB
Peak Memory Usage 11 MB
svchost.exe
Process ID 4164
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 7.12 MB
Peak Memory Usage 7.23 MB
svchost.exe
Process ID 4548
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 15 MB
Peak Memory Usage 21 MB
svchost.exe
Process ID 4556
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 7.95 MB
Peak Memory Usage 8.01 MB
svchost.exe
Process ID 4644
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 19 MB
Peak Memory Usage 19 MB
svchost.exe
Process ID 4760
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 13 MB
Peak Memory Usage 13 MB
svchost.exe
Process ID 4960
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 20 MB
Peak Memory Usage 21 MB
svchost.exe
Process ID 5024
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 8.43 MB
Peak Memory Usage 8.44 MB
svchost.exe
Process ID 5200
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 38 MB
Peak Memory Usage 72 MB
svchost.exe
Process ID 5216
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 21 MB
Peak Memory Usage 21 MB
svchost.exe
Process ID 5224
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 5.86 MB
Peak Memory Usage 5.95 MB
svchost.exe
Process ID 5232
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 8.29 MB
Peak Memory Usage 8.54 MB
svchost.exe
Process ID 5240
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 11 MB
Peak Memory Usage 11 MB
svchost.exe
Process ID 5248
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 15 MB
Peak Memory Usage 94 MB
svchost.exe
Process ID 5256
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 8.77 MB
Peak Memory Usage 8.82 MB
svchost.exe
Process ID 5264
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 7.84 MB
Peak Memory Usage 7.96 MB
svchost.exe
Process ID 5400
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 6.91 MB
Peak Memory Usage 7.05 MB
svchost.exe
Process ID 2724
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 6.31 MB
Peak Memory Usage 6.37 MB
svchost.exe
Process ID 5812
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 14 MB
Peak Memory Usage 14 MB
svchost.exe
Process ID 5904
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 11 MB
Peak Memory Usage 11 MB
svchost.exe
Process ID 5092
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 13 MB
Peak Memory Usage 17 MB
svchost.exe
Process ID 7196
User Paul
Domain PC
Path C:\Windows\System32\svchost.exe
Memory Usage 31 MB
Peak Memory Usage 31 MB
svchost.exe
Process ID 7244
User Paul
Domain PC
Path C:\Windows\System32\svchost.exe
Memory Usage 35 MB
Peak Memory Usage 36 MB
svchost.exe
Process ID 7548
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 8.13 MB
Peak Memory Usage 8.32 MB
svchost.exe
Process ID 7680
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 22 MB
Peak Memory Usage 22 MB
svchost.exe
Process ID 8148
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 19 MB
Peak Memory Usage 19 MB
svchost.exe
Process ID 8296
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 5.74 MB
Peak Memory Usage 5.81 MB
svchost.exe
Process ID 8496
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 7.30 MB
Peak Memory Usage 7.37 MB
svchost.exe
Process ID 8504
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 8.60 MB
Peak Memory Usage 8.85 MB
svchost.exe
Process ID 8684
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 10 MB
Peak Memory Usage 10 MB
svchost.exe
Process ID 8928
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 8.79 MB
Peak Memory Usage 9.01 MB
svchost.exe
Process ID 9152
User Paul
Domain PC
Path C:\Windows\System32\svchost.exe
Memory Usage 19 MB
Peak Memory Usage 19 MB
svchost.exe
Process ID 9508
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 12 MB
Peak Memory Usage 13 MB
svchost.exe
Process ID 9688
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 12 MB
Peak Memory Usage 12 MB
svchost.exe
Process ID 1692
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 12 MB
Peak Memory Usage 12 MB
svchost.exe
Process ID 1276
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 27 MB
Peak Memory Usage 28 MB
svchost.exe
Process ID 9528
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 24 MB
Peak Memory Usage 25 MB
svchost.exe
Process ID 1472
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 15 MB
Peak Memory Usage 15 MB
svchost.exe
Process ID 1528
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 8.35 MB
Peak Memory Usage 8.47 MB
svchost.exe
Process ID 10652
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 18 MB
Peak Memory Usage 18 MB
svchost.exe
Process ID 1596
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 15 MB
Peak Memory Usage 16 MB
svchost.exe
Process ID 1676
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 10 MB
Peak Memory Usage 11 MB
svchost.exe
Process ID 1684
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 12 MB
Peak Memory Usage 13 MB
svchost.exe
Process ID 1700
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 12 MB
Peak Memory Usage 12 MB
svchost.exe
Process ID 1708
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 9.00 MB
Peak Memory Usage 9.21 MB
svchost.exe
Process ID 1836
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 20 MB
Peak Memory Usage 21 MB
svchost.exe
Process ID 1876
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 6.61 MB
Peak Memory Usage 6.71 MB
svchost.exe
Process ID 12432
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 12 MB
Peak Memory Usage 12 MB
svchost.exe
Process ID 12880
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 9.67 MB
Peak Memory Usage 10 MB
svchost.exe
Process ID 1004
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 8.94 MB
Peak Memory Usage 8.95 MB
svchost.exe
Process ID 11100
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 6.73 MB
Peak Memory Usage 6.89 MB
svchost.exe
Process ID 3232
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 14 MB
Peak Memory Usage 14 MB
svchost.exe
Process ID 9968
User Paul
Domain PC
Path C:\Windows\System32\svchost.exe
Memory Usage 21 MB
Peak Memory Usage 22 MB
svchost.exe
Process ID 2084
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 7.84 MB
Peak Memory Usage 8.01 MB
svchost.exe
Process ID 2112
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 14 MB
Peak Memory Usage 14 MB
svchost.exe
Process ID 2160
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 9.27 MB
Peak Memory Usage 9.54 MB
svchost.exe
Process ID 2232
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 16 MB
Peak Memory Usage 16 MB
svchost.exe
Process ID 4900
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 12 MB
Peak Memory Usage 12 MB
svchost.exe
Process ID 5524
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 5.79 MB
Peak Memory Usage 5.91 MB
svchost.exe
Process ID 2268
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 15 MB
Peak Memory Usage 15 MB
svchost.exe
Process ID 2300
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 13 MB
Peak Memory Usage 13 MB
svchost.exe
Process ID 2448
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 10 MB
Peak Memory Usage 11 MB
svchost.exe
Process ID 2552
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 7.71 MB
Peak Memory Usage 7.97 MB
svchost.exe
Process ID 2912
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 21 MB
Peak Memory Usage 22 MB
svchost.exe
Process ID 3008
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 7.20 MB
Peak Memory Usage 7.46 MB
svchost.exe
Process ID 1932
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 7.82 MB
Peak Memory Usage 7.98 MB
svchost.exe
Process ID 3120
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 6.09 MB
Peak Memory Usage 6.15 MB
svchost.exe
Process ID 3128
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 14 MB
Peak Memory Usage 18 MB
svchost.exe
Process ID 11524
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 20 MB
Peak Memory Usage 20 MB
svchost.exe
Process ID 13468
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 8.80 MB
Peak Memory Usage 8.86 MB
svchost.exe
Process ID 3136
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 8.42 MB
Peak Memory Usage 8.65 MB
svchost.exe
Process ID 14164
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 7.53 MB
Peak Memory Usage 7.59 MB
svchost.exe
Process ID 3196
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 8.62 MB
Peak Memory Usage 8.96 MB
svchost.exe
Process ID 3204
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 8.90 MB
Peak Memory Usage 9.48 MB
svchost.exe
Process ID 3488
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 8.02 MB
Peak Memory Usage 8.22 MB
svchost.exe
Process ID 12132
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 9.66 MB
Peak Memory Usage 9.67 MB
svchost.exe
Process ID 3936
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 8.77 MB
Peak Memory Usage 8.82 MB
System
Process ID 4
Memory Usage 4.23 MB
Peak Memory Usage 7.97 MB
System Idle Process
Process ID 0
SystemSettings.exe
Process ID 3088
User Paul
Domain PC
Path C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Memory Usage 15 MB
Peak Memory Usage 120 MB
taskhostw.exe
Process ID 7656
User Paul
Domain PC
Path C:\Windows\System32\taskhostw.exe
Memory Usage 6.29 MB
Peak Memory Usage 14 MB
taskhostw.exe
Process ID 7280
User Paul
Domain PC
Path C:\Windows\System32\taskhostw.exe
Memory Usage 16 MB
Peak Memory Usage 17 MB
TextInputHost.exe
Process ID 6796
User Paul
Domain PC
Path C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
Memory Usage 53 MB
Peak Memory Usage 55 MB
unsecapp.exe
Process ID 12672
User Paul
Domain PC
Path C:\Windows\System32\wbem\unsecapp.exe
Memory Usage 8.50 MB
Peak Memory Usage 8.86 MB
updatesrv.exe
Process ID 5392
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
Memory Usage 19 MB
Peak Memory Usage 25 MB
UserOOBEBroker.exe
Process ID 12952
User Paul
Domain PC
Path C:\Windows\System32\oobe\UserOOBEBroker.exe
Memory Usage 9.70 MB
Peak Memory Usage 9.76 MB
WhatsApp.exe
Process ID 12440
User Paul
Domain PC
Path C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2450.6.0_x64__cv1g1gvanyjgm\WhatsApp.exe
Memory Usage 37 MB
Peak Memory Usage 101 MB
wininit.exe
Process ID 1052
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\wininit.exe
Memory Usage 7.08 MB
Peak Memory Usage 7.26 MB
winlogon.exe
Process ID 1372
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\winlogon.exe
Memory Usage 12 MB
Peak Memory Usage 27 MB
WmiPrvSE.exe
Process ID 3824
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\wbem\WmiPrvSE.exe
Memory Usage 9.77 MB
Peak Memory Usage 10 MB
WmiPrvSE.exe
Process ID 3956
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\wbem\WmiPrvSE.exe
Memory Usage 23 MB
Peak Memory Usage 23 MB
wsccommunicator.exe
Process ID 6912
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Bitdefender\Bitdefender Security\wsccommunicator.exe
Memory Usage 19 MB
Peak Memory Usage 20 MB
Security Options
Accounts: Administrator account status Disabled
Accounts: Block Microsoft accounts Not Defined
Accounts: Guest account status Disabled
Accounts: Limit local account use of blank passwords to console logon only Enabled
Accounts: Rename administrator account Administrator
Accounts: Rename guest account Guest
Audit: Audit the access of global system objects Disabled
Audit: Audit the use of Backup and Restore privilege Disabled
Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings Not Defined
Audit: Shut down system immediately if unable to log security audits Disabled
DCOM: Machine Access Restrictions in Security Descriptor Definition Language (SDDL) syntax Not Defined
DCOM: Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax Not Defined
Devices: Allow undock without having to log on Enabled
Devices: Allowed to format and eject removable media Not Defined
Devices: Prevent users from installing printer drivers Disabled
Devices: Restrict CD-ROM access to locally logged-on user only Not Defined
Devices: Restrict floppy access to locally logged-on user only Not Defined
Domain controller: Allow computer account re-use during domain join Not Defined
Domain controller: Allow server operators to schedule tasks Not Defined
Domain controller: Allow vulnerable Netlogon secure channel connections Not Defined
Domain controller: LDAP server channel binding token requirements Not Defined
Domain controller: LDAP server signing requirements Not Defined
Domain controller: Refuse machine account password changes Not Defined
Domain member: Digitally encrypt or sign secure channel data (always) Enabled
Domain member: Digitally encrypt secure channel data (when possible) Enabled
Domain member: Digitally sign secure channel data (when possible) Enabled
Domain member: Disable machine account password changes Disabled
Domain member: Maximum machine account password age 30 days
Domain member: Require strong (Windows 2000 or later) session key Enabled
Interactive logon: Display user information when the session is locked Not Defined
Interactive logon: Do not require CTRL+ALT+DEL Not Defined
Interactive logon: Don't display last signed-in Disabled
Interactive logon: Don't display username at sign-in Not Defined
Interactive logon: Machine account lockout threshold Not Defined
Interactive logon: Machine inactivity limit Not Defined
Interactive logon: Message text for users attempting to log on
Interactive logon: Message title for users attempting to log on
Interactive logon: Number of previous logons to cache (in case domain controller is not available) 10 logons
Interactive logon: Prompt user to change password before expiration 5 days
Interactive logon: Require Domain Controller authentication to unlock workstation Disabled
Interactive logon: Require Windows Hello for Business or smart card Disabled
Interactive logon: Smart card removal behavior No Action
Microsoft network client: Digitally sign communications (always) Disabled
Microsoft network client: Digitally sign communications (if server agrees) Enabled
Microsoft network client: Send unencrypted password to third-party SMB servers Disabled
Microsoft network server: Amount of idle time required before suspending session 15 minutes
Microsoft network server: Attempt S4U2Self to obtain claim information Not Defined
Microsoft network server: Digitally sign communications (always) Disabled
Microsoft network server: Digitally sign communications (if client agrees) Disabled
Microsoft network server: Disconnect clients when logon hours expire Enabled
Microsoft network server: Server SPN target name validation level Not Defined
Minimum password length audit Not Defined
Network access: Allow anonymous SID/Name translation Disabled
Network access: Do not allow anonymous enumeration of SAM accounts Enabled
Network access: Do not allow anonymous enumeration of SAM accounts and shares Disabled
Network access: Do not allow storage of passwords and credentials for network authentication Disabled
Network access: Let Everyone permissions apply to anonymous users Disabled
Network access: Named Pipes that can be accessed anonymously
Network access: Remotely accessible registry paths System\CurrentControlSet\Control\ProductOptions,System\CurrentControlSet\Control\Server Applications,Software\Microsoft\Windows NT\CurrentVersion
Network access: Remotely accessible registry paths and sub-paths System\CurrentControlSet\Control\Print\Printers,System\CurrentControlSet\Services\Eventlog,Software\Microsoft\OLAP Server,Software\Microsoft\Windows NT\CurrentVersion\Print,Software\Microsoft\Windows NT\CurrentVersion\Windows,System\CurrentControlSet\Control\ContentIndex,System\CurrentControlSet\Control\Terminal Server,System\CurrentControlSet\Control\Terminal Server\UserConfig,System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration,Software\Microsoft\Windows NT\CurrentVersion\Perflib,System\CurrentControlSet\Services\SysmonLog
Network access: Restrict anonymous access to Named Pipes and Shares Enabled
Network access: Restrict clients allowed to make remote calls to SAM
Network access: Shares that can be accessed anonymously Not Defined
Network access: Sharing and security model for local accounts Classic - local users authenticate as themselves
Network security: Allow Local System to use computer identity for NTLM Not Defined
Network security: Allow LocalSystem NULL session fallback Not Defined
Network security: Allow PKU2U authentication requests to this computer to use online identities.
 
Not Defined
Network security: Configure encryption types allowed for Kerberos Not Defined
Network security: Do not store LAN Manager hash value on next password change Enabled
Network security: Force logoff when logon hours expire Disabled
Network security: LAN Manager authentication level Not Defined
Network security: LDAP client signing requirements Negotiate signing
Network security: Minimum session security for NTLM SSP based (including secure RPC) clients Require 128-bit encryption
Network security: Minimum session security for NTLM SSP based (including secure RPC) servers Require 128-bit encryption
Network security: Restrict NTLM: Add remote server exceptions for NTLM authentication Not Defined
Network security: Restrict NTLM: Add server exceptions in this domain Not Defined
Network security: Restrict NTLM: Audit Incoming NTLM Traffic Not Defined
Network security: Restrict NTLM: Audit NTLM authentication in this domain Not Defined
Network security: Restrict NTLM: Incoming NTLM traffic Not Defined
Network security: Restrict NTLM: NTLM authentication in this domain Not Defined
Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers Not Defined
Recovery console: Allow automatic administrative logon Disabled
Recovery console: Allow floppy copy and access to all drives and all folders Disabled
Relax minimum password length limits Not Defined
Shutdown: Allow system to be shut down without having to log on Enabled
Shutdown: Clear virtual memory pagefile Disabled
System cryptography: Force strong key protection for user keys stored on the computer Not Defined
System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing Disabled
System objects: Require case insensitivity for non-Windows subsystems Enabled
System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links) Enabled
System settings: Optional subsystems
System settings: Use Certificate Rules on Windows Executables for Software Restriction Policies Disabled
User Account Control: Admin Approval Mode for the Built-in Administrator account Not Defined
User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop Disabled
User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode Prompt for consent for non-Windows binaries
User Account Control: Behavior of the elevation prompt for standard users Prompt for credentials
User Account Control: Detect application installations and prompt for elevation Enabled
User Account Control: Only elevate executables that are signed and validated Disabled
User Account Control: Only elevate UIAccess applications that are installed in secure locations Enabled
User Account Control: Run all administrators in Admin Approval Mode Enabled
User Account Control: Switch to the secure desktop when prompting for elevation Enabled
User Account Control: Virtualize file and registry write failures to per-user locations Enabled
Device Tree
ACPI x64-based PC
Microsoft ACPI-Compliant System
ACPI Fixed Feature Button
ACPI Power Button
AMD GPIO Controller
AMD GPIO Controller
AMD Ryzen 5 1600 Six-Core Processor
AMD Ryzen 5 1600 Six-Core Processor
AMD Ryzen 5 1600 Six-Core Processor
AMD Ryzen 5 1600 Six-Core Processor
AMD Ryzen 5 1600 Six-Core Processor
AMD Ryzen 5 1600 Six-Core Processor
AMD Ryzen 5 1600 Six-Core Processor
AMD Ryzen 5 1600 Six-Core Processor
AMD Ryzen 5 1600 Six-Core Processor
AMD Ryzen 5 1600 Six-Core Processor
AMD Ryzen 5 1600 Six-Core Processor
AMD Ryzen 5 1600 Six-Core Processor
High precision event timer
Microsoft Windows Management Interface for ACPI
Microsoft Windows Management Interface for ACPI
Microsoft Windows Management Interface for ACPI
Motherboard resources
Motherboard resources
PCI Express Root Complex
AMD SMBus
Motherboard resources
Motherboard resources
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
System board
PCI-to-PCI Bridge
Standard SATA AHCI Controller
AMD USB 3.10 eXtensible Host Controller - 1.10 (Microsoft)
USB Root Hub (USB 3.0)
Intel® Wireless Bluetooth®
Bluetooth Device (Personal Area Network)
Bluetooth Device (RFCOMM Protocol TDI)
Microsoft Bluetooth LE Enumerator
Microsoft Bluetooth Enumerator
Bluetooth Peripheral Device
Bluetooth Peripheral Device
Bluetooth Peripheral Device
Bluetooth Peripheral Device
CDP Proximal Transport Service
Device Identification Service
GV-BT750
GV-BT750 Avrcp Transport
GV-BT750 Avrcp Transport
GV-BT750 Stereo
Headset Audio Gateway Service
IcService_New
LAPTOP-DH11VS26
LAPTOP-DH11VS26 A2DP SNK
LAPTOP-DH11VS26 Avrcp Transport
LAPTOP-DH11VS26 Avrcp Transport
LAPTOP-DH11VS26 Hands-Free HF
LAPTOP-DH11VS26 Stereo
Object Push Service
OPENEAR Septette
OPENEAR Septette Avrcp Transport
OPENEAR Septette Avrcp Transport
OPENEAR Septette Stereo
Paul's Galaxy S9+
Paul's Galaxy S9+ A2DP SNK
Paul's Galaxy S9+ Avrcp Transport
Paul's Galaxy S9+ Avrcp Transport
Personal Area Network NAP Service
Personal Area Network Service
Personal Area Network Service
Phonebook Access Pse Service
Service Discovery Service
Sim Access Service
SMS/MMS
LAPTOP-DH11VS26 Hands-Free AG
LAPTOP-DH11VS26 Hands-Free AG Audio
OPENEAR Septette Hands-Free AG
OPENEAR Septette Hands-Free AG Audio
GV-BT750  Hands-Free AG
GV-BT750 Hands-Free AG Audio
Paul's Galaxy S9+ Hands-Free HF
Paul's Galaxy S9+ Hands-Free HF Audio
PCI-to-PCI Bridge
PCI-to-PCI Bridge
PCI-to-PCI Bridge
Intel® Dual Band Wireless-AC 7265
Microsoft Wi-Fi Direct Virtual Adapter
Microsoft Wi-Fi Direct Virtual Adapter #2
PCI-to-PCI Bridge
Realtek PCIe GbE Family Controller #2
PCI-to-PCI Bridge
NVIDIA GeForce GTX 1050
Generic PnP Monitor
Generic PnP Monitor
High Definition Audio Controller
NVIDIA High Definition Audio
2070W (5- NVIDIA High Definition Audio)
2070W (5- NVIDIA High Definition Audio)
PCI-to-PCI Bridge
AMD PCI
AMD PSP 3.0 Device
Motherboard resources
AMD USB 3.0 eXtensible Host Controller - 1.0 (Microsoft)
USB Root Hub (USB 3.0)
Generic SuperSpeed USB Hub
Generic USB Hub
USB Input Device
HID-compliant mouse
USB Composite Device
USB Input Device
HID Keyboard Device
USB Input Device
HID-compliant consumer control device
HID-compliant system controller
PCI-to-PCI Bridge
AMD PCI
Standard SATA AHCI Controller
WDC WDS240G2G0B-00EPW0
High Definition Audio Controller
High Definition Audio Device
Digital Audio (S/PDIF) (High Definition Audio Device)
PCI standard ISA bridge
Communications Port (COM1)
Direct memory access controller
Motherboard resources
Programmable interrupt controller
System CMOS/real time clock
System speaker
System timer
Printer Port (LPT1)
Printer Port Logical Interface
CPU
AMD Ryzen 5
Cores 6
Threads 12
Name AMD Ryzen 5
Code Name Pinnacle Ridge
Package Socket AM4 (1331)
Technology 12nm
Specification AMD Ryzen 5 1600 Six-Core Processor
Family F
Extended Family 17
Model 8
Extended Model 8
Stepping 2
Revision PiR-B2
Instructions MMX (+), SSE, SSE2, SSE3, SSSE3, SSE4.1, SSE4.2, SSE4A, AMD 64, NX, VMX, AES, AVX, AVX2, FMA3
Virtualization Supported, Enabled
Hyperthreading Supported, Enabled
Fan Speed 908 RPM
Bus Speed 100.0 MHz
Average Temperature 23 °C
Caches
L1 Data Cache Size 6 x 32 KBytes
L1 Instructions Cache Size 6 x 64 KBytes
L2 Unified Cache Size 6 x 512 KBytes
L3 Unified Cache Size 2 x 8192 KBytes
Cores
Core 0
Core Speed 2999.4 MHz
Multiplier x 30.0
Bus Speed 100.0 MHz
Temperature 23 °C
Threads APIC ID: 0, 1
Core 1
Core Speed 2999.4 MHz
Multiplier x 30.0
Bus Speed 100.0 MHz
Threads APIC ID: 2, 3
Core 2
Core Speed 2999.4 MHz
Multiplier x 30.0
Bus Speed 100.0 MHz
Threads APIC ID: 4, 5
Core 3
Core Speed 2939.4 MHz
Multiplier x 29.40
Bus Speed 100.0 MHz
Threads APIC ID: 8, 9
Core 4
Core Speed 3674.3 MHz
Multiplier x 36.75
Bus Speed 100.0 MHz
Threads APIC ID: 10, 11
Core 5
Core Speed 3699.3 MHz
Multiplier x 37.0
Bus Speed 100.0 MHz
Threads APIC ID: 12, 13
RAM
Memory slots
Total memory slots 4
Used memory slots 2
Free memory slots 2
Memory
Type DDR4
Size 8192 MBytes
Channels # Dual
DRAM Frequency 1199.3 MHz
CAS# Latency (CL) 17 clocks
RAS# to CAS# Delay (tRCD) 17 clocks
RAS# Precharge (tRP) 17 clocks
Cycle Time (tRAS) 39 clocks
Bank Cycle Time (tRC) 56 clocks
Command Rate (CR) 1T
Physical Memory
Memory Usage 43 %
Total Physical 7.93 GB
Available Physical 4.52 GB
Total Virtual 11 GB
Available Virtual 6.84 GB
SPD
Number Of SPD Modules 2
Slot #1
Type DDR4
Size 4096 MBytes
Manufacturer Unknown
Max Bandwidth DDR4-2400 (1200 MHz)
SPD Ext. XMP
Timing table
JEDEC #1
Frequency 727.3 MHz
CAS# Latency 10.0
RAS# To CAS# 10
RAS# Precharge 10
tRAS 24
tRC 34
Voltage 1.200 V
JEDEC #2
Frequency 800.0 MHz
CAS# Latency 11.0
RAS# To CAS# 11
RAS# Precharge 11
tRAS 26
tRC 37
Voltage 1.200 V
JEDEC #3
Frequency 872.7 MHz
CAS# Latency 12.0
RAS# To CAS# 12
RAS# Precharge 12
tRAS 28
tRC 40
Voltage 1.200 V
JEDEC #4
Frequency 945.5 MHz
CAS# Latency 13.0
RAS# To CAS# 13
RAS# Precharge 13
tRAS 31
tRC 44
Voltage 1.200 V
JEDEC #5
Frequency 1018.2 MHz
CAS# Latency 14.0
RAS# To CAS# 14
RAS# Precharge 14
tRAS 33
tRC 47
Voltage 1.200 V
JEDEC #6
Frequency 1090.9 MHz
CAS# Latency 15.0
RAS# To CAS# 15
RAS# Precharge 15
tRAS 35
tRC 50
Voltage 1.200 V
JEDEC #7
Frequency 1163.6 MHz
CAS# Latency 16.0
RAS# To CAS# 16
RAS# Precharge 16
tRAS 38
tRC 54
Voltage 1.200 V
JEDEC #8
Frequency 1200.5 MHz
CAS# Latency 17.0
RAS# To CAS# 17
RAS# Precharge 17
tRAS 39
tRC 55
Voltage 1.200 V
JEDEC #9
Frequency 1200.5 MHz
CAS# Latency 18.0
RAS# To CAS# 17
RAS# Precharge 17
tRAS 39
tRC 55
Voltage 1.200 V
JEDEC #10
Frequency 1200.5 MHz
CAS# Latency 19.0
RAS# To CAS# 17
RAS# Precharge 17
tRAS 39
tRC 55
Voltage 1.200 V
JEDEC #11
Frequency 1200.5 MHz
CAS# Latency 20.0
RAS# To CAS# 17
RAS# Precharge 17
tRAS 39
tRC 55
Voltage 1.200 V
JEDEC #12
Frequency 1200.5 MHz
CAS# Latency 21.0
RAS# To CAS# 17
RAS# Precharge 17
tRAS 39
tRC 55
Voltage 1.200 V
XMP-3002
Frequency 1501 MHz
CAS# Latency 16.0
RAS# To CAS# 18
RAS# Precharge 18
tRAS 36
Voltage 1.350 V
Slot #2
Type DDR4
Size 4096 MBytes
Manufacturer Unknown
Max Bandwidth DDR4-2400 (1200 MHz)
SPD Ext. XMP
Timing table
JEDEC #1
Frequency 727.3 MHz
CAS# Latency 10.0
RAS# To CAS# 10
RAS# Precharge 10
tRAS 24
tRC 34
Voltage 1.200 V
JEDEC #2
Frequency 800.0 MHz
CAS# Latency 11.0
RAS# To CAS# 11
RAS# Precharge 11
tRAS 26
tRC 37
Voltage 1.200 V
JEDEC #3
Frequency 872.7 MHz
CAS# Latency 12.0
RAS# To CAS# 12
RAS# Precharge 12
tRAS 28
tRC 40
Voltage 1.200 V
JEDEC #4
Frequency 945.5 MHz
CAS# Latency 13.0
RAS# To CAS# 13
RAS# Precharge 13
tRAS 31
tRC 44
Voltage 1.200 V
JEDEC #5
Frequency 1018.2 MHz
CAS# Latency 14.0
RAS# To CAS# 14
RAS# Precharge 14
tRAS 33
tRC 47
Voltage 1.200 V
JEDEC #6
Frequency 1090.9 MHz
CAS# Latency 15.0
RAS# To CAS# 15
RAS# Precharge 15
tRAS 35
tRC 50
Voltage 1.200 V
JEDEC #7
Frequency 1163.6 MHz
CAS# Latency 16.0
RAS# To CAS# 16
RAS# Precharge 16
tRAS 38
tRC 54
Voltage 1.200 V
JEDEC #8
Frequency 1200.5 MHz
CAS# Latency 17.0
RAS# To CAS# 17
RAS# Precharge 17
tRAS 39
tRC 55
Voltage 1.200 V
JEDEC #9
Frequency 1200.5 MHz
CAS# Latency 18.0
RAS# To CAS# 17
RAS# Precharge 17
tRAS 39
tRC 55
Voltage 1.200 V
JEDEC #10
Frequency 1200.5 MHz
CAS# Latency 19.0
RAS# To CAS# 17
RAS# Precharge 17
tRAS 39
tRC 55
Voltage 1.200 V
JEDEC #11
Frequency 1200.5 MHz
CAS# Latency 20.0
RAS# To CAS# 17
RAS# Precharge 17
tRAS 39
tRC 55
Voltage 1.200 V
JEDEC #12
Frequency 1200.5 MHz
CAS# Latency 21.0
RAS# To CAS# 17
RAS# Precharge 17
tRAS 39
tRC 55
Voltage 1.200 V
XMP-3002
Frequency 1501 MHz
CAS# Latency 16.0
RAS# To CAS# 18
RAS# Precharge 18
tRAS 36
Voltage 1.350 V
Motherboard
Manufacturer Micro-Star International Co. Ltd.
Model B450M MORTAR MAX (MS-7B89) (AM4)
Version 1.0
Chipset Vendor AMD
Chipset Model Ryzen SOC
Chipset Revision 00
Southbridge Vendor AMD
Southbridge Model B450
Southbridge Revision 51
System Temperature 24 °C
BIOS
Brand American Megatrends Inc.
Version 2.B0
Date 30/11/2020
Voltage
VDDP 0.000 V
CPU CORE 1.192 V
DRAM 1.216 V
+12V 12.192 V
+5V 5.040 V
NB/SoC 0.880 V
+3.3V 3.392 V
PCI Data
Slot PCI-E
Slot Type PCI-E
Slot Usage In Use
Data lanes x16
Slot Designation J6B2
Characteristics 3.3V, Shared, PME
Slot Number 0
Slot PCI-E
Slot Type PCI-E
Slot Usage In Use
Data lanes x1
Slot Designation J6B1
Characteristics 3.3V, Shared, PME
Slot Number 1
Slot PCI-E
Slot Type PCI-E
Slot Usage In Use
Data lanes x1
Slot Designation J6D1
Characteristics 3.3V, Shared, PME
Slot Number 2
Slot PCI-E
Slot Type PCI-E
Slot Usage In Use
Data lanes x1
Slot Designation J7B1
Characteristics 3.3V, Shared, PME
Slot Number 3
Slot PCI-E
Slot Type PCI-E
Slot Usage In Use
Data lanes x1
Slot Designation J8B4
Characteristics 3.3V, Shared, PME
Slot Number 4
Slot PCI-E
Slot Type PCI-E
Slot Usage In Use
Data lanes x1
Slot Designation J8D1
Characteristics 3.3V, Shared, PME
Slot Number 5
Slot PCI
Slot Type PCI
Slot Usage In Use
Bus Width 32 bit
Slot Designation J8B3
Characteristics 3.3V, Shared, PME
Slot Number 6
Slot PCI-E x16
Slot Type PCI-E x16
Slot Usage In Use
Data lanes x16
Slot Designation J10
Characteristics 3.3V, PME
Slot Number 7
Slot PCI-E x8
Slot Type PCI-E x8
Slot Usage Available
Data lanes x8
Slot Designation J3600 Pcie x8 slot
Characteristics 3.3V, PME
Slot Number 8
Slot PCI-E x4
Slot Type PCI-E x4
Slot Usage Other
Data lanes x4
Slot Designation J3707 Pcie x4 slot
Characteristics 3.3V, PME
Slot Number 9
Slot PCI-E
Slot Type PCI-E
Slot Usage Available
Data lanes x4
Slot Designation J3700 PCIE x4 slot from Promontory
Characteristics 3.3V, PME
Slot Number 10
Slot PCI-E
Slot Type PCI-E
Slot Usage Available
Data lanes x1
Slot Designation J3702 PCIE x1 slot from Promontory
Characteristics 3.3V, PME
Slot Number 11
Slot PCI-E
Slot Type PCI-E
Slot Usage Available
Data lanes x1
Slot Designation J3703 PCIE x1 slot from Promontory
Characteristics 3.3V, PME
Slot Number 12
Slot PCI-E x1
Slot Type PCI-E x1
Slot Usage In Use
Data lanes x1
Slot Designation J3701 M.2 WLAN/BT slot
Characteristics 3.3V, PME
Slot Number 13
Graphics
Monitor 1
Name 2070W on NVIDIA GeForce GTX 1050
Current Resolution 1536x864 pixels
Work Resolution 1536x824 pixels
State Enabled
Multiple displays Extended, Secondary, Enabled
Monitor Width 1920
Monitor Height 1080
Monitor BPP 32 bits per pixel
Monitor Frequency 60 Hz
Device \\.\DISPLAY1\Monitor0
Monitor 2
Name 2070W on NVIDIA GeForce GTX 1050
Current Resolution 1536x864 pixels
Work Resolution 1536x824 pixels
State Enabled
Multiple displays Extended, Primary, Enabled
Monitor Width 1920
Monitor Height 1080
Monitor BPP 32 bits per pixel
Monitor Frequency 60 Hz
Device \\.\DISPLAY2\Monitor0
NVIDIA GeForce GTX 1050
Manufacturer NVIDIA
Model GeForce GTX 1050
Device ID 10DE-1C81
Revision A2
Subvendor ASUStek Computer Inc (1043)
Current Performance Level Level 0
Current GPU Clock 139 MHz
Current Memory Clock 405 MHz
Current Shader Clock 405 MHz
Voltage 0.675 V
Technology 14 nm
Bus Interface PCI Express x16
Temperature 21 °C
Driver version 32.0.15.6590
BIOS Version 86.07.39.40.1e
Physical Memory 2047 MB
Virtual Memory 2048 MB
Count of performance levels : 1
Level 1 - "Perf Level 0"
GPU Clock 961 MHz
Shader Clock 3504 MHz
Storage
Hard drives
WDC WDS240G2G0B-00EPW0 (SSD)
Manufacturer Western Digital
Form Factor GB/2.5- to 3.5-inch adapter
Interface/Connector ATA/100 with 40-pin IDE connector
Heads 16
Cylinders 29,186
Tracks 7,442,430
Sectors 468,873,090
SATA type SATA-III 6.0Gb/s
Device type Fixed
ATA Standard ACS2
Serial Number 194255802146
Firmware Version Number UJ510000
LBA Size 48-bit LBA
Power On Count 4267 times
Power On Time 476.0 days
Speed Not used (SSD Drive)
Features S.M.A.R.T., APM, NCQ, TRIM, SSD
Max. Transfer Mode SATA III 6.0Gb/s
Used Transfer Mode SATA III 6.0Gb/s
Interface SATA
Capacity 223 GB
Real size 240,065,183,744 bytes
RAID Type None
S.M.A.R.T
Status Good
Temperature 23 °C
Temperature Range OK (less than 50 °C)
S.M.A.R.T attributes
05
Attribute name Reallocated Sectors Count
Real value 0
Current 100
Worst 100
Threshold 0
Raw Value 0000000000
Status Good
09
Attribute name Power-On Hours (POH)
Real value 476d 0h
Current 100
Worst 100
Threshold 0
Raw Value 0000002CA0
Status Good
0C
Attribute name Device Power Cycle Count
Real value 4,267
Current 100
Worst 100
Threshold 0
Raw Value 00000010AB
Status Good
A5
Attribute name Maximum Erase Count
Real value 12,578
Current 100
Worst 100
Threshold 0
Raw Value 0000003122
Status Good
A6
Attribute name Minimum Erase Count
Real value 71
Current 100
Worst 100
Raw Value 0000000047
Status Good
A7
Attribute name Average Erase Count
Real value 0
Current 100
Worst 100
Raw Value 0000000000
Status Good
AA
Attribute name Reserved Block Count
Real value 0
Current 100
Worst 100
Raw Value 0000000000
Status Good
AB
Attribute name Program Fail Count
Real value 0
Current 100
Worst 100
Threshold 0
Raw Value 0000000000
Status Good
AC
Attribute name Erase Fail Count
Real value 0
Current 100
Worst 100
Threshold 0
Raw Value 0000000000
Status Good
AD
Attribute name Wear Leveling Count
Real value 71
Current 100
Worst 100
Threshold 0
Raw Value 0000000047
Status Good
AE
Attribute name Unexpected Power Loss
Real value 58
Current 100
Worst 100
Threshold 0
Raw Value 000000003A
Status Good
B8
Attribute name End-to-End error / IOEDC
Real value 0
Current 100
Worst 100
Raw Value 0000000000
Status Good
BB
Attribute name Reported Uncorrectable Errors
Real value 0
Current 100
Worst 100
Threshold 0
Raw Value 0000000000
Status Good
BC
Attribute name Command Timeout
Real value 0
Current 100
Worst 100
Raw Value 0000000000
Status Good
C2
Attribute name Temperature
Real value 23 °C
Current 77
Worst 55
Threshold 0
Raw Value 0000020017
Status Good
C7
Attribute name UltraDMA CRC Error Count
Real value 0
Current 100
Worst 100
Raw Value 0000000000
Status Good
E6
Attribute name GMR Head Amplitude
Real value 38,882,575,131,485
Current 100
Worst 100
Threshold 0
Raw Value 000E14235D
Status Good
E8
Attribute name Endurance Remaining
Real value 100
Current 100
Worst 100
Threshold 5
Raw Value 0000000064
Status Good
E9
Attribute name Power-On Hours (POH)
Real value 720d 23h
Current 100
Worst 100
Raw Value 0000004397
Status Good
EA
Attribute name Average Erase Count, Max Erase Count
Real value 95,909
Current 100
Worst 100
Threshold 0
Raw Value 00000176A5
Status Good
F1
Attribute name Total LBAs Written
Real value 33,040
Current 100
Worst 100
Threshold 0
Raw Value 0000008110
Status Good
F2
Attribute name Total LBAs Read
Real value 32,481
Current 100
Worst 100
Threshold 0
Raw Value 0000007EE1
Status Good
Partition 0
Partition ID Disk #0, Partition #0
File System FAT32
Volume Serial Number 987D2DEE
Size 96 MB
Used Space 26.8 MB (27%)
Free Space 69 MB (73%)
Partition 1
Partition ID Disk #0, Partition #1
Disk Letter C:
File System NTFS
Volume Serial Number 2A846946
Size 223 GB
Used Space 162 GB (72%)
Free Space 60 GB (28%)
Optical Drives
No optical disk drives detected
Audio
Sound Cards
High Definition Audio Device
NVIDIA High Definition Audio
Playback Devices
2070W (5- NVIDIA High Definition Audio) (default)
Digital Audio (S/PDIF) (High Definition Audio Device)
2070W (5- NVIDIA High Definition Audio) (default)
Peripherals
HID Keyboard Device
Device Kind Keyboard
Device Name HID Keyboard Device
Vendor Unknown
Location USB Input Device
Driver
Date 6-21-2006
Version 10.0.19041.1
File C:\Windows\system32\DRIVERS\kbdhid.sys
File C:\Windows\system32\DRIVERS\kbdclass.sys
HID-compliant mouse
Device Kind Mouse
Device Name HID-compliant mouse
Vendor Unknown
Location USB Input Device
Driver
Date 6-21-2006
Version 10.0.19041.1
File C:\Windows\system32\DRIVERS\mouhid.sys
File C:\Windows\system32\DRIVERS\mouclass.sys
Printers
Fax
Printer Port SHRFAX:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 200 * 200 dpi Monochrome
Status Unknown
Driver
Driver Name Microsoft Shared Fax Driver (v4.00)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\FXSDRV.DLL
Microsoft Print to PDF
Printer Port PORTPROMPT:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name Microsoft Print To PDF (v6.03)
Driver Path C:\Windows\System32\DriverStore\FileRepository\ntprint.inf_amd64_3c5b87ca6a561f32\Amd64\mxdwdrv.dll
Microsoft XPS Document Writer
Printer Port PORTPROMPT:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name Microsoft XPS Document Writer v4 (v6.03)
Driver Path C:\Windows\System32\DriverStore\FileRepository\ntprint.inf_amd64_3c5b87ca6a561f32\Amd64\mxdwdrv.dll
OneNote
Printer Port Microsoft.Office.OneNote_16001.12026.20112.0_x64__8wekyb3d8bbwe_microsoft.onenoteim_S-1-5-21-1357561984-4161033644-3417195034-1001
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 300 * 300 dpi Color
Status Unknown
Driver
Driver Name Microsoft Software Printer Driver (v6.03)
Driver Path C:\Windows\System32\DriverStore\FileRepository\ntprint.inf_amd64_3c5b87ca6a561f32\Amd64\mxdwdrv.dll
OneNote for Windows 10
Printer Port Microsoft.Office.OneNote_16001.14326.22094.0_x64__8wekyb3d8bbwe_microsoft.onenoteim_S-1-5-21-1357561984-4161033644-3417195034-1001
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 300 * 300 dpi Color
Status Unknown
Driver
Driver Name Microsoft Software Printer Driver (v6.03)
Driver Path C:\Windows\System32\DriverStore\FileRepository\ntprint.inf_amd64_3c5b87ca6a561f32\Amd64\mxdwdrv.dll
XP-2200 Series(Network) (Default Printer)
Printer Port EP396DEA:XP-2200 SERIES
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 360 * 360 dpi Color
Status Unknown
Driver
Driver Name EPSON XP-2200 Series (v3.00)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\E1YMAIBJE.DLL
Network
You are connected to the internet
Connected through Intel Dual Band Wireless-AC 7265
IP Address 192.168.1.174
Subnet mask 255.255.255.0
Gateway server 192.168.1.1
Preferred DNS server 192.168.1.1
DHCP Enabled
DHCP server 192.168.1.1
External IP Address 81.178.129.123
Adapter Type IEEE 802.11 wireless
NetBIOS over TCP/IP Enabled via DHCP
NETBIOS Node Type Hybrid node
Link Speed 0 Bps
Computer Name
NetBIOS Name PC
DNS Name PC
Membership Part of workgroup
Workgroup WORKGROUP
Remote Desktop
Disabled
Console
State Active
Domain PC
WinInet Info
LAN Connection
Local system uses a local area network to connect to the Internet
Local system has RAS to connect to the Internet
Wi-Fi Info
Using native Wi-Fi API version 2
Available access points count 8
Wi-Fi ()
SSID
Frequency 2437000 kHz
Channel Number 6
Name No name
Signal Strength/Quality 99
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time Not supported
Wi-Fi (EE-ZJ8C7F)
SSID EE-ZJ8C7F
Frequency 2437000 kHz
Channel Number 6
Name EE-ZJ8C7F
Signal Strength/Quality 33
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (SKYADZAB)
SSID SKYADZAB
Frequency 5180000 kHz
Channel Number 36
Name SKYADZAB
Signal Strength/Quality 63
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (SKYDE3DE)
SSID SKYDE3DE
Frequency 2437000 kHz
Channel Number 6
Name SKYDE3DE
Signal Strength/Quality 93
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (SKYGTMZN)
SSID SKYGTMZN
Frequency 2462000 kHz
Channel Number 11
Name SKYGTMZN
Signal Strength/Quality 50
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (TNCAP2AE996)
SSID TNCAP2AE996
Frequency 5320000 kHz
Channel Number 64
Name TNCAP2AE996
Signal Strength/Quality 99
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags Currently Connected to this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (Three_876465)
SSID Three_876465
Frequency 5240000 kHz
Channel Number 48
Name Three_876465
Signal Strength/Quality 86
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (vodafone28F766)
SSID vodafone28F766
Frequency 2437000 kHz
Channel Number 6
Name vodafone28F766
Signal Strength/Quality 46
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
WinHTTPInfo
WinHTTPSessionProxyType No proxy
Session Proxy
Session Proxy Bypass
Connect Retries 5
Connect Timeout (ms) 60,000
HTTP Version HTTP 1.1
Max Connects Per 1.0 Servers INFINITE
Max Connects Per Servers INFINITE
Max HTTP automatic redirects 10
Max HTTP status continue 10
Send Timeout (ms) 30,000
IEProxy Auto Detect Yes
IEProxy Auto Config
IEProxy
IEProxy Bypass
Default Proxy Config Access Type No proxy
Default Config Proxy
Default Config Proxy Bypass
Sharing and Discovery
Network Discovery Enabled
File and Printer Sharing Enabled
File and printer sharing service Enabled
Simple File Sharing Enabled
Administrative Shares Enabled
Network access: Sharing and security model for local accounts Classic - local users authenticate as themselves
Adapters List
Enabled
Bluetooth Device (Personal Area Network)
Connection Name Bluetooth Network Connection
DHCP enabled Yes
MAC Address A4-02-B9-06-72-F9
HotspotShield TAP-Windows Adapter V9
Connection Name HotspotShield Network Adapter
DHCP enabled No
MAC Address 00-FF-18-36-5F-CA
Intel® Dual Band Wireless-AC 7265
Connection-specific DNS Suffix lan
Connection Name WiFi
NetBIOS over TCPIP Yes
DHCP enabled Yes
MAC Address A4-02-B9-06-72-F5
IP Address 192.168.1.174
Subnet mask 255.255.255.0
Gateway server 192.168.1.1
DHCP 192.168.1.1
DNS Server 192.168.1.1
Realtek PCIe GbE Family Controller #2
Connection Name Ethernet 2
DHCP enabled Yes
MAC Address 2C-F0-5D-A7-4C-FC
Network Shares
No network shares
Current TCP Connections
bdservicehost.exe (2036)
Local 192.168.1.174:49876 ESTABLISHED Remote 34.149.211.227:443 (Querying... ) (HTTPS)
Local 127.0.0.1:49677 ESTABLISHED Remote 127.0.0.1:49678 (Querying... )
Local 192.168.1.174:49822 ESTABLISHED Remote 34.149.211.227:443 (Querying... ) (HTTPS)
Local 192.168.1.174:49996 ESTABLISHED Remote 104.17.107.108:443 (Querying... ) (HTTPS)
Local 127.0.0.1:49678 ESTABLISHED Remote 127.0.0.1:49677 (Querying... )
bdservicehost.exe (2840)
Local 127.0.0.1:49669 ESTABLISHED Remote 127.0.0.1:49668 (Querying... )
Local 192.168.1.174:49899 ESTABLISHED Remote 34.149.211.227:443 (Querying... ) (HTTPS)
Local 127.0.0.1:49668 ESTABLISHED Remote 127.0.0.1:49669 (Querying... )
bdservicehost.exe (2876)
Local 192.168.1.174:49845 ESTABLISHED Remote 34.149.211.227:443 (Querying... ) (HTTPS)
Local 127.0.0.1:49673 ESTABLISHED Remote 127.0.0.1:49672 (Querying... )
Local 127.0.0.1:49672 ESTABLISHED Remote 127.0.0.1:49673 (Querying... )
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.112\msedgewebview2.exe (1180)
Local 192.168.1.174:49948 ESTABLISHED Remote 204.79.197.239:443 (Querying... ) (HTTPS)
Local 192.168.1.174:49947 ESTABLISHED Remote 62.24.251.50:443 (Querying... ) (HTTPS)
C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe (11552)
Local 127.0.0.1:49773 ESTABLISHED Remote 127.0.0.1:49772 (Querying... )
Local 127.0.0.1:49772 ESTABLISHED Remote 127.0.0.1:49773 (Querying... )
C:\Program Files\CCleaner\CCleaner64.exe (12340)
Local 192.168.1.174:49788 ESTABLISHED Remote 35.233.244.198:7500 (Querying... )
C:\Windows\System32\smartscreen.exe (14152)
Local 192.168.1.174:50005 ESTABLISHED Remote 13.87.96.169:443 (Querying... ) (HTTPS)
C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe (10384)
Local 192.168.1.174:49810 LAST-ACK Remote 92.123.128.165:443 (Querying... ) (HTTPS)
Local 192.168.1.174:49752 LAST-ACK Remote 92.123.128.166:443 (Querying... ) (HTTPS)
Local 192.168.1.174:49998 ESTABLISHED Remote 92.123.128.165:443 (Querying... ) (HTTPS)
Local 192.168.1.174:49999 ESTABLISHED Remote 92.123.128.166:443 (Querying... ) (HTTPS)
Local 192.168.1.174:50000 ESTABLISHED Remote 92.123.128.166:443 (Querying... ) (HTTPS)
Local 192.168.1.174:50001 ESTABLISHED Remote 92.123.128.166:443 (Querying... ) (HTTPS)
Local 192.168.1.174:50002 ESTABLISHED Remote 92.123.128.166:443 (Querying... ) (HTTPS)
Local 192.168.1.174:50003 ESTABLISHED Remote 92.123.128.166:443 (Querying... ) (HTTPS)
Local 192.168.1.174:50004 ESTABLISHED Remote 92.123.128.166:443 (Querying... ) (HTTPS)
Local 192.168.1.174:50006 ESTABLISHED Remote 204.79.197.222:443 (Querying... ) (HTTPS)
Local 192.168.1.174:50007 ESTABLISHED Remote 172.202.64.254:443 (Querying... ) (HTTPS)
Local 192.168.1.174:50008 ESTABLISHED Remote 150.171.74.254:443 (Querying... ) (HTTPS)
Local 192.168.1.174:50009 ESTABLISHED Remote 152.199.21.118:443 (Querying... ) (HTTPS)
lsass.exe (1152)
Local 0.0.0.0:49664 LISTEN
services.exe (1132)
Local 0.0.0.0:49681 LISTEN
spoolsv.exe (4888)
Local 0.0.0.0:49676 LISTEN
svchost.exe (1472)
Local 0.0.0.0:135 (DCE) LISTEN
svchost.exe (1836)
Local 0.0.0.0:49666 LISTEN
svchost.exe (2232)
Local 0.0.0.0:49667 LISTEN
svchost.exe (5216)
Local 192.168.1.174:49717 ESTABLISHED Remote 20.90.152.133:443 (Querying... ) (HTTPS)
svchost.exe (8148)
Local 0.0.0.0:5040 LISTEN
System Process
Local 127.0.0.1:49792 TIME-WAIT Remote 127.0.0.1:49791 (Querying... )
Local 192.168.1.174:49955 TIME-WAIT Remote 34.120.68.241:443 (Querying... ) (HTTPS)
Local 192.168.1.174:49985 TIME-WAIT Remote 34.120.68.241:443 (Querying... ) (HTTPS)
Local 192.168.1.174:49953 TIME-WAIT Remote 34.120.68.241:443 (Querying... ) (HTTPS)
Local 192.168.1.174:49945 TIME-WAIT Remote 34.160.176.28:443 (Querying... ) (HTTPS)
Local 192.168.1.174:49946 TIME-WAIT Remote 34.117.223.223:443 (Querying... ) (HTTPS)
Local 192.168.1.174:49984 TIME-WAIT Remote 34.149.211.227:443 (Querying... ) (HTTPS)
Local 192.168.1.174:49983 TIME-WAIT Remote 34.54.215.149:443 (Querying... ) (HTTPS)
Local 192.168.1.174:49982 TIME-WAIT Remote 34.120.68.241:443 (Querying... ) (HTTPS)
Local 192.168.1.174:49986 TIME-WAIT Remote 34.149.211.227:443 (Querying... ) (HTTPS)
Local 192.168.1.174:49981 TIME-WAIT Remote 34.149.211.227:443 (Querying... ) (HTTPS)
Local 192.168.1.174:49979 TIME-WAIT Remote 34.54.215.149:443 (Querying... ) (HTTPS)
Local 192.168.1.174:49977 TIME-WAIT Remote 34.120.68.241:443 (Querying... ) (HTTPS)
Local 192.168.1.174:49975 TIME-WAIT Remote 34.149.211.227:443 (Querying... ) (HTTPS)
Local 192.168.1.174:49973 TIME-WAIT Remote 34.120.68.241:443 (Querying... ) (HTTPS)
Local 192.168.1.174:49968 TIME-WAIT Remote 34.149.211.227:443 (Querying... ) (HTTPS)
Local 192.168.1.174:49967 TIME-WAIT Remote 34.149.211.227:443 (Querying... ) (HTTPS)
Local 192.168.1.174:49966 TIME-WAIT Remote 34.149.211.227:443 (Querying... ) (HTTPS)
Local 192.168.1.174:49964 TIME-WAIT Remote 34.120.68.241:443 (Querying... ) (HTTPS)
Local 127.0.0.1:49950 TIME-WAIT Remote 127.0.0.1:49949 (Querying... )
Local 127.0.0.1:49952 TIME-WAIT Remote 127.0.0.1:49951 (Querying... )
Local 127.0.0.1:49970 TIME-WAIT Remote 127.0.0.1:49969 (Querying... )
Local 127.0.0.1:49972 TIME-WAIT Remote 127.0.0.1:49971 (Querying... )
Local 192.168.1.174:49963 TIME-WAIT Remote 34.54.215.149:443 (Querying... ) (HTTPS)
Local 192.168.1.174:49721 TIME-WAIT Remote 104.17.107.108:443 (Querying... ) (HTTPS)
Local 192.168.1.174:49962 TIME-WAIT Remote 34.149.211.227:443 (Querying... ) (HTTPS)
Local 192.168.1.174:49965 TIME-WAIT Remote 34.149.211.227:443 (Querying... ) (HTTPS)
Local 192.168.1.174:49961 TIME-WAIT Remote 34.120.68.241:443 (Querying... ) (HTTPS)
Local 192.168.1.174:49959 TIME-WAIT Remote 34.54.215.149:443 (Querying... ) (HTTPS)
Local 192.168.1.174:49957 TIME-WAIT Remote 34.149.211.227:443 (Querying... ) (HTTPS)
System Process
Local 0.0.0.0:445 (Windows shares) LISTEN
Local 0.0.0.0:5357 LISTEN
Local 192.168.1.174:139 (NetBIOS session service) LISTEN
wininit.exe (1052)
Local 0.0.0.0:49665 LISTEN
Generated with Speccy v1.32.803
 

  • 0

Advertisements


#11
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,713 posts
  • MVP

In the BIOS setup starting at page 38 of 

https://download-2.m...b/E7B89v1.1.pdf

 

there are  options on Page 48 under Wake Up Event Setup

i that might have an effect.

 

Wake Up Event By [BIOS]; Try changing this to OS.

Verify the rest are disabled.

 

Resume From S3/S4/S5 by PS/2 Mouse [Disabled]  Leave Disabled.

If you make any changes make sure you Save and Exit.

 

IF that doesn't help:

 

Try the chipset software first:

 

https://download.msi...ers_am4_tr4.zip

 

Download, Save, go to the Download folder right click on the file and Extract All.  Extract.  Then double click on the folder and right click ont he file then Run As Admin.

 

 

If that doesn't help then try the BIOS update. 

 

https://www.msi.com/...AX/support#bios

 

I'd try the latest non-beta version first.  7B89v2M.  If that doesn't help then try the 7B89v2N2(Beta version)

 

This needs a blank USB drive (just needs to be bigger than 32 MB).  Plug it in first. Once you extract the file, double click on the folder and find E7B89AMS.2M0.  Copy it and paste it to your USB Drive.

 

Then follow the instructions https://storage-asse...sh_the_BIOS.pdf


  • 0

#12
ClearGreen

ClearGreen

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Ok, I got into the BIOS and changed the Wake Up Event to OS.  That seemed to sort it.  I have restarted the Pc 3 times and each time the Pc has closed down just as it should.
 
Then I went back into the BIOS and looked for 'Resume From S3/S4/S5 by PS/2 Mouse', but I can't find any mention of it in the BIOS search which is where I found the options for the 'Wake Up Event'.  Am I looking in the wrong place?
 
UPDATE: 
The Pc has just closed down and then rebooted of its own accord. 
 
Then I tried to close it down and it rebooted rather than shutting down.  
I have just closed it down and restarted it three time and it has behaved perfectly each time.
 
There just doesn't seem to be any rhyme or reason to it.
 
ANOTHER UPDATE: 
It's now closing down more frequently and with shorter periods between open and close.  Some as short as a couple of minutes.
 
UPDATE  III:
Now it is repeatedly opening/closing with about 1 minute in between.  It even closes and then reopens when I don't enter my password.
 
I did say that I hoped you like a challenge.  :(
 
 
Regards
Paul

Edited by ClearGreen, 11 January 2025 - 05:44 AM.

  • 0

#13
ClearGreen

ClearGreen

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Hi

 

I know this is just a stab in the dark, but could this problem have anything to do with a timer in the Pc or some part of it getting too hot.  It's just that I've notice over the last couple of days the spasmodic rebooting doesn't seem to happen if the Pc is only on for a shot time.  Today I turned it on and just left it for the most part and just now it's rebooted several times after basically sitting idle for about 4 hours.

 

Just a thought.

 

Anyway, do you want me to carry out THE instructions in your last reply in spite of the fact that I couldn't find the 'Resume From S3/S4/S5 by PS/2 Mouse' part in the BIOS?

 

Kind regards

Paul


Edited by ClearGreen, 12 January 2025 - 09:13 AM.

  • 0

#14
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,713 posts
  • MVP

We may need to try the other items especially since it seemed to have a positive effect when you played with the BIOS but you can usually check your temps with Speedfan.  Hasn't been updated in a while but still seems to work on most PCs.

 

 
(Download Latest Version)
 
Download, save and Install it (Win 7+ or Vista right click and Run As Admin.) then run it (Win 7+ or Vista right click on the desktop shortcut and Run As Admin.).
 
sf1.JPG
 
It will tell you your temps in real time in the systray when you minimize it tho the default is to show the hard drive temp in the systray.  You can change it:  Hit Configure then click on the highest temp (that changes - sometimes it picks up a high constant value that has to be ignored)  and check Show in tray. 
 
Make it easier to read:  Click on (Configure) Options then change the Icon Text to Yellow.
sf2.JPG
 
Win 10 hides icons by default so: Settings, Personalization,  Taskbar, Select which Icons appear on Taskbar,  then turn Speedfan ON.
 
I would record the temps before each shutdown and see if there is a connection.
 
Normally a desktop should be around 40 C at idle.  Shouldn't climb much the longer it is on but a heavy load (Play a video or do a virus scan) might  raise it to about 65 C.  Much over that and we need to do some cleaning of the CPU heatsink however Speccy showed a pretty low temp so I wouldn't get your hopes up.
 

  • 0

#15
ClearGreen

ClearGreen

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Okay.  I've looked again for the 'Resume From S3/….', but couldn't find it in the BIOS. 

 

Then I carried on and installed the SpeedFan software.  The problem is, I can't seem to make it look like the image you posted up.  I suspect I am only getting the default HD reading rather than the required Desktop temperature.  When I go into 'Configure' there is only one reading showing and that, I suspect, is the HD reading at about 26-27C.

 

SpeedFanI.png

 

 SpeedFanII.png

 

Then I went back and installed the Chipset software and updated the BIOS.  Both I think were successful, but how to be sure is another matter.

 

So far this morning there hasn't been any random restarts so far.  I guess that's a good thing.

 

Regards

Paul


Edited by ClearGreen, 13 January 2025 - 12:15 PM.

  • 0






Similar Topics

5 user(s) are reading this topic

0 members, 5 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP