I can't remove Yahoo search from Google Chrome or Edge on my Windows 11 desktop pc
- Thread starter vg1234
- Start date
- Status
- Mar 9, 2017
- 636
Hello..! Welcome to MalwareTips..! 
My name is icotonev and I'm here to help you remove malware ..! Before we begin, please note the following:
For the analysis of your system I also need the FRST.txt file..Please attach it in your next post..! Thanks ..!
My name is icotonev and I'm here to help you remove malware ..! Before we begin, please note the following:
- First, please keep in mind most of us at MalwareTips volunteer our assistance for your benefit in your time of need. Logs from malware diagnostic or removal programs can take some time to get analyzed. Also, have in mind that all the experts here are volunteers and may not be available to assist when you post. Please, be patient, while I analyze your logs.
- It is important to not run any tools or take any steps other than those I will provide for you.Also, do not uninstall or install any software during the procedure, unless I ask you to do so.
- Cracked or pirated programs are not only illegal, but also can make your computer a malware target. Having such programs installed, is the easiest way to get infected. Thus, no need to clean the computer, since, soon or later, it will get infected again. If you have such programs, please uninstall them now, before we start the cleaning procedure.
- Please perform all steps in the order they are listed. If things are not clear or you experience problems be sure to stop and let me know.
- Please attach all logs into your post unless otherwise requested.
- When your computer is clean I will let you know, provide instructions to remove tools and reports, and offer you information about how you can combat future infections.
- If you do not reply to your topic after 3 days I will assume it has been abandoned and I will close it.
For the analysis of your system I also need the FRST.txt file..Please attach it in your next post..! Thanks ..!
- Mar 9, 2017
- 636
Thank you..!
Running Microsoft Edge Without Extensions and Checking Sync Status
Disabling Extensions in Google Chrome and Checking Sync Status
Malwarebytes AdwCleaner
Farbar Recovery Scan Tool - Fix
NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system that cannot be undone
Please download the attached file to the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.
Run FRST and click Fix only once and wait.
The Computer will restart when the fix is completed.
It will create a log (Fixlog.txt) please post it to your reply.
Running Microsoft Edge Without Extensions and Checking Sync Status
- Launch Edge
- Type edge://settings/profiles/sync in the address bar and hit Enter
- Under your user name report whether it indicates Sync is on or Turn on Sync
- Close Edge
- Press the Windows Key + R at the same time
- Copy and paste the below in the Run box
Code:
msedge --disable-extensions- Click OK
- Check the browser performance and report the results
Disabling Extensions in Google Chrome and Checking Sync Status
- Open Chrome
- Copy and paste the following in the address bar then hit Enter
Code:
chrome://settings/syncSetup- To the right of your profile name if you see Turn off, click on it. If it says Turn on sync leave the setting as is
- Close, then reopen Chrome
- Press the Windows Key + R at the same time
- Copy and paste the following into the Open: box
Code:
chrome --disable-extensions- Click OK
- Select your main user profile
- Check the browser performance and report the results in your reply
Malwarebytes AdwCleaner
- Please download AdwCleaner and save it to your Desktop
- Close all open programs and browsers
- Right click on the icon and select Run as administrator
- Click Scan now
- Uncheck any detected items you would to keep then click Next
- If a Preinstalled software was found! screen appears review it if you'd like then click OK
- Review the list of Preinstalled software and place a check mark in those you do not wish to keep
- Click Quarantine, then Continue
- When completed click View Log File
- Copy and paste the contents in your reply
- Close the AdwCleaner window
Farbar Recovery Scan Tool - Fix
NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system that cannot be undone
Please download the attached file to the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.
Run FRST and click Fix only once and wait.
The Computer will restart when the fix is completed.
It will create a log (Fixlog.txt) please post it to your reply.
- Jan 3, 2025
- 17
In Edge, Sync is on.
Following running < msedge --disable-extensions >, Edge still shows Yahoo search. The default Bing search engine is selected in Settings and Yahoo is deleted.
In Chrome, following running < chrome --disable-extensions > Chrome still shows Yahoo search. The default Google search engine is selected in Settings and Yahoo is deleted.
I ran AdwCleaner. It showed clean. I selected to quarantine the preinstalled software, but I got a system crash. I rebooted, ran it again and it apparently succeeded. The three log files are pasted below.
I ran FRST with the fix file and the results are pasted at the bottom.
Following running < msedge --disable-extensions >, Edge still shows Yahoo search. The default Bing search engine is selected in Settings and Yahoo is deleted.
In Chrome, following running < chrome --disable-extensions > Chrome still shows Yahoo search. The default Google search engine is selected in Settings and Yahoo is deleted.
I ran AdwCleaner. It showed clean. I selected to quarantine the preinstalled software, but I got a system crash. I rebooted, ran it again and it apparently succeeded. The three log files are pasted below.
I ran FRST with the fix file and the results are pasted at the bottom.
Last edited by a moderator:
- Mar 9, 2017
- 636
Turn off sync..!
:max_bytes(150000):strip_icc()/resetedge-5165db6a9625428bb82bbc7965fb8009.jpg)
How to Reset Microsoft Edge
To reset the Microsoft Edge browser to its original state, you need to restore settings and clear out personal data like favorites and passwords.
or follow these steps:
- On your computer, open Chrome.
- At the top right, select Profile
Sync is on.
- Select Turn off.
- On your computer, open Chrome.
- Go to chrome.google.com/sync.
- Select Delete data.
Sign in and sync in Chrome - Computer - Google Chrome Help
When you sign in to Chrome with your Google Account, you can get your info on all your devices and use additional Chrome features. When you sign in You can get your bookmarks, passwords, and
support.google.com
You can delete your Chrome browsing history and other browsing data, like saved form entries, or just delete data from a specific date.
- On your computer, open Chrome.
- At the top right, click More
Delete browsing data.
- Choose a time range, like Last hour or All time.
- Select the types of information you want to remove.
- Click Delete data.
- If you delete cookies while signed in to Chrome, you won't be signed out of your Google Account.
Delete browsing data in Chrome - Android - Google Chrome Help
You can delete your Chrome browsing history and other browsing data, like saved form entries, or just delete data from a specific date. What happens to your info Data th
support.google.com
To reset or restore Chrome settings to default in Windows 11, do the following:
- Open Chrome.
- Type chrome://settings in address bar
- Hit Enter.
- Scroll towards the end and click on Advanced settings.
- Toward the end, you will see Restore settings to their original defaults.
- Click on the button to restore to open the Reset settings panel
- Click on Reset settings button.
Reset Chrome settings to default - Google Chrome Help
You can restore your browser settings in Chrome at any time. You might need to do this if apps or extensions you installed changed your settings without your knowledge. Your saved bookmarks and passwo
support.google.com
:max_bytes(150000):strip_icc()/GettyImages-769719673-5a996fffeb97de0036aab0c9.jpg)
How to Reset Google Chrome to Its Default State
Use this tutorial to use Chrome Advanced Settings to reset Google Chrome browser to its default state in Chrome OS, OS X, and Windows platforms.
Next ....:
Fresh FRST logs
Please run FRST tool once more, and attach for me fresh logs:
- Double-click on the FRST icon to run it, as you did before. When the tool opens click Yes to disclaimer.
- Press Scan button and wait for a while.
- The scanner will produce two logs on your Desktop: FRST.txt and Addition.txt.
- Please attach these two logs in your next reply.
- Fresh FRST logs
Last edited:
- Jan 3, 2025
- 17
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-01-2025
Ran by Vince (administrator) on DESKTOP-VJUNE20 (Dell Inc. XPS 8940) (04-01-2025 15:44:20)
Running from C:\Users\Vince\OneDrive\Desktop\FRST64.exe
Loaded Profiles: Vince
Platform: Microsoft Windows 11 Home Version 23H2 22631.4602 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe
(C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\1.3.911.1\DropboxCrashHandler.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\js\node_modules\adobe-cr\build\Release\Adobe Crash Processor.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Creative Cloud UI Helper.exe <4>
(C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.UserProcess.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> ) C:\Program Files (x86)\Dell\UpdateService\DCF\Dell.Update.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> ) C:\Program Files\Dell\DTP\DiagnosticsSubAgent\Dell.TechHub.Diagnostics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\TechHub\Dell.CoreServices.Client.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\AnalyticsSubAgent\Dell.TechHub.Analytics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\DataManagerSubAgent\Dell.TechHub.DataManager.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\AI\ai.exe
(drivers\RivetNetworks\Killer\KAPSService.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KAPS.exe
(drivers\RivetNetworks\Killer\KNDBWMService.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWM.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_e10111c1ac1fb484\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_e10111c1ac1fb484\igfxEMN.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <8>
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_c6bfc5767fc0181c\WavesSvc64.exe
(Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoNotificationUx.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Dell Inc. -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(services.exe ->) (Dell Technologies Inc. -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\TechHub\Dell.TechHub.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_e10111c1ac1fb484\igfxCUIServiceN.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_2ca0a47853f51398\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_b403dc0201a474ed\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_cde08185192dc86d\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_c20ce9ae4ce56285\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_ab7d4ea1d12c01d4\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_45da76e5d6aa50af\Intel_PIE_Service.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KAPSService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdd.inf_amd64_ae9e06a36785768d\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a4555e9b35287491\RtkAudUService64.exe <3>
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_c6bfc5767fc0181c\WavesSysSvc64.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24112.22.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\WindowsApps\AdobeNotificationClient_6.0.0.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Vince\AppData\Local\Microsoft\OneDrive\24.226.1110.0004\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a4555e9b35287491\RtkAudUService64.exe [1649504 2023-03-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_c6bfc5767fc0181c\WavesSvc64.exe [5083736 2023-02-22] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4116904 2024-10-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files\KeePass Password Safe 2\KeePass.exe [3297664 2024-10-08] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [9237896 2024-12-17] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [MMReminderService] => C:\Program Files (x86)\Mindjet\MindManager 9\MMReminderService.exe [38240 2011-02-11] (Mindjet -> Mindjet)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [133128 2024-05-12] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1130416 2024-09-11] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-21-737299158-121734914-1222051215-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [12304792 2024-12-05] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-737299158-121734914-1222051215-1001\...\Run: [MicrosoftEdgeAutoLaunch_4AFAF161DF58B152F72919B1ECF6E7B4] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3911240 2024-12-19] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\131.0.6778.205\Installer\chrmstp.exe [2024-12-20] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {D54C57C9-101E-4A13-970C-592A308CAD6C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1574856 2024-09-25] (Adobe Inc. -> Adobe Inc.)
Task: {168712E5-0CC0-4226-B1E9-7E80DF0C6AE1} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4116904 2024-10-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {42669BC1-C69E-4E97-835E-10936A340EC4} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [4455336 2024-10-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {09467FFE-8F25-41A5-97F2-4F9B01FF33E3} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {B2186F2C-9A35-423E-B75F-594587C6EECA} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {29CEE9C9-FDA8-459E-9F21-4B3AF7D4DD06} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{46036F2A-CE35-4BF1-A445-52E58C8CE597} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {504044B1-CB3D-4D84-B3BE-BC73CA579589} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64976 2024-10-18] (HP Inc. -> HP Inc.)
Task: {52D7DA99-F4F7-45EC-9582-A0A1483D0E60} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64976 2024-10-18] (HP Inc. -> HP Inc.)
Task: {AC9179C7-D719-47E3-B13F-C9266A5D8ED2} - System32\Tasks\Launch Adobe CCXProcess => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [194048 2024-12-05] (Adobe Inc. -> Adobe Inc.)
Task: {F37D447C-6DC5-41B0-9D4E-18A8032A9056} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28660920 2024-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {60723F4D-DE3F-4174-ADDF-516B51BF2C27} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28660920 2024-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {305F5298-4DAD-4086-9B77-9305989298C2} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [311976 2024-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {5EAFEC4D-AE96-465D-A673-328704A7545E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [311976 2024-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {491CC548-3BCD-4911-8BDC-2908FAC3FE1C} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [186992 2024-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {A974AA07-5270-4510-8EC4-51AE1533FA1A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9A0F15CA-A86E-4720-84C3-F2EF4E6E69F8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {98919F02-9F42-4B1F-9BCF-3061F6DDF56D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E02A3177-D979-4120-9182-D5DE8AB21895} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {60A56495-3691-4903-88ED-B3E4050534AB} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {4E90CC5D-CF17-4948-AD96-C784AFDF8BD9} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {A9B10345-1612-4905-9E3A-1CBF71F8C404} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F183FCDC-C973-46CB-BB45-F394A4846C17} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {B8D0C825-DC85-406D-9E64-C1901C40A293} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {277DA4AD-6FB1-43F9-AC99-51BB0FBFAB91} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3203ECFA-174E-4350-BD31-7B02CDED5E44} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {81135FBA-1469-4E35-8E9B-43DC9B2B83EA} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DDC3A034-BD2A-4039-AB3E-B7B66B2F1766} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {97BF9D2D-2E71-4E13-9880-BC701E03C8D0} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {006318A0-D8A2-467C-B6F5-CA5908F953F4} - System32\Tasks\ZoomUpdateTaskUser-S-1-5-21-737299158-121734914-1222051215-1001 => C:\Users\Vince\AppData\Roaming\Zoom\bin\Zoom.exe [435000 2024-11-26] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{294cba98-ee38-4b44-aeac-fc55fed279c7}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{294cba98-ee38-4b44-aeac-fc55fed279c7}: [DhcpDomain] Home
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Vince\AppData\Local\Microsoft\Edge\User Data\Default [2025-01-04]
Edge HomePage: Default -> hxxps://
Edge StartupUrls: Default -> "hxxps://"
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Vince\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2024-10-23]
Edge Extension: (Google Docs Offline) - C:\Users\Vince\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-21]
Edge Extension: (Edge relevant text changes) - C:\Users\Vince\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-12-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-12-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2024-09-11] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-12-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2024-09-11] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Default [2025-01-04]
CHR HomePage: Default -> hxxps://
CHR StartupUrls: Default -> "","hxxps://google.com/"
CHR DefaultSearchURL: Default -> hxxps://searchsafe.norton.com/search?omnisearch=yes&q={searchTerms}
CHR DefaultSearchKeyword: Default -> nortonsafe
CHR DefaultSuggestURL: Default -> hxxps://ss-sym.search.ask.com/ss?limit=10&li=ff&hl=en&q={searchTerms}
CHR Extension: (Karoo Route Grab) - C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmgakapefkckdimkoglpoooaamfpfhld [2023-07-18]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-10-24]
CHR Extension: (Norton Safe) - C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpnlkmlkncncpgnnkmkgoobfpnjmblnk [2024-10-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-03]
CHR Profile: C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Guest Profile [2025-01-04]
CHR DefaultSearchURL: Guest Profile -> hxxps://www.query-redir.com/r.html?q={searchTerms}&guid=3b2ce94fdb3c20dbb322f7f8d1faedb147d11eaf&version=90&ti=1728499803&path=addresbar&g=925&t=100&brw=c
CHR DefaultSearchKeyword: Guest Profile -> www.query-redir.com
CHR DefaultNewTabURL: Guest Profile -> hxxps://www.query-redir.com/index.html?guid=3b2ce94fdb3c20dbb322f7f8d1faedb147d11eaf&version=90&ti=1728499803&path=newtab&g=925&t=100&brw=c
CHR Profile: C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Profile 1 [2025-01-04]
CHR HomePage: Profile 1 -> hxxps://
CHR StartupUrls: Profile 1 -> "hxxps://"
CHR DefaultSearchURL: Profile 1 -> hxxps://www.query-redir.com/r.html?q={searchTerms}&guid=3b2ce94fdb3c20dbb322f7f8d1faedb147d11eaf&version=90&ti=1728499803&path=addresbar&g=925&t=100&brw=c&legacy=aHR0cHM6Ly9zZWFyY2gtZ3JlYXQuY29tL3NlYXJjaD9zdWJpZD0xMTExOSZ1PTc5Y2NkZWVlZTYxNTc5NWUmY2hhbm5lbD1kZWZhdWx0JmtleXdvcmQ9JXM=
CHR DefaultSearchKeyword: Profile 1 -> www.query-redir.com
CHR DefaultNewTabURL: Profile 1 -> hxxps://www.query-redir.com/index.html?guid=3b2ce94fdb3c20dbb322f7f8d1faedb147d11eaf&version=90&ti=1728499803&path=newtab&g=925&t=100&brw=c&legacy=aHR0cHM6Ly9ocC1zZWFyY2guY29tLz9wYXRoPWNocm9tZS9uZXd0YWImdT03OWNjZGVlZWU2MTU3OTVlJnN1YmlkPTExMTE5JmNoYW5uZWw9ZGVmYXVsdA==
CHR Extension: (Slides) - C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-07-20]
CHR Extension: (Sheets) - C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-07-20]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-07-20]
CHR Extension: (Google Docs Offline) - C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-20]
CHR Extension: (Chrome Media Router) - C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-20]
CHR Profile: C:\Users\Vince\AppData\Local\Google\Chrome\User Data\System Profile [2025-01-04]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [mfhcmdonhekjhfbjmeacdjbhlfgpjabp]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-09-25] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944048 2024-09-11] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13512888 2024-12-07] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2024-12-17] (Dropbox, Inc -> Dropbox, Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [460176 2024-07-15] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [154512 2024-07-15] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [482704 2024-07-15] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [59632 2024-10-29] (Dell Inc. -> )
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [51648 2024-11-13] (Dell Technologies Inc. -> )
R2 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [154544 2024-11-14] (Dell Technologies Inc. -> Dell)
S3 DropboxElevationService; C:\Program Files (x86)\Dropbox\Client\214.4.5217\DropboxElevationService.exe [1659280 2024-12-17] (Dropbox, Inc -> Dropbox, Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243664 2024-10-18] (HP Inc. -> HP Inc.)
R3 KAPSService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KAPSService.exe [78088 2023-07-13] (Intel Corporation -> Intel® Corporation)
R2 Killer Analytics Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [2480944 2023-07-13] (Intel Corporation -> Intel)
R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2981168 2023-07-13] (Intel Corporation -> Intel)
R3 KNDBWM; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [78128 2023-07-13] (Intel Corporation -> Intel® Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9441760 2025-01-03] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-01-03] (Malwarebytes Inc. -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [926176 2024-12-11] (McAfee, LLC -> McAfee, LLC)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvdd.inf_amd64_ae9e06a36785768d\Display.NvContainer\NVDisplay.Container.exe [1275000 2024-10-30] (NVIDIA Corporation -> NVIDIA Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 Dell SupportAssist Remediation; "C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe" [X]
S2 SupportAssistAgent; "C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 CyUcmClient_Device; C:\WINDOWS\System32\drivers\CyUcmClient.sys [149864 2020-06-18] (Cypress Semiconductor Corporation -> Cypress Semiconductor Corporation)
S3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [43400 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies)
R3 DellInstrumentation; C:\WINDOWS\System32\drivers\DellInstrumentation.sys [44472 2024-11-12] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo11X64.sys [209200 2023-07-13] (Intel Corporation -> Rivet Networks, LLC.)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [232024 2025-01-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2025-01-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2025-01-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsl9be86aa3; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6D8431D8-831F-4C19-9FFA-674A93B4E066}\MpKslDrv.sys [267552 2025-01-04] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsld0c45c0e; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6D8431D8-831F-4C19-9FFA-674A93B4E066}\MpKslDrv.sys [267552 2025-01-04] (Microsoft Windows -> Microsoft Corporation)
R3 ScrHIDDriver3; C:\WINDOWS\System32\drivers\ScrHIDDriver3.sys [63296 2021-10-01] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22104 2024-11-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [606624 2024-11-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105888 2024-11-04] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-01-04 15:44 - 2025-01-04 15:44 - 002403840 _____ (Farbar) C:\Users\Vince\OneDrive\Desktop\FRST64.exe
2025-01-04 15:44 - 2025-01-04 15:44 - 000000000 ___RD C:\Users\Vince\OneDrive\Desktop\FRST-OlderVersion
2025-01-04 11:20 - 2025-01-04 11:25 - 000011501 _____ C:\Users\Vince\OneDrive\Desktop\Fixlog.txt
2025-01-04 11:08 - 2025-01-04 11:26 - 000012288 ___SH C:\DumpStack.log.tmp
2025-01-04 11:04 - 2025-01-04 11:04 - 008790880 _____ (Malwarebytes) C:\Users\Vince\OneDrive\Desktop\adwcleaner.exe
2025-01-03 14:45 - 2025-01-03 14:46 - 000049291 _____ C:\Users\Vince\OneDrive\Desktop\Addition.txt
2025-01-03 14:43 - 2025-01-04 15:44 - 000034591 _____ C:\Users\Vince\OneDrive\Desktop\FRST.txt
2025-01-03 14:42 - 2025-01-04 15:44 - 000000000 ____D C:\FRST
2025-01-03 14:32 - 2025-01-04 15:42 - 000000000 ____D C:\Users\Vince\AppData\Local\Malwarebytes
2025-01-03 14:32 - 2025-01-03 14:32 - 000002067 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2025-01-02 10:09 - 2025-01-02 10:10 - 000000000 ___RD C:\Users\Vince\OneDrive\Documents\My Data Sources
2024-12-23 17:50 - 2024-12-23 17:50 - 000001061 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic.lnk
2024-12-23 17:49 - 2024-12-23 17:49 - 000001038 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2025.lnk
2024-12-23 17:46 - 2024-12-23 17:50 - 000000000 ___HD C:\adobeTemp
2024-12-21 19:03 - 2024-12-21 19:03 - 000084992 _____ C:\Users\Vince\Downloads\MASTERLIST April 2024 - March 2025 (Newest).xlsx
2024-12-19 09:42 - 2024-12-19 09:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2024-12-17 11:55 - 2024-12-17 11:55 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2024-12-16 11:08 - 2024-12-16 11:08 - 000016587 _____ C:\Users\Vince\Downloads\Booking System Upload Data Sheet Dec 24.xlsx
2024-12-14 18:47 - 2024-12-14 18:47 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-12-14 11:18 - 2024-12-14 11:18 - 000009549 _____ C:\Users\Vince\Downloads\family 1 response.xlsx
2024-12-13 13:23 - 2024-12-13 13:23 - 001364521 _____ C:\Users\Vince\Downloads\PatientRegistrationForm13-12-24 09-41.pdf
2024-12-13 10:32 - 2024-12-13 10:32 - 000002264 _____ C:\Users\Vince\AppData\LocalLow\c6fd0b40e3699e455c033fee715597271d5deb4392f8f1def83e8f83d8fc53ab
2024-12-12 22:08 - 2024-12-12 22:08 - 000029533 _____ C:\Users\Vince\Downloads\DutyManMembers_241208.csv
2024-12-12 16:56 - 2024-12-12 16:56 - 000002333 _____ C:\Users\Vince\Downloads\list-2912197.csv
2024-12-12 14:30 - 2024-12-12 14:30 - 000000000 ____D C:\Users\Vince\AppData\Local\NEO
2024-12-12 11:14 - 2024-12-12 11:14 - 000002298 _____ C:\Users\Vince\Downloads\sample-import.csv
2024-12-12 11:13 - 2024-12-12 11:13 - 000000509 _____ C:\Users\Vince\Downloads\sample-import (1).csv
2024-12-12 10:14 - 2024-09-24 20:00 - 000786928 _____ (Intel) C:\WINDOWS\system32\libvpl.dll
2024-12-12 10:14 - 2024-09-24 20:00 - 000671656 _____ (Intel) C:\WINDOWS\SysWOW64\libvpl.dll
2024-12-12 10:14 - 2024-09-24 19:59 - 000982280 _____ (Intel Corporation) C:\WINDOWS\system32\libmfxhw64.dll
2024-12-12 10:14 - 2024-09-24 19:59 - 000740872 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\libmfxhw32.dll
2024-12-12 10:14 - 2024-09-24 19:59 - 000624768 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2024-12-12 10:14 - 2024-09-24 19:59 - 000483912 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2024-12-12 10:14 - 2024-09-24 19:58 - 000623400 _____ C:\WINDOWS\SysWOW64\IntelControlLib32.dll
2024-12-12 10:14 - 2024-09-24 19:57 - 027987008 _____ (Intel Corporation) C:\WINDOWS\system32\mfxplugin64_hw.dll
2024-12-12 10:14 - 2024-09-24 19:57 - 020710928 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfxplugin32_hw.dll
2024-12-12 10:14 - 2024-09-24 19:57 - 002041968 _____ C:\WINDOWS\system32\ze_intel_gpu_raytracing.dll
2024-12-12 10:14 - 2024-09-24 19:57 - 000798272 _____ C:\WINDOWS\system32\ze_loader.dll
2024-12-12 10:14 - 2024-09-24 19:57 - 000563560 _____ C:\WINDOWS\system32\ze_tracing_layer.dll
2024-12-12 10:14 - 2024-09-24 19:57 - 000430144 _____ C:\WINDOWS\system32\ze_validation_layer.dll
2024-12-12 10:14 - 2024-09-24 19:57 - 000290280 _____ C:\WINDOWS\SysWOW64\ControlLib32.dll
2024-12-12 10:14 - 2024-09-24 19:56 - 000348976 _____ C:\WINDOWS\system32\ControlLib.dll
2024-12-11 19:14 - 2024-12-11 19:14 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-737299158-121734914-1222051215-1001
2024-12-11 19:14 - 2024-12-11 19:14 - 000002381 _____ C:\Users\Vince\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-12-10 15:55 - 2024-12-10 15:55 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-12-10 15:55 - 2024-12-10 15:55 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-12-08 15:05 - 2024-12-08 15:05 - 000008621 _____ C:\Users\Vince\Downloads\Event_Manager_Export___1733670321.csv
2024-12-08 14:27 - 2024-12-16 22:14 - 000000000 ____D C:\Users\Vince\AppData\Roaming\substanceconnectoropentcp
2024-12-06 13:44 - 2024-12-06 13:44 - 000026702 _____ C:\Users\Vince\Downloads\hubspot-digest-email-events-basic-recipients-list-mail-3-2024-12-06-1.csv
2024-12-06 11:12 - 2024-12-06 11:12 - 000026724 _____ C:\Users\Vince\Downloads\hubspot-digest-email-events-basic-recipients-list-mail-3-2024-12-06.csv
2024-12-05 15:17 - 2024-12-05 15:17 - 000014579 _____ C:\Users\Vince\Downloads\Dump.xlsx
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-01-04 15:43 - 2021-06-03 16:43 - 000000000 ____D C:\Users\Vince\AppData\Roaming\KeePass
2025-01-04 15:32 - 2024-04-15 10:57 - 000000000 ____D C:\Users\Vince\OneDrive\Documents\Outlook Files
2025-01-04 13:53 - 2021-06-07 11:21 - 000000000 ____D C:\Users\Vince\AppData\Roaming\Microsoft\Word
2025-01-04 13:18 - 2022-11-10 14:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-01-04 12:46 - 2022-05-07 05:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-01-04 12:25 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-01-04 12:25 - 2021-05-19 07:14 - 000000000 ____D C:\ProgramData\NVIDIA
2025-01-04 11:43 - 2021-05-19 07:14 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2025-01-04 11:37 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-01-04 11:31 - 2022-11-10 14:31 - 000850308 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-01-04 11:31 - 2022-05-07 05:22 - 000000000 ____D C:\WINDOWS\INF
2025-01-04 11:27 - 2022-05-07 05:24 - 000000000 ___HD C:\Program Files\WindowsApps
2025-01-04 11:27 - 2021-06-03 13:17 - 000000000 ____D C:\Users\Vince\AppData\Roaming\Dropbox
2025-01-04 11:27 - 2021-06-03 13:17 - 000000000 ____D C:\Users\Vince\AppData\Local\Dropbox
2025-01-04 11:27 - 2021-06-03 13:02 - 000000000 ___RD C:\Users\Vince\OneDrive
2025-01-04 11:27 - 2021-06-03 13:00 - 000000000 __SHD C:\Users\Vince\IntelGraphicsProfiles
2025-01-04 11:27 - 2021-06-03 13:00 - 000000000 ____D C:\Users\Vince\AppData\Local\Packages
2025-01-04 11:27 - 2021-05-19 07:27 - 000000000 ____D C:\ProgramData\Packages
2025-01-04 11:26 - 2022-11-10 14:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-01-04 11:26 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\ServiceState
2025-01-04 11:26 - 2022-05-07 05:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2025-01-04 11:26 - 2021-05-19 07:08 - 000000000 ____D C:\Intel
2025-01-04 11:23 - 2021-06-10 14:15 - 000000000 ____D C:\Users\Vince\AppData\LocalLow\Temp
2025-01-04 11:10 - 2022-11-10 14:20 - 000000000 ____D C:\Users\Vince
2025-01-04 11:10 - 2021-05-19 07:20 - 000000000 ____D C:\ProgramData\Dell
2025-01-04 11:09 - 2021-05-19 07:12 - 000000000 ____D C:\Program Files\Dell
2025-01-04 11:08 - 2024-09-30 09:24 - 015458100 ____N C:\WINDOWS\Minidump\010425-17375-01.dmp
2025-01-04 11:08 - 2024-09-10 07:33 - 000000000 ____D C:\WINDOWS\Minidump
2025-01-04 11:08 - 2022-11-10 14:27 - 000001535 _____ C:\WINDOWS\system32\config\VSMIDK
2025-01-04 11:02 - 2024-02-27 10:12 - 000003582 _____ C:\WINDOWS\system32\Tasks\Launch Adobe CCXProcess
2025-01-04 10:51 - 2021-06-04 13:02 - 000000000 ____D C:\Users\Vince\AppData\Roaming\Microsoft\Excel
2025-01-03 14:31 - 2024-10-21 11:10 - 000000000 ____D C:\ProgramData\Malwarebytes
2025-01-03 14:31 - 2024-10-21 11:10 - 000000000 ____D C:\Program Files\Malwarebytes
2025-01-03 14:31 - 2022-05-07 05:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-01-01 22:05 - 2021-06-08 21:18 - 000000000 ____D C:\Users\Vince\AppData\Roaming\Microsoft\PowerPoint
2024-12-31 22:33 - 2021-06-04 13:02 - 000000000 ____D C:\Users\Vince\AppData\Roaming\Microsoft\Office
2024-12-27 12:03 - 2021-05-19 07:12 - 000000000 ____D C:\Program Files (x86)\Dell
2024-12-24 14:20 - 2021-06-03 13:18 - 000000000 ___RD C:\Users\Vince\Dropbox
2024-12-23 17:50 - 2021-06-03 15:02 - 000000000 ____D C:\Program Files\Adobe
2024-12-23 17:49 - 2021-06-03 15:03 - 000000000 ____D C:\ProgramData\Adobe
2024-12-23 17:49 - 2021-06-03 15:02 - 000000000 ____D C:\Program Files\Common Files\Adobe
2024-12-22 09:32 - 2022-11-10 14:29 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-12-22 09:32 - 2022-11-10 14:29 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-12-21 15:18 - 2021-06-03 13:00 - 000000000 ____D C:\Users\Vince\AppData\Local\D3DSCache
2024-12-21 10:17 - 2021-03-18 04:38 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-12-20 10:05 - 2024-10-12 14:21 - 000002211 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-12-19 09:43 - 2021-06-03 13:17 - 000000000 ____D C:\Program Files (x86)\Dropbox
2024-12-16 22:14 - 2021-08-10 14:17 - 000000000 ____D C:\Users\Vince\AppData\Local\CrashDumps
2024-12-16 17:51 - 2021-06-13 16:03 - 000001456 _____ C:\Users\Vince\AppData\Local\Adobe Save for Web 13.0 Prefs
2024-12-14 18:48 - 2022-05-07 05:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-12-14 18:48 - 2021-03-18 04:40 - 000000000 ____D C:\Program Files\Microsoft Office
2024-12-12 22:10 - 2022-11-10 14:27 - 000472936 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-12-12 22:09 - 2023-10-11 21:14 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-12-12 22:09 - 2022-05-07 05:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-12-12 22:09 - 2022-05-07 05:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-12-12 22:09 - 2022-05-07 05:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-12-12 22:09 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-12-12 22:09 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-12-12 22:09 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-12-12 22:09 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-12-12 22:09 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-12-12 22:09 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-12-12 22:09 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\setup
2024-12-12 22:09 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-12-12 22:09 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-12-12 22:09 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2024-12-12 22:09 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-12-12 22:09 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-12-12 22:09 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-12-12 22:09 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-12-12 22:09 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-12-12 22:09 - 2022-05-07 05:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-12-11 19:14 - 2022-11-10 14:29 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-737299158-121734914-1222051215-1001
2024-12-11 19:10 - 2022-05-07 05:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-12-11 19:08 - 2022-11-10 14:29 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-12-09 12:09 - 2021-05-19 07:14 - 000000000 ____D C:\ProgramData\Package Cache
2024-12-09 10:59 - 2022-04-14 10:22 - 000000000 ____D C:\Program Files\dotnet
2024-12-08 14:29 - 2021-06-03 15:00 - 000000000 ____D C:\Users\Vince\AppData\Local\Adobe
2024-12-08 13:57 - 2021-06-03 13:00 - 000000000 ____D C:\Users\Vince\AppData\Roaming\Adobe
==================== Files in the root of some directories ========
2021-06-13 16:03 - 2024-12-16 17:51 - 000001456 _____ () C:\Users\Vince\AppData\Local\Adobe Save for Web 13.0 Prefs
2021-06-03 19:51 - 2021-06-03 19:51 - 000000000 _____ () C:\Users\Vince\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-01-2025
Ran by Vince (04-01-2025 15:45:16)
Running from C:\Users\Vince\OneDrive\Desktop
Microsoft Windows 11 Home Version 23H2 22631.4602 (X64) (2022-11-10 14:29:23)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-737299158-121734914-1222051215-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-737299158-121734914-1222051215-503 - Limited - Disabled)
Guest (S-1-5-21-737299158-121734914-1222051215-501 - Limited - Disabled)
Vince (S-1-5-21-737299158-121734914-1222051215-1001 - Administrator - Enabled) => C:\Users\Vince
WDAGUtilityAccount (S-1-5-21-737299158-121734914-1222051215-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 24.005.20320 - Adobe)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 6.4.0.361 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.5.1.48 - Adobe Inc.)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_14_1_1) (Version: 14.1.1 - Adobe Inc.)
Adobe Photoshop 2025 (HKLM-x32\...\PHSP_26_2) (Version: 26.2.0.140 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601102}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Dell Digital Delivery Services (HKLM-x32\...\{F1666108-338E-4381-81E5-CDA8652DC8FC}) (Version: 5.3.0.0 - Dell Inc.)
Dell Mobile Connect Driver (HKLM\...\{6F9CB82D-BC34-4FC1-B90D-AFFAC5C85E7B}) (Version: 4.1.7498 - Screenovate Technologies Ltd.)
Dell SupportAssist (HKLM\...\{A73D9A16-C22B-4A2C-8D70-AFFDD50E2A72}) (Version: 4.6.3.23467 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{F5391400-4596-46A6-9D3C-9D7647230679}) (Version: 5.5.13.0 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{2b5a1544-c837-4b31-acb8-cb096c96013f}) (Version: 5.5.13.0 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{D3EFD276-F67A-45CD-B8A3-7CE38B2FF434}) (Version: 5.5.13.0 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{c7ccf084-ab05-431c-8474-6b66df04f996}) (Version: 5.5.13.0 - Dell Inc.)
Dell Update for Windows Universal (HKLM\...\{183DEF89-F000-4745-81FD-3B43101D5B9F}) (Version: 5.2.0 - Dell Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 214.4.5217 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.911.1 - Dropbox, Inc.) Hidden
Dynamic Application Loader Host Interface Service (HKLM\...\{0AFA46DB-6E86-479E-BF66-B25C29324A5F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
FileZilla Client 3.58.0 (HKLM-x32\...\FileZilla Client) (Version: 3.58.0 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 131.0.6778.205 - Google LLC)
Intel(R) Icls (HKLM\...\{972D3BFC-2285-4E68-B954-D7EDBEDF05CB}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) LMS (HKLM\...\{81B9108D-91B3-4E6A-B5A4-28C67EBFC12A}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) LMS (HKLM\...\{A47874B5-99CC-4506-B0A0-D5E142FD17A5}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2141.15.0.2511 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{97C59670-D20F-4FF0-AB3D-9F58938D45B9}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{F0B4B693-5A70-48F4-B50F-F1E3FB226A82}) (Version: 1.0.0.0 - Intel Corporation) Hidden
KeePass Password Safe 2.57.1 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.57.1 - Dominik Reichl)
Killer Ethernet Performance Driver Suite UWD (HKLM\...\{298D1490-02A6-40D5-B922-4279472C0DED}) (Version: 3.1121.1158 - Rivet Networks)
Killer Wireless Driver UWD (HKLM\...\{7677ECBC-0890-4FDE-A0C5-B3646639B2A7}) (Version: 3.1121.1159 - Rivet Networks)
Malwarebytes version 5.2.4.157 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.2.4.157 - Malwarebytes)
Mazda Toolbox (HKLM-x32\...\Mazda Toolbox) (Version: - )
Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.28 (x64) (HKLM\...\{CA84969C-64F9-4606-A998-E692A5DA9B9F}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.11 (x64) (HKLM\...\{362B4D0D-8438-44DA-86B2-FEC44E000FCA}) (Version: 64.44.23191 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.20 (x64) (HKLM\...\{76FA02FF-603F-48BB-9E3F-17ED5DB861E8}) (Version: 48.83.63169 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.28 (x64) (HKLM\...\{7C4254A1-17EE-4840-B9D3-7CA9B34C75CD}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.11 (x64) (HKLM\...\{F59C11F0-D73F-452B-8D1D-8C33B82D8507}) (Version: 64.44.23191 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM-x32\...\{a699b48e-5748-4980-ad92-0b61b1d9d718}) (Version: 5.0.17.31213 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.20 (x64) (HKLM\...\{6CE8AD8C-E6D5-4BF7-91C3-7F8106A5CD93}) (Version: 48.83.63169 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.20 (x64) (HKLM-x32\...\{403b0cfe-5969-462d-8eb2-aafde344360e}) (Version: 6.0.20.32620 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.28 (x64) (HKLM\...\{4BCC5DFD-5D10-4ACC-AAA9-8A1578A9F0C6}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.11 (x64) (HKLM\...\{9C80213E-9079-4561-8D57-1FDD0D62251F}) (Version: 64.44.23191 - Microsoft Corporation) Hidden
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.18227.20162 - Microsoft Corporation)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.18227.20162 - Microsoft Corporation)
Microsoft 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.18227.20162 - Microsoft Corporation)
Microsoft 365 - it-it (HKLM\...\O365HomePremRetail - it-it) (Version: 16.0.18227.20162 - Microsoft Corporation)
Microsoft 365 - nl-nl (HKLM\...\O365HomePremRetail - nl-nl) (Version: 16.0.18227.20162 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 131.0.2903.112 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 131.0.2903.112 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-737299158-121734914-1222051215-1001\...\OneDriveSetup.exe) (Version: 24.226.1110.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 (HKLM-x32\...\{2d507699-404c-4c8b-a54a-38e352f32cdd}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 (HKLM-x32\...\{817e21c1-6b3a-4bc1-8c49-67e4e1887b3a}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 (HKLM\...\{38624EB5-356D-4B08-8357-C33D89A5C0C5}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 (HKLM\...\{C96241EA-9900-4FE8-85B3-1E238D509DF6}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326 (HKLM-x32\...\{A250E750-DB3F-40C1-8460-8EF77C7582DA}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326 (HKLM-x32\...\{46E11E7F-01E1-44D0-BB86-C67342D253DD}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.28 (x64) (HKLM\...\{443A7BE8-E5BE-4514-BDAB-0A872E3E846B}) (Version: 48.112.10435 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.28 (x64) (HKLM-x32\...\{bd3c5800-9256-43b9-97a7-eb349fc38d78}) (Version: 6.0.28.33420 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.11 (x64) (HKLM\...\{C0790AA0-0F40-4836-85B2-677B87625E63}) (Version: 64.44.23253 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.11 (x64) (HKLM-x32\...\{bd40e761-3e88-4202-9b53-26c6bed3d467}) (Version: 8.0.11.34221 - Microsoft Corporation)
Mindjet MindManager 9 (HKLM-x32\...\{483AEC7E-EA54-4433-B2BF-D75C33D2A488}) (Version: 9.2.504 - Mindjet)
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Graphics Driver 560.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 560.94 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18227.20082 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18227.20162 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.18227.20082 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.18227.20082 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0410-1000-0000000FF1CE}) (Version: 16.0.18227.20082 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0413-1000-0000000FF1CE}) (Version: 16.0.18227.20082 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
UXP WebView Support (HKLM-x32\...\UXPW_1_2_0) (Version: 1.2.0 - Adobe Inc.)
WebAdvisor by McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.995 - McAfee, LLC)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Zoom Workplace (HKU\S-1-5-21-737299158-121734914-1222051215-1001\...\ZoomUMX) (Version: 6.2.7 (49583) - Zoom Video Communications, Inc.)
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-12-10] ()
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_6.0.0.1_x86__enpm4xejd91yc [2024-05-31] (Adobe Systems Incorporated)
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt [2024-11-08] (INTEL CORP) [Startup Task]
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.5.5.0_x64__htrsf667h5kn2 [2024-12-10] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_5.3.0.0_x64__htrsf667h5kn2 [2024-10-30] (Dell Inc)
Dell Mobile Connect 3.3 -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0 [2021-09-19] (Screenovate Technologies) [Startup Task]
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_4.6.2.0_x64__htrsf667h5kn2 [2024-12-27] (Dell Inc)
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_5.2.64.0_x86__htrsf667h5kn2 [2024-02-24] (Dell Inc)
DellTypeCStatus -> C:\Program Files\WindowsApps\MSWP.DellTypeCStatus_4.2.2629.0_x64__9j0h69dmw0fzc [2022-10-20] (WISTRON CORPORATION) [Startup Task]
Dropbox -> C:\Program Files (x86)\Dropbox\Client\PackageAssets [2024-12-19] (Dropbox Inc.)
Facebook -> C:\Program Files\WindowsApps\FACEBOOK.FACEBOOK_2023.531.1.0_x64__8xx8rvfyw5nnt [2024-10-11] (Meta)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_156.1.1125.0_x64__v10z8vjag6ke6 [2024-10-18] (HP Inc.)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1041.0_x64__8j3eq9eme6ctt [2024-12-21] (INTEL CORP)
Killer Intelligence Center -> C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_3.1423.712.0_x64__rh07ty8m5nkag [2023-12-14] (INTEL CORP) [Startup Task]
Media Suite Essentials -> C:\Program Files\WindowsApps\DB6EA5DB.MediaSuiteEssentialsforDell_2.6.15823.0_x86__mcezb6ze687jp [2024-02-27] (CYBERLINK CORPORATION.)
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2412.12002.0_x64__8wekyb3d8bbwe [2024-12-31] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-14] (Microsoft Corp.)
My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_2.2.6.0_x64__htrsf667h5kn2 [2024-05-31] (Dell Inc)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.967.0_x64__56jybvy8sckqj [2024-12-24] (NVIDIA Corp.)
Partner Promo -> C:\Program Files\WindowsApps\DellInc.PartnerPromo_1.0.21.0_x64__htrsf667h5kn2 [2021-06-03] (Dell Inc)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-10-04] (Microsoft Corporation)
Power Media Player for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerMediaPlayerforDell_14.2.4925.0_x86__mcezb6ze687jp [2022-10-20] (CYBERLINK CORPORATION.)
Power2Go for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.Power2GoforDell_11.0.3920.0_x86__mcezb6ze687jp [2021-06-03] (CYBERLINK CORPORATION.) [Startup Task]
PowerDirector for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerDirectorforDell_15.0.4409.0_x64__mcezb6ze687jp [2021-06-03] (CYBERLINK CORPORATION.)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2024-01-25] (Adobe Systems Incorporated)
SpotifyAB.SpotifyMusic -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0 [2024-12-21] (Spotify AB) [Startup Task]
Waves MaxxAudio Pro for Dell 2020 -> C:\Program Files\WindowsApps\WavesAudio.MaxxAudioProforDell2020_3.0.98.0_x64__fh4rh281wavaa [2024-12-13] (Waves Audio)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2450.6.0_x64__cv1g1gvanyjgm [2024-12-20] (WhatsApp Inc.) [Startup Task]
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.311.2039.0_x64__8wekyb3d8bbwe [2024-11-13] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_6000.318.2304.0_x64__8wekyb3d8bbwe [2024-11-20] (Microsoft Corp.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-737299158-121734914-1222051215-1001_Classes\CLSID\{0BAD39CB-DD3E-4F21-9156-649B0156C28E}\localserver32 -> C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_c6bfc5767fc0181c\WavesSvc64.exe (Waves Inc -> Waves Audio Ltd.)
CustomCLSID: HKU\S-1-5-21-737299158-121734914-1222051215-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-737299158-121734914-1222051215-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-737299158-121734914-1222051215-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-737299158-121734914-1222051215-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Vince\Dropbox [2021-06-03 13:18]
CustomCLSID: HKU\S-1-5-21-737299158-121734914-1222051215-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-07-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-07-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-07-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_150d5bd6c9d549f0\OptaneShellExt.dll [2021-08-26] (Intel Corporation -> )
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-07-24] (Adobe Inc. -> )
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-01-03] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_150d5bd6c9d549f0\OptaneShellExt.dll [2021-08-26] (Intel Corporation -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvdd.inf_amd64_ae9e06a36785768d\nvshext.dll [2024-10-30] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-07-24] (Adobe Inc. -> )
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-01-03] (Malwarebytes Inc. -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2022-07-20] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-12-14] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: CmjBrowserHelperObject Object -> {6FE6A929-59D1-4763-91AD-29B61CFFB35B} -> C:\Program Files (x86)\Mindjet\MindManager 9\Mm8InternetExplorer.dll [2011-02-11] (Mindjet -> Mindjet)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2022-07-20] (McAfee, LLC -> McAfee, LLC)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-12-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-12-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-12-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-12-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-12-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-12-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-12-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-12-14] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-737299158-121734914-1222051215-1001\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 09:14 - 2019-12-07 09:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-737299158-121734914-1222051215-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Vince\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\razorbills.png
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: Killer(R) Wi-Fi 6 AX1650i 160MHz Wireless Network Adapter (201NGW) -> Netwtw10.sys
Bluetooth Network Connection: Bluetooth Device (Personal Area Network) -> bthpan.sys
Ethernet: Killer E2600 Gigabit Ethernet Controller -> e2kw10x64.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "MMReminderService"
HKU\S-1-5-21-737299158-121734914-1222051215-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{394B7412-DDFF-4D28-899A-D7DB8B683659}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{337E6E10-7F7C-42D8-BD18-CBAD2786CE78}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1F92623F-D604-4183-A62E-2E62424F42C0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B36A78F7-DA1E-4754-809F-130C3408FEF8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0BFBDABD-6B11-45FC-B4E9-0CF9BFD876DD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A7D06DC5-2FEA-4124-92EC-EA4CDDE00470}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{23F77218-A800-43FA-BC4C-2DE887E6851A}] => (Allow) C:\Users\Vince\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{01603AD6-01B5-4574-981D-EF6A07708263}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (6B081F61-C764-4F21-995F-B463D0640577 -> Screenovate Technologies Ltd.)
FirewallRules: [{246606F6-8C4D-4FAD-89B4-A581D0DB0B03}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (6B081F61-C764-4F21-995F-B463D0640577 -> Screenovate Technologies Ltd.)
FirewallRules: [{377BF4FA-B27B-40CC-8594-7968C7C68B99}] => (Allow) C:\Users\Vince\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{8FEE609C-04DD-424A-867D-5CC9CA6B45FC}] => (Allow) C:\Users\Vince\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{50693F2F-3656-40BD-917F-BA75CF9E7487}] => (Allow) C:\Users\Vince\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{ECA7C0D8-8CCF-4B50-BC30-A2D2224C6F52}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{335E59BD-B42E-4D78-9ED6-88D646A3FBF4}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24334.1103.3302.5694_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F9EAE8CC-E58F-4B19-B871-092120535F76}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24334.1103.3302.5694_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{ED02CBAB-55D1-4B74-B0CB-AD81D4786C27}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3F02357F-0D02-4CC0-8F14-2DD17ACBD21C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3ABC88B4-7C53-4C40-9C06-98000960E025}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9835C5CE-506B-4C57-8D01-C3E1A686FD3E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{158576C7-C744-41D8-B9FE-98A830A1C44E}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{320FC06B-0408-4D51-B46B-437021F87785}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{891591E3-0DE5-4B95-864C-2837C3C4E43A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E101DC44-5852-4339-A19C-1A5631C0DCC4}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.112\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CDC728E4-A775-4467-86F5-61FD62C8289B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{26870E72-6FCE-4118-B9DB-B608E5134AF0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B791BD2F-F11F-49AD-821F-702E6FF158E1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{CC0AD1DC-FA13-48E5-9525-7BFB0FF30E01}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EFE25566-D3E5-4112-A6A0-A9BF23004F4E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F4EECE57-21AC-40AB-A6F9-FF115D52DE0A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{40ED935E-E154-40AB-995D-9F05A59DD9A5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D1EFCE3C-221B-4F1B-A196-DC62183D6F99}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F4FD955C-0418-4A68-92F2-FFBDE4537BBF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EDBA7764-A4DF-4B8F-B77A-F8B033560CAF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
==================== Restore Points =========================
27-12-2024 13:04:32 Dell SupportAssist OS Recovery Plugin for Dell Update
31-12-2024 12:59:35 Windows Update
04-01-2025 11:06:59 AdwCleaner_BeforeCleaning_04/01/2025_11:06:59
04-01-2025 11:09:49 AdwCleaner_BeforeCleaning_04/01/2025_11:09:49
04-01-2025 11:20:52 Restore Point Created by FRST
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/04/2025 11:27:52 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
Error: (01/04/2025 11:27:52 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
Error: (01/04/2025 11:27:52 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
Error: (01/04/2025 11:27:52 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
Error: (01/04/2025 11:27:50 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
Error: (01/04/2025 11:26:13 AM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Faulting application name: Dell.CoreServices.Client.exe, version: 1.5.20.3, time stamp: 0x65a80000
Faulting module name: KERNELBASE.dll, version: 10.0.22621.4541, time stamp: 0x8ca6fab8
Exception code: 0xe0434352
Fault offset: 0x000000000005fb4c
Faulting process id: 0x0x3760
Faulting application start time: 0x0x1db5e9ac1d1ca68
Faulting application path: C:\Program Files\Dell\TechHub\Dell.CoreServices.Client.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 1422a8e5-0c06-4a74-a3a2-6d0e9654f0ac
Faulting package full name:
Faulting package-relative application ID:
Error: (01/04/2025 11:20:52 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied..This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {6943b90a-5ff8-4365-ba31-18e83236dea4}
Error: (01/04/2025 11:11:48 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
System errors:
=============
Error: (01/04/2025 11:28:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Dell SupportAssist service failed to start due to the following error:
The system cannot find the file specified.
Error: (01/04/2025 11:28:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Dell SupportAssist Remediation service failed to start due to the following error:
The system cannot find the file specified.
Error: (01/04/2025 11:26:13 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\WINDOWS\system32\IntelIHVRouter10.dll
Error: (01/04/2025 11:26:13 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\WINDOWS\system32\IntelIHVRouter10.dll
Error: (01/04/2025 11:21:01 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Dell Data Vault Collector service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
Error: (01/04/2025 11:21:01 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The WMI Performance Adapter service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
Error: (01/04/2025 11:21:01 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Dell Data Vault Service API service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
Error: (01/04/2025 11:21:01 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Dell Digital Delivery Services service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
Windows Defender:
================
Date: 2025-01-03 12:36:32
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-01-02 12:29:31
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-01-01 15:17:00
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-12-31 12:59:20
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-12-30 12:31:56
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]
Date: 2024-02-24 22:17:15
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence and will attempt to revert to a previous version.
Security intelligence Attempted: Current
Error Code: 0x80501102
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.
Security intelligence Version: 1.405.529.0;1.405.529.0
Engine Version: 1.1.24010.10
Date: 2024-01-24 22:21:01
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence and will attempt to revert to a previous version.
Security intelligence Attempted: Current
Error Code: 0x80501102
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.
Security intelligence Version: 1.403.2631.0;1.403.2631.0
Engine Version: 1.1.23110.2
Date: 2023-12-14 22:15:58
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence and will attempt to revert to a previous version.
Security intelligence Attempted: Current
Error Code: 0x80501102
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.
Security intelligence Version: 1.403.479.0;1.403.479.0
Engine Version: 1.1.23110.2
Date: 2023-09-13 10:13:17
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.397.844.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.23080.2005
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2023-07-09 08:37:18
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.391.3829.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.23050.3
Error code: 0x80072f8f
Error description: A security error occurred
CodeIntegrity:
===============
Date: 2025-01-04 12:28:02
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbamsi32.dll that did not meet the Microsoft signing level requirements.
Date: 2025-01-04 12:08:28
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.
Date: 2025-01-04 11:33:50
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.
Date: 2025-01-04 11:29:24
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_c20ce9ae4ce56285\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2025-01-04 11:27:49
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Dropbox\Client\Dropbox.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Dropbox\Client\214.4.5217\vulkan-1.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. 2.10.0 09/14/2022
Motherboard: Dell Inc. 0427JK
Processor: 11th Gen Intel(R) Core(TM) i7-11700K @ 3.60GHz
Percentage of memory in use: 48%
Total physical RAM: 15985.25 MB
Available physical RAM: 8236.52 MB
Total Virtual: 18161.25 MB
Available Virtual: 8231.18 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:931.36 GB) (Free:737.69 GB) (Model: NVMe Micron 2300 NVMe 1024GB) NTFS
Drive d: (DATA) (Fixed) (Total:1862.89 GB) (Free:1330.67 GB) (Model: ST2000DM008-2FR102) NTFS
Drive f: (DATA Mirror) (Fixed) (Total:1863.01 GB) (Free:520.42 GB) (Model: ST2000DL001-9VT156) NTFS
\\?\Volume{c4b27e7d-70c8-4006-91db-60df3a2c3fe4}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.13 GB) NTFS
\\?\Volume{4f64e8f2-ccce-4436-a3b9-506c2f826af0}\ (Image) (Fixed) (Total:19.84 GB) (Free:0.15 GB) NTFS
\\?\Volume{bbdbb0ba-8242-4263-8488-72fc6a0fae5f}\ (DELLSUPPORT) (Fixed) (Total:1.41 GB) (Free:0.36 GB) NTFS
\\?\Volume{db1394aa-2ac1-499f-bfa9-cd8d75abd2aa}\ (ESP) (Fixed) (Total:0.14 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 8D1D7866)
Partition: GPT.
==========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 454C59B6)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (Size: 953.9 GB) (Disk ID: 8D1D7887)
Partition: GPT.
==================== End of Addition.txt =======================
Ran by Vince (administrator) on DESKTOP-VJUNE20 (Dell Inc. XPS 8940) (04-01-2025 15:44:20)
Running from C:\Users\Vince\OneDrive\Desktop\FRST64.exe
Loaded Profiles: Vince
Platform: Microsoft Windows 11 Home Version 23H2 22631.4602 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe
(C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\1.3.911.1\DropboxCrashHandler.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\js\node_modules\adobe-cr\build\Release\Adobe Crash Processor.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Creative Cloud UI Helper.exe <4>
(C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.UserProcess.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> ) C:\Program Files (x86)\Dell\UpdateService\DCF\Dell.Update.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> ) C:\Program Files\Dell\DTP\DiagnosticsSubAgent\Dell.TechHub.Diagnostics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\TechHub\Dell.CoreServices.Client.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\AnalyticsSubAgent\Dell.TechHub.Analytics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\DataManagerSubAgent\Dell.TechHub.DataManager.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\AI\ai.exe
(drivers\RivetNetworks\Killer\KAPSService.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KAPS.exe
(drivers\RivetNetworks\Killer\KNDBWMService.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWM.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_e10111c1ac1fb484\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_e10111c1ac1fb484\igfxEMN.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <8>
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_c6bfc5767fc0181c\WavesSvc64.exe
(Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoNotificationUx.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Dell Inc. -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(services.exe ->) (Dell Technologies Inc. -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\TechHub\Dell.TechHub.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_e10111c1ac1fb484\igfxCUIServiceN.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_2ca0a47853f51398\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_b403dc0201a474ed\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_cde08185192dc86d\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_c20ce9ae4ce56285\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_ab7d4ea1d12c01d4\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_45da76e5d6aa50af\Intel_PIE_Service.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KAPSService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdd.inf_amd64_ae9e06a36785768d\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a4555e9b35287491\RtkAudUService64.exe <3>
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_c6bfc5767fc0181c\WavesSysSvc64.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24112.22.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\WindowsApps\AdobeNotificationClient_6.0.0.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Vince\AppData\Local\Microsoft\OneDrive\24.226.1110.0004\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a4555e9b35287491\RtkAudUService64.exe [1649504 2023-03-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_c6bfc5767fc0181c\WavesSvc64.exe [5083736 2023-02-22] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4116904 2024-10-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files\KeePass Password Safe 2\KeePass.exe [3297664 2024-10-08] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [9237896 2024-12-17] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [MMReminderService] => C:\Program Files (x86)\Mindjet\MindManager 9\MMReminderService.exe [38240 2011-02-11] (Mindjet -> Mindjet)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [133128 2024-05-12] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1130416 2024-09-11] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-21-737299158-121734914-1222051215-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [12304792 2024-12-05] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-737299158-121734914-1222051215-1001\...\Run: [MicrosoftEdgeAutoLaunch_4AFAF161DF58B152F72919B1ECF6E7B4] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3911240 2024-12-19] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\131.0.6778.205\Installer\chrmstp.exe [2024-12-20] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {D54C57C9-101E-4A13-970C-592A308CAD6C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1574856 2024-09-25] (Adobe Inc. -> Adobe Inc.)
Task: {168712E5-0CC0-4226-B1E9-7E80DF0C6AE1} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4116904 2024-10-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {42669BC1-C69E-4E97-835E-10936A340EC4} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [4455336 2024-10-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {09467FFE-8F25-41A5-97F2-4F9B01FF33E3} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {B2186F2C-9A35-423E-B75F-594587C6EECA} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {29CEE9C9-FDA8-459E-9F21-4B3AF7D4DD06} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{46036F2A-CE35-4BF1-A445-52E58C8CE597} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {504044B1-CB3D-4D84-B3BE-BC73CA579589} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64976 2024-10-18] (HP Inc. -> HP Inc.)
Task: {52D7DA99-F4F7-45EC-9582-A0A1483D0E60} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64976 2024-10-18] (HP Inc. -> HP Inc.)
Task: {AC9179C7-D719-47E3-B13F-C9266A5D8ED2} - System32\Tasks\Launch Adobe CCXProcess => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [194048 2024-12-05] (Adobe Inc. -> Adobe Inc.)
Task: {F37D447C-6DC5-41B0-9D4E-18A8032A9056} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28660920 2024-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {60723F4D-DE3F-4174-ADDF-516B51BF2C27} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28660920 2024-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {305F5298-4DAD-4086-9B77-9305989298C2} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [311976 2024-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {5EAFEC4D-AE96-465D-A673-328704A7545E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [311976 2024-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {491CC548-3BCD-4911-8BDC-2908FAC3FE1C} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [186992 2024-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {A974AA07-5270-4510-8EC4-51AE1533FA1A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9A0F15CA-A86E-4720-84C3-F2EF4E6E69F8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {98919F02-9F42-4B1F-9BCF-3061F6DDF56D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E02A3177-D979-4120-9182-D5DE8AB21895} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {60A56495-3691-4903-88ED-B3E4050534AB} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {4E90CC5D-CF17-4948-AD96-C784AFDF8BD9} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {A9B10345-1612-4905-9E3A-1CBF71F8C404} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F183FCDC-C973-46CB-BB45-F394A4846C17} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {B8D0C825-DC85-406D-9E64-C1901C40A293} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {277DA4AD-6FB1-43F9-AC99-51BB0FBFAB91} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3203ECFA-174E-4350-BD31-7B02CDED5E44} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {81135FBA-1469-4E35-8E9B-43DC9B2B83EA} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DDC3A034-BD2A-4039-AB3E-B7B66B2F1766} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {97BF9D2D-2E71-4E13-9880-BC701E03C8D0} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {006318A0-D8A2-467C-B6F5-CA5908F953F4} - System32\Tasks\ZoomUpdateTaskUser-S-1-5-21-737299158-121734914-1222051215-1001 => C:\Users\Vince\AppData\Roaming\Zoom\bin\Zoom.exe [435000 2024-11-26] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{294cba98-ee38-4b44-aeac-fc55fed279c7}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{294cba98-ee38-4b44-aeac-fc55fed279c7}: [DhcpDomain] Home
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Vince\AppData\Local\Microsoft\Edge\User Data\Default [2025-01-04]
Edge HomePage: Default -> hxxps://
Edge StartupUrls: Default -> "hxxps://"
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Vince\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2024-10-23]
Edge Extension: (Google Docs Offline) - C:\Users\Vince\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-21]
Edge Extension: (Edge relevant text changes) - C:\Users\Vince\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-12-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-12-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2024-09-11] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-12-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2024-09-11] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Default [2025-01-04]
CHR HomePage: Default -> hxxps://
CHR StartupUrls: Default -> "","hxxps://google.com/"
CHR DefaultSearchURL: Default -> hxxps://searchsafe.norton.com/search?omnisearch=yes&q={searchTerms}
CHR DefaultSearchKeyword: Default -> nortonsafe
CHR DefaultSuggestURL: Default -> hxxps://ss-sym.search.ask.com/ss?limit=10&li=ff&hl=en&q={searchTerms}
CHR Extension: (Karoo Route Grab) - C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmgakapefkckdimkoglpoooaamfpfhld [2023-07-18]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-10-24]
CHR Extension: (Norton Safe) - C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpnlkmlkncncpgnnkmkgoobfpnjmblnk [2024-10-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-03]
CHR Profile: C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Guest Profile [2025-01-04]
CHR DefaultSearchURL: Guest Profile -> hxxps://www.query-redir.com/r.html?q={searchTerms}&guid=3b2ce94fdb3c20dbb322f7f8d1faedb147d11eaf&version=90&ti=1728499803&path=addresbar&g=925&t=100&brw=c
CHR DefaultSearchKeyword: Guest Profile -> www.query-redir.com
CHR DefaultNewTabURL: Guest Profile -> hxxps://www.query-redir.com/index.html?guid=3b2ce94fdb3c20dbb322f7f8d1faedb147d11eaf&version=90&ti=1728499803&path=newtab&g=925&t=100&brw=c
CHR Profile: C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Profile 1 [2025-01-04]
CHR HomePage: Profile 1 -> hxxps://
CHR StartupUrls: Profile 1 -> "hxxps://"
CHR DefaultSearchURL: Profile 1 -> hxxps://www.query-redir.com/r.html?q={searchTerms}&guid=3b2ce94fdb3c20dbb322f7f8d1faedb147d11eaf&version=90&ti=1728499803&path=addresbar&g=925&t=100&brw=c&legacy=aHR0cHM6Ly9zZWFyY2gtZ3JlYXQuY29tL3NlYXJjaD9zdWJpZD0xMTExOSZ1PTc5Y2NkZWVlZTYxNTc5NWUmY2hhbm5lbD1kZWZhdWx0JmtleXdvcmQ9JXM=
CHR DefaultSearchKeyword: Profile 1 -> www.query-redir.com
CHR DefaultNewTabURL: Profile 1 -> hxxps://www.query-redir.com/index.html?guid=3b2ce94fdb3c20dbb322f7f8d1faedb147d11eaf&version=90&ti=1728499803&path=newtab&g=925&t=100&brw=c&legacy=aHR0cHM6Ly9ocC1zZWFyY2guY29tLz9wYXRoPWNocm9tZS9uZXd0YWImdT03OWNjZGVlZWU2MTU3OTVlJnN1YmlkPTExMTE5JmNoYW5uZWw9ZGVmYXVsdA==
CHR Extension: (Slides) - C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-07-20]
CHR Extension: (Sheets) - C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-07-20]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-07-20]
CHR Extension: (Google Docs Offline) - C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-20]
CHR Extension: (Chrome Media Router) - C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-20]
CHR Profile: C:\Users\Vince\AppData\Local\Google\Chrome\User Data\System Profile [2025-01-04]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [mfhcmdonhekjhfbjmeacdjbhlfgpjabp]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-09-25] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944048 2024-09-11] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13512888 2024-12-07] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2024-12-17] (Dropbox, Inc -> Dropbox, Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [460176 2024-07-15] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [154512 2024-07-15] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [482704 2024-07-15] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [59632 2024-10-29] (Dell Inc. -> )
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [51648 2024-11-13] (Dell Technologies Inc. -> )
R2 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [154544 2024-11-14] (Dell Technologies Inc. -> Dell)
S3 DropboxElevationService; C:\Program Files (x86)\Dropbox\Client\214.4.5217\DropboxElevationService.exe [1659280 2024-12-17] (Dropbox, Inc -> Dropbox, Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243664 2024-10-18] (HP Inc. -> HP Inc.)
R3 KAPSService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KAPSService.exe [78088 2023-07-13] (Intel Corporation -> Intel® Corporation)
R2 Killer Analytics Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [2480944 2023-07-13] (Intel Corporation -> Intel)
R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2981168 2023-07-13] (Intel Corporation -> Intel)
R3 KNDBWM; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [78128 2023-07-13] (Intel Corporation -> Intel® Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9441760 2025-01-03] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-01-03] (Malwarebytes Inc. -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [926176 2024-12-11] (McAfee, LLC -> McAfee, LLC)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvdd.inf_amd64_ae9e06a36785768d\Display.NvContainer\NVDisplay.Container.exe [1275000 2024-10-30] (NVIDIA Corporation -> NVIDIA Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 Dell SupportAssist Remediation; "C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe" [X]
S2 SupportAssistAgent; "C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 CyUcmClient_Device; C:\WINDOWS\System32\drivers\CyUcmClient.sys [149864 2020-06-18] (Cypress Semiconductor Corporation -> Cypress Semiconductor Corporation)
S3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [43400 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies)
R3 DellInstrumentation; C:\WINDOWS\System32\drivers\DellInstrumentation.sys [44472 2024-11-12] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo11X64.sys [209200 2023-07-13] (Intel Corporation -> Rivet Networks, LLC.)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [232024 2025-01-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2025-01-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2025-01-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsl9be86aa3; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6D8431D8-831F-4C19-9FFA-674A93B4E066}\MpKslDrv.sys [267552 2025-01-04] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsld0c45c0e; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6D8431D8-831F-4C19-9FFA-674A93B4E066}\MpKslDrv.sys [267552 2025-01-04] (Microsoft Windows -> Microsoft Corporation)
R3 ScrHIDDriver3; C:\WINDOWS\System32\drivers\ScrHIDDriver3.sys [63296 2021-10-01] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22104 2024-11-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [606624 2024-11-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105888 2024-11-04] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-01-04 15:44 - 2025-01-04 15:44 - 002403840 _____ (Farbar) C:\Users\Vince\OneDrive\Desktop\FRST64.exe
2025-01-04 15:44 - 2025-01-04 15:44 - 000000000 ___RD C:\Users\Vince\OneDrive\Desktop\FRST-OlderVersion
2025-01-04 11:20 - 2025-01-04 11:25 - 000011501 _____ C:\Users\Vince\OneDrive\Desktop\Fixlog.txt
2025-01-04 11:08 - 2025-01-04 11:26 - 000012288 ___SH C:\DumpStack.log.tmp
2025-01-04 11:04 - 2025-01-04 11:04 - 008790880 _____ (Malwarebytes) C:\Users\Vince\OneDrive\Desktop\adwcleaner.exe
2025-01-03 14:45 - 2025-01-03 14:46 - 000049291 _____ C:\Users\Vince\OneDrive\Desktop\Addition.txt
2025-01-03 14:43 - 2025-01-04 15:44 - 000034591 _____ C:\Users\Vince\OneDrive\Desktop\FRST.txt
2025-01-03 14:42 - 2025-01-04 15:44 - 000000000 ____D C:\FRST
2025-01-03 14:32 - 2025-01-04 15:42 - 000000000 ____D C:\Users\Vince\AppData\Local\Malwarebytes
2025-01-03 14:32 - 2025-01-03 14:32 - 000002067 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2025-01-02 10:09 - 2025-01-02 10:10 - 000000000 ___RD C:\Users\Vince\OneDrive\Documents\My Data Sources
2024-12-23 17:50 - 2024-12-23 17:50 - 000001061 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic.lnk
2024-12-23 17:49 - 2024-12-23 17:49 - 000001038 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2025.lnk
2024-12-23 17:46 - 2024-12-23 17:50 - 000000000 ___HD C:\adobeTemp
2024-12-21 19:03 - 2024-12-21 19:03 - 000084992 _____ C:\Users\Vince\Downloads\MASTERLIST April 2024 - March 2025 (Newest).xlsx
2024-12-19 09:42 - 2024-12-19 09:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2024-12-17 11:55 - 2024-12-17 11:55 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2024-12-16 11:08 - 2024-12-16 11:08 - 000016587 _____ C:\Users\Vince\Downloads\Booking System Upload Data Sheet Dec 24.xlsx
2024-12-14 18:47 - 2024-12-14 18:47 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-12-14 11:18 - 2024-12-14 11:18 - 000009549 _____ C:\Users\Vince\Downloads\family 1 response.xlsx
2024-12-13 13:23 - 2024-12-13 13:23 - 001364521 _____ C:\Users\Vince\Downloads\PatientRegistrationForm13-12-24 09-41.pdf
2024-12-13 10:32 - 2024-12-13 10:32 - 000002264 _____ C:\Users\Vince\AppData\LocalLow\c6fd0b40e3699e455c033fee715597271d5deb4392f8f1def83e8f83d8fc53ab
2024-12-12 22:08 - 2024-12-12 22:08 - 000029533 _____ C:\Users\Vince\Downloads\DutyManMembers_241208.csv
2024-12-12 16:56 - 2024-12-12 16:56 - 000002333 _____ C:\Users\Vince\Downloads\list-2912197.csv
2024-12-12 14:30 - 2024-12-12 14:30 - 000000000 ____D C:\Users\Vince\AppData\Local\NEO
2024-12-12 11:14 - 2024-12-12 11:14 - 000002298 _____ C:\Users\Vince\Downloads\sample-import.csv
2024-12-12 11:13 - 2024-12-12 11:13 - 000000509 _____ C:\Users\Vince\Downloads\sample-import (1).csv
2024-12-12 10:14 - 2024-09-24 20:00 - 000786928 _____ (Intel) C:\WINDOWS\system32\libvpl.dll
2024-12-12 10:14 - 2024-09-24 20:00 - 000671656 _____ (Intel) C:\WINDOWS\SysWOW64\libvpl.dll
2024-12-12 10:14 - 2024-09-24 19:59 - 000982280 _____ (Intel Corporation) C:\WINDOWS\system32\libmfxhw64.dll
2024-12-12 10:14 - 2024-09-24 19:59 - 000740872 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\libmfxhw32.dll
2024-12-12 10:14 - 2024-09-24 19:59 - 000624768 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2024-12-12 10:14 - 2024-09-24 19:59 - 000483912 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2024-12-12 10:14 - 2024-09-24 19:58 - 000623400 _____ C:\WINDOWS\SysWOW64\IntelControlLib32.dll
2024-12-12 10:14 - 2024-09-24 19:57 - 027987008 _____ (Intel Corporation) C:\WINDOWS\system32\mfxplugin64_hw.dll
2024-12-12 10:14 - 2024-09-24 19:57 - 020710928 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfxplugin32_hw.dll
2024-12-12 10:14 - 2024-09-24 19:57 - 002041968 _____ C:\WINDOWS\system32\ze_intel_gpu_raytracing.dll
2024-12-12 10:14 - 2024-09-24 19:57 - 000798272 _____ C:\WINDOWS\system32\ze_loader.dll
2024-12-12 10:14 - 2024-09-24 19:57 - 000563560 _____ C:\WINDOWS\system32\ze_tracing_layer.dll
2024-12-12 10:14 - 2024-09-24 19:57 - 000430144 _____ C:\WINDOWS\system32\ze_validation_layer.dll
2024-12-12 10:14 - 2024-09-24 19:57 - 000290280 _____ C:\WINDOWS\SysWOW64\ControlLib32.dll
2024-12-12 10:14 - 2024-09-24 19:56 - 000348976 _____ C:\WINDOWS\system32\ControlLib.dll
2024-12-11 19:14 - 2024-12-11 19:14 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-737299158-121734914-1222051215-1001
2024-12-11 19:14 - 2024-12-11 19:14 - 000002381 _____ C:\Users\Vince\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-12-10 15:55 - 2024-12-10 15:55 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-12-10 15:55 - 2024-12-10 15:55 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-12-08 15:05 - 2024-12-08 15:05 - 000008621 _____ C:\Users\Vince\Downloads\Event_Manager_Export___1733670321.csv
2024-12-08 14:27 - 2024-12-16 22:14 - 000000000 ____D C:\Users\Vince\AppData\Roaming\substanceconnectoropentcp
2024-12-06 13:44 - 2024-12-06 13:44 - 000026702 _____ C:\Users\Vince\Downloads\hubspot-digest-email-events-basic-recipients-list-mail-3-2024-12-06-1.csv
2024-12-06 11:12 - 2024-12-06 11:12 - 000026724 _____ C:\Users\Vince\Downloads\hubspot-digest-email-events-basic-recipients-list-mail-3-2024-12-06.csv
2024-12-05 15:17 - 2024-12-05 15:17 - 000014579 _____ C:\Users\Vince\Downloads\Dump.xlsx
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-01-04 15:43 - 2021-06-03 16:43 - 000000000 ____D C:\Users\Vince\AppData\Roaming\KeePass
2025-01-04 15:32 - 2024-04-15 10:57 - 000000000 ____D C:\Users\Vince\OneDrive\Documents\Outlook Files
2025-01-04 13:53 - 2021-06-07 11:21 - 000000000 ____D C:\Users\Vince\AppData\Roaming\Microsoft\Word
2025-01-04 13:18 - 2022-11-10 14:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-01-04 12:46 - 2022-05-07 05:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-01-04 12:25 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-01-04 12:25 - 2021-05-19 07:14 - 000000000 ____D C:\ProgramData\NVIDIA
2025-01-04 11:43 - 2021-05-19 07:14 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2025-01-04 11:37 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-01-04 11:31 - 2022-11-10 14:31 - 000850308 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-01-04 11:31 - 2022-05-07 05:22 - 000000000 ____D C:\WINDOWS\INF
2025-01-04 11:27 - 2022-05-07 05:24 - 000000000 ___HD C:\Program Files\WindowsApps
2025-01-04 11:27 - 2021-06-03 13:17 - 000000000 ____D C:\Users\Vince\AppData\Roaming\Dropbox
2025-01-04 11:27 - 2021-06-03 13:17 - 000000000 ____D C:\Users\Vince\AppData\Local\Dropbox
2025-01-04 11:27 - 2021-06-03 13:02 - 000000000 ___RD C:\Users\Vince\OneDrive
2025-01-04 11:27 - 2021-06-03 13:00 - 000000000 __SHD C:\Users\Vince\IntelGraphicsProfiles
2025-01-04 11:27 - 2021-06-03 13:00 - 000000000 ____D C:\Users\Vince\AppData\Local\Packages
2025-01-04 11:27 - 2021-05-19 07:27 - 000000000 ____D C:\ProgramData\Packages
2025-01-04 11:26 - 2022-11-10 14:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-01-04 11:26 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\ServiceState
2025-01-04 11:26 - 2022-05-07 05:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2025-01-04 11:26 - 2021-05-19 07:08 - 000000000 ____D C:\Intel
2025-01-04 11:23 - 2021-06-10 14:15 - 000000000 ____D C:\Users\Vince\AppData\LocalLow\Temp
2025-01-04 11:10 - 2022-11-10 14:20 - 000000000 ____D C:\Users\Vince
2025-01-04 11:10 - 2021-05-19 07:20 - 000000000 ____D C:\ProgramData\Dell
2025-01-04 11:09 - 2021-05-19 07:12 - 000000000 ____D C:\Program Files\Dell
2025-01-04 11:08 - 2024-09-30 09:24 - 015458100 ____N C:\WINDOWS\Minidump\010425-17375-01.dmp
2025-01-04 11:08 - 2024-09-10 07:33 - 000000000 ____D C:\WINDOWS\Minidump
2025-01-04 11:08 - 2022-11-10 14:27 - 000001535 _____ C:\WINDOWS\system32\config\VSMIDK
2025-01-04 11:02 - 2024-02-27 10:12 - 000003582 _____ C:\WINDOWS\system32\Tasks\Launch Adobe CCXProcess
2025-01-04 10:51 - 2021-06-04 13:02 - 000000000 ____D C:\Users\Vince\AppData\Roaming\Microsoft\Excel
2025-01-03 14:31 - 2024-10-21 11:10 - 000000000 ____D C:\ProgramData\Malwarebytes
2025-01-03 14:31 - 2024-10-21 11:10 - 000000000 ____D C:\Program Files\Malwarebytes
2025-01-03 14:31 - 2022-05-07 05:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-01-01 22:05 - 2021-06-08 21:18 - 000000000 ____D C:\Users\Vince\AppData\Roaming\Microsoft\PowerPoint
2024-12-31 22:33 - 2021-06-04 13:02 - 000000000 ____D C:\Users\Vince\AppData\Roaming\Microsoft\Office
2024-12-27 12:03 - 2021-05-19 07:12 - 000000000 ____D C:\Program Files (x86)\Dell
2024-12-24 14:20 - 2021-06-03 13:18 - 000000000 ___RD C:\Users\Vince\Dropbox
2024-12-23 17:50 - 2021-06-03 15:02 - 000000000 ____D C:\Program Files\Adobe
2024-12-23 17:49 - 2021-06-03 15:03 - 000000000 ____D C:\ProgramData\Adobe
2024-12-23 17:49 - 2021-06-03 15:02 - 000000000 ____D C:\Program Files\Common Files\Adobe
2024-12-22 09:32 - 2022-11-10 14:29 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-12-22 09:32 - 2022-11-10 14:29 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-12-21 15:18 - 2021-06-03 13:00 - 000000000 ____D C:\Users\Vince\AppData\Local\D3DSCache
2024-12-21 10:17 - 2021-03-18 04:38 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-12-20 10:05 - 2024-10-12 14:21 - 000002211 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-12-19 09:43 - 2021-06-03 13:17 - 000000000 ____D C:\Program Files (x86)\Dropbox
2024-12-16 22:14 - 2021-08-10 14:17 - 000000000 ____D C:\Users\Vince\AppData\Local\CrashDumps
2024-12-16 17:51 - 2021-06-13 16:03 - 000001456 _____ C:\Users\Vince\AppData\Local\Adobe Save for Web 13.0 Prefs
2024-12-14 18:48 - 2022-05-07 05:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-12-14 18:48 - 2021-03-18 04:40 - 000000000 ____D C:\Program Files\Microsoft Office
2024-12-12 22:10 - 2022-11-10 14:27 - 000472936 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-12-12 22:09 - 2023-10-11 21:14 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-12-12 22:09 - 2022-05-07 05:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-12-12 22:09 - 2022-05-07 05:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-12-12 22:09 - 2022-05-07 05:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-12-12 22:09 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-12-12 22:09 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-12-12 22:09 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-12-12 22:09 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-12-12 22:09 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-12-12 22:09 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-12-12 22:09 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\setup
2024-12-12 22:09 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-12-12 22:09 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-12-12 22:09 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2024-12-12 22:09 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-12-12 22:09 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-12-12 22:09 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-12-12 22:09 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-12-12 22:09 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-12-12 22:09 - 2022-05-07 05:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-12-11 19:14 - 2022-11-10 14:29 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-737299158-121734914-1222051215-1001
2024-12-11 19:10 - 2022-05-07 05:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-12-11 19:08 - 2022-11-10 14:29 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-12-09 12:09 - 2021-05-19 07:14 - 000000000 ____D C:\ProgramData\Package Cache
2024-12-09 10:59 - 2022-04-14 10:22 - 000000000 ____D C:\Program Files\dotnet
2024-12-08 14:29 - 2021-06-03 15:00 - 000000000 ____D C:\Users\Vince\AppData\Local\Adobe
2024-12-08 13:57 - 2021-06-03 13:00 - 000000000 ____D C:\Users\Vince\AppData\Roaming\Adobe
==================== Files in the root of some directories ========
2021-06-13 16:03 - 2024-12-16 17:51 - 000001456 _____ () C:\Users\Vince\AppData\Local\Adobe Save for Web 13.0 Prefs
2021-06-03 19:51 - 2021-06-03 19:51 - 000000000 _____ () C:\Users\Vince\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-01-2025
Ran by Vince (04-01-2025 15:45:16)
Running from C:\Users\Vince\OneDrive\Desktop
Microsoft Windows 11 Home Version 23H2 22631.4602 (X64) (2022-11-10 14:29:23)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-737299158-121734914-1222051215-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-737299158-121734914-1222051215-503 - Limited - Disabled)
Guest (S-1-5-21-737299158-121734914-1222051215-501 - Limited - Disabled)
Vince (S-1-5-21-737299158-121734914-1222051215-1001 - Administrator - Enabled) => C:\Users\Vince
WDAGUtilityAccount (S-1-5-21-737299158-121734914-1222051215-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 24.005.20320 - Adobe)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 6.4.0.361 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.5.1.48 - Adobe Inc.)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_14_1_1) (Version: 14.1.1 - Adobe Inc.)
Adobe Photoshop 2025 (HKLM-x32\...\PHSP_26_2) (Version: 26.2.0.140 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601102}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Dell Digital Delivery Services (HKLM-x32\...\{F1666108-338E-4381-81E5-CDA8652DC8FC}) (Version: 5.3.0.0 - Dell Inc.)
Dell Mobile Connect Driver (HKLM\...\{6F9CB82D-BC34-4FC1-B90D-AFFAC5C85E7B}) (Version: 4.1.7498 - Screenovate Technologies Ltd.)
Dell SupportAssist (HKLM\...\{A73D9A16-C22B-4A2C-8D70-AFFDD50E2A72}) (Version: 4.6.3.23467 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{F5391400-4596-46A6-9D3C-9D7647230679}) (Version: 5.5.13.0 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{2b5a1544-c837-4b31-acb8-cb096c96013f}) (Version: 5.5.13.0 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{D3EFD276-F67A-45CD-B8A3-7CE38B2FF434}) (Version: 5.5.13.0 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{c7ccf084-ab05-431c-8474-6b66df04f996}) (Version: 5.5.13.0 - Dell Inc.)
Dell Update for Windows Universal (HKLM\...\{183DEF89-F000-4745-81FD-3B43101D5B9F}) (Version: 5.2.0 - Dell Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 214.4.5217 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.911.1 - Dropbox, Inc.) Hidden
Dynamic Application Loader Host Interface Service (HKLM\...\{0AFA46DB-6E86-479E-BF66-B25C29324A5F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
FileZilla Client 3.58.0 (HKLM-x32\...\FileZilla Client) (Version: 3.58.0 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 131.0.6778.205 - Google LLC)
Intel(R) Icls (HKLM\...\{972D3BFC-2285-4E68-B954-D7EDBEDF05CB}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) LMS (HKLM\...\{81B9108D-91B3-4E6A-B5A4-28C67EBFC12A}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) LMS (HKLM\...\{A47874B5-99CC-4506-B0A0-D5E142FD17A5}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2141.15.0.2511 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{97C59670-D20F-4FF0-AB3D-9F58938D45B9}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{F0B4B693-5A70-48F4-B50F-F1E3FB226A82}) (Version: 1.0.0.0 - Intel Corporation) Hidden
KeePass Password Safe 2.57.1 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.57.1 - Dominik Reichl)
Killer Ethernet Performance Driver Suite UWD (HKLM\...\{298D1490-02A6-40D5-B922-4279472C0DED}) (Version: 3.1121.1158 - Rivet Networks)
Killer Wireless Driver UWD (HKLM\...\{7677ECBC-0890-4FDE-A0C5-B3646639B2A7}) (Version: 3.1121.1159 - Rivet Networks)
Malwarebytes version 5.2.4.157 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.2.4.157 - Malwarebytes)
Mazda Toolbox (HKLM-x32\...\Mazda Toolbox) (Version: - )
Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.28 (x64) (HKLM\...\{CA84969C-64F9-4606-A998-E692A5DA9B9F}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.11 (x64) (HKLM\...\{362B4D0D-8438-44DA-86B2-FEC44E000FCA}) (Version: 64.44.23191 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.20 (x64) (HKLM\...\{76FA02FF-603F-48BB-9E3F-17ED5DB861E8}) (Version: 48.83.63169 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.28 (x64) (HKLM\...\{7C4254A1-17EE-4840-B9D3-7CA9B34C75CD}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.11 (x64) (HKLM\...\{F59C11F0-D73F-452B-8D1D-8C33B82D8507}) (Version: 64.44.23191 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM-x32\...\{a699b48e-5748-4980-ad92-0b61b1d9d718}) (Version: 5.0.17.31213 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.20 (x64) (HKLM\...\{6CE8AD8C-E6D5-4BF7-91C3-7F8106A5CD93}) (Version: 48.83.63169 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.20 (x64) (HKLM-x32\...\{403b0cfe-5969-462d-8eb2-aafde344360e}) (Version: 6.0.20.32620 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.28 (x64) (HKLM\...\{4BCC5DFD-5D10-4ACC-AAA9-8A1578A9F0C6}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.11 (x64) (HKLM\...\{9C80213E-9079-4561-8D57-1FDD0D62251F}) (Version: 64.44.23191 - Microsoft Corporation) Hidden
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.18227.20162 - Microsoft Corporation)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.18227.20162 - Microsoft Corporation)
Microsoft 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.18227.20162 - Microsoft Corporation)
Microsoft 365 - it-it (HKLM\...\O365HomePremRetail - it-it) (Version: 16.0.18227.20162 - Microsoft Corporation)
Microsoft 365 - nl-nl (HKLM\...\O365HomePremRetail - nl-nl) (Version: 16.0.18227.20162 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 131.0.2903.112 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 131.0.2903.112 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-737299158-121734914-1222051215-1001\...\OneDriveSetup.exe) (Version: 24.226.1110.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 (HKLM-x32\...\{2d507699-404c-4c8b-a54a-38e352f32cdd}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 (HKLM-x32\...\{817e21c1-6b3a-4bc1-8c49-67e4e1887b3a}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 (HKLM\...\{38624EB5-356D-4B08-8357-C33D89A5C0C5}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 (HKLM\...\{C96241EA-9900-4FE8-85B3-1E238D509DF6}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326 (HKLM-x32\...\{A250E750-DB3F-40C1-8460-8EF77C7582DA}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326 (HKLM-x32\...\{46E11E7F-01E1-44D0-BB86-C67342D253DD}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.28 (x64) (HKLM\...\{443A7BE8-E5BE-4514-BDAB-0A872E3E846B}) (Version: 48.112.10435 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.28 (x64) (HKLM-x32\...\{bd3c5800-9256-43b9-97a7-eb349fc38d78}) (Version: 6.0.28.33420 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.11 (x64) (HKLM\...\{C0790AA0-0F40-4836-85B2-677B87625E63}) (Version: 64.44.23253 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.11 (x64) (HKLM-x32\...\{bd40e761-3e88-4202-9b53-26c6bed3d467}) (Version: 8.0.11.34221 - Microsoft Corporation)
Mindjet MindManager 9 (HKLM-x32\...\{483AEC7E-EA54-4433-B2BF-D75C33D2A488}) (Version: 9.2.504 - Mindjet)
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Graphics Driver 560.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 560.94 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18227.20082 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18227.20162 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.18227.20082 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.18227.20082 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0410-1000-0000000FF1CE}) (Version: 16.0.18227.20082 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0413-1000-0000000FF1CE}) (Version: 16.0.18227.20082 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
UXP WebView Support (HKLM-x32\...\UXPW_1_2_0) (Version: 1.2.0 - Adobe Inc.)
WebAdvisor by McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.995 - McAfee, LLC)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Zoom Workplace (HKU\S-1-5-21-737299158-121734914-1222051215-1001\...\ZoomUMX) (Version: 6.2.7 (49583) - Zoom Video Communications, Inc.)
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-12-10] ()
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_6.0.0.1_x86__enpm4xejd91yc [2024-05-31] (Adobe Systems Incorporated)
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt [2024-11-08] (INTEL CORP) [Startup Task]
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.5.5.0_x64__htrsf667h5kn2 [2024-12-10] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_5.3.0.0_x64__htrsf667h5kn2 [2024-10-30] (Dell Inc)
Dell Mobile Connect 3.3 -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0 [2021-09-19] (Screenovate Technologies) [Startup Task]
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_4.6.2.0_x64__htrsf667h5kn2 [2024-12-27] (Dell Inc)
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_5.2.64.0_x86__htrsf667h5kn2 [2024-02-24] (Dell Inc)
DellTypeCStatus -> C:\Program Files\WindowsApps\MSWP.DellTypeCStatus_4.2.2629.0_x64__9j0h69dmw0fzc [2022-10-20] (WISTRON CORPORATION) [Startup Task]
Dropbox -> C:\Program Files (x86)\Dropbox\Client\PackageAssets [2024-12-19] (Dropbox Inc.)
Facebook -> C:\Program Files\WindowsApps\FACEBOOK.FACEBOOK_2023.531.1.0_x64__8xx8rvfyw5nnt [2024-10-11] (Meta)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_156.1.1125.0_x64__v10z8vjag6ke6 [2024-10-18] (HP Inc.)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1041.0_x64__8j3eq9eme6ctt [2024-12-21] (INTEL CORP)
Killer Intelligence Center -> C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_3.1423.712.0_x64__rh07ty8m5nkag [2023-12-14] (INTEL CORP) [Startup Task]
Media Suite Essentials -> C:\Program Files\WindowsApps\DB6EA5DB.MediaSuiteEssentialsforDell_2.6.15823.0_x86__mcezb6ze687jp [2024-02-27] (CYBERLINK CORPORATION.)
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2412.12002.0_x64__8wekyb3d8bbwe [2024-12-31] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-14] (Microsoft Corp.)
My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_2.2.6.0_x64__htrsf667h5kn2 [2024-05-31] (Dell Inc)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.967.0_x64__56jybvy8sckqj [2024-12-24] (NVIDIA Corp.)
Partner Promo -> C:\Program Files\WindowsApps\DellInc.PartnerPromo_1.0.21.0_x64__htrsf667h5kn2 [2021-06-03] (Dell Inc)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-10-04] (Microsoft Corporation)
Power Media Player for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerMediaPlayerforDell_14.2.4925.0_x86__mcezb6ze687jp [2022-10-20] (CYBERLINK CORPORATION.)
Power2Go for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.Power2GoforDell_11.0.3920.0_x86__mcezb6ze687jp [2021-06-03] (CYBERLINK CORPORATION.) [Startup Task]
PowerDirector for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerDirectorforDell_15.0.4409.0_x64__mcezb6ze687jp [2021-06-03] (CYBERLINK CORPORATION.)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2024-01-25] (Adobe Systems Incorporated)
SpotifyAB.SpotifyMusic -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0 [2024-12-21] (Spotify AB) [Startup Task]
Waves MaxxAudio Pro for Dell 2020 -> C:\Program Files\WindowsApps\WavesAudio.MaxxAudioProforDell2020_3.0.98.0_x64__fh4rh281wavaa [2024-12-13] (Waves Audio)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2450.6.0_x64__cv1g1gvanyjgm [2024-12-20] (WhatsApp Inc.) [Startup Task]
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.311.2039.0_x64__8wekyb3d8bbwe [2024-11-13] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_6000.318.2304.0_x64__8wekyb3d8bbwe [2024-11-20] (Microsoft Corp.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-737299158-121734914-1222051215-1001_Classes\CLSID\{0BAD39CB-DD3E-4F21-9156-649B0156C28E}\localserver32 -> C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_c6bfc5767fc0181c\WavesSvc64.exe (Waves Inc -> Waves Audio Ltd.)
CustomCLSID: HKU\S-1-5-21-737299158-121734914-1222051215-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-737299158-121734914-1222051215-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-737299158-121734914-1222051215-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-737299158-121734914-1222051215-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Vince\Dropbox [2021-06-03 13:18]
CustomCLSID: HKU\S-1-5-21-737299158-121734914-1222051215-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-07-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-07-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-07-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_150d5bd6c9d549f0\OptaneShellExt.dll [2021-08-26] (Intel Corporation -> )
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-07-24] (Adobe Inc. -> )
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-01-03] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_150d5bd6c9d549f0\OptaneShellExt.dll [2021-08-26] (Intel Corporation -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.77.0.dll [2024-10-29] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvdd.inf_amd64_ae9e06a36785768d\nvshext.dll [2024-10-30] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-07-24] (Adobe Inc. -> )
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-01-03] (Malwarebytes Inc. -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2022-07-20] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-12-14] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: CmjBrowserHelperObject Object -> {6FE6A929-59D1-4763-91AD-29B61CFFB35B} -> C:\Program Files (x86)\Mindjet\MindManager 9\Mm8InternetExplorer.dll [2011-02-11] (Mindjet -> Mindjet)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2022-07-20] (McAfee, LLC -> McAfee, LLC)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-12-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-12-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-12-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-12-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-12-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-12-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-12-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-12-14] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-737299158-121734914-1222051215-1001\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 09:14 - 2019-12-07 09:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-737299158-121734914-1222051215-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Vince\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\razorbills.png
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: Killer(R) Wi-Fi 6 AX1650i 160MHz Wireless Network Adapter (201NGW) -> Netwtw10.sys
Bluetooth Network Connection: Bluetooth Device (Personal Area Network) -> bthpan.sys
Ethernet: Killer E2600 Gigabit Ethernet Controller -> e2kw10x64.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "MMReminderService"
HKU\S-1-5-21-737299158-121734914-1222051215-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{394B7412-DDFF-4D28-899A-D7DB8B683659}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{337E6E10-7F7C-42D8-BD18-CBAD2786CE78}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1F92623F-D604-4183-A62E-2E62424F42C0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B36A78F7-DA1E-4754-809F-130C3408FEF8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0BFBDABD-6B11-45FC-B4E9-0CF9BFD876DD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A7D06DC5-2FEA-4124-92EC-EA4CDDE00470}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{23F77218-A800-43FA-BC4C-2DE887E6851A}] => (Allow) C:\Users\Vince\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{01603AD6-01B5-4574-981D-EF6A07708263}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (6B081F61-C764-4F21-995F-B463D0640577 -> Screenovate Technologies Ltd.)
FirewallRules: [{246606F6-8C4D-4FAD-89B4-A581D0DB0B03}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (6B081F61-C764-4F21-995F-B463D0640577 -> Screenovate Technologies Ltd.)
FirewallRules: [{377BF4FA-B27B-40CC-8594-7968C7C68B99}] => (Allow) C:\Users\Vince\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{8FEE609C-04DD-424A-867D-5CC9CA6B45FC}] => (Allow) C:\Users\Vince\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{50693F2F-3656-40BD-917F-BA75CF9E7487}] => (Allow) C:\Users\Vince\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{ECA7C0D8-8CCF-4B50-BC30-A2D2224C6F52}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{335E59BD-B42E-4D78-9ED6-88D646A3FBF4}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24334.1103.3302.5694_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F9EAE8CC-E58F-4B19-B871-092120535F76}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24334.1103.3302.5694_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{ED02CBAB-55D1-4B74-B0CB-AD81D4786C27}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3F02357F-0D02-4CC0-8F14-2DD17ACBD21C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3ABC88B4-7C53-4C40-9C06-98000960E025}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9835C5CE-506B-4C57-8D01-C3E1A686FD3E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{158576C7-C744-41D8-B9FE-98A830A1C44E}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{320FC06B-0408-4D51-B46B-437021F87785}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{891591E3-0DE5-4B95-864C-2837C3C4E43A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E101DC44-5852-4339-A19C-1A5631C0DCC4}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.112\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CDC728E4-A775-4467-86F5-61FD62C8289B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{26870E72-6FCE-4118-B9DB-B608E5134AF0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B791BD2F-F11F-49AD-821F-702E6FF158E1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{CC0AD1DC-FA13-48E5-9525-7BFB0FF30E01}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EFE25566-D3E5-4112-A6A0-A9BF23004F4E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F4EECE57-21AC-40AB-A6F9-FF115D52DE0A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{40ED935E-E154-40AB-995D-9F05A59DD9A5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D1EFCE3C-221B-4F1B-A196-DC62183D6F99}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F4FD955C-0418-4A68-92F2-FFBDE4537BBF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EDBA7764-A4DF-4B8F-B77A-F8B033560CAF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
==================== Restore Points =========================
27-12-2024 13:04:32 Dell SupportAssist OS Recovery Plugin for Dell Update
31-12-2024 12:59:35 Windows Update
04-01-2025 11:06:59 AdwCleaner_BeforeCleaning_04/01/2025_11:06:59
04-01-2025 11:09:49 AdwCleaner_BeforeCleaning_04/01/2025_11:09:49
04-01-2025 11:20:52 Restore Point Created by FRST
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/04/2025 11:27:52 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
Error: (01/04/2025 11:27:52 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
Error: (01/04/2025 11:27:52 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
Error: (01/04/2025 11:27:52 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
Error: (01/04/2025 11:27:50 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
Error: (01/04/2025 11:26:13 AM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Faulting application name: Dell.CoreServices.Client.exe, version: 1.5.20.3, time stamp: 0x65a80000
Faulting module name: KERNELBASE.dll, version: 10.0.22621.4541, time stamp: 0x8ca6fab8
Exception code: 0xe0434352
Fault offset: 0x000000000005fb4c
Faulting process id: 0x0x3760
Faulting application start time: 0x0x1db5e9ac1d1ca68
Faulting application path: C:\Program Files\Dell\TechHub\Dell.CoreServices.Client.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 1422a8e5-0c06-4a74-a3a2-6d0e9654f0ac
Faulting package full name:
Faulting package-relative application ID:
Error: (01/04/2025 11:20:52 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied..This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {6943b90a-5ff8-4365-ba31-18e83236dea4}
Error: (01/04/2025 11:11:48 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
System errors:
=============
Error: (01/04/2025 11:28:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Dell SupportAssist service failed to start due to the following error:
The system cannot find the file specified.
Error: (01/04/2025 11:28:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Dell SupportAssist Remediation service failed to start due to the following error:
The system cannot find the file specified.
Error: (01/04/2025 11:26:13 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\WINDOWS\system32\IntelIHVRouter10.dll
Error: (01/04/2025 11:26:13 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\WINDOWS\system32\IntelIHVRouter10.dll
Error: (01/04/2025 11:21:01 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Dell Data Vault Collector service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
Error: (01/04/2025 11:21:01 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The WMI Performance Adapter service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
Error: (01/04/2025 11:21:01 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Dell Data Vault Service API service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
Error: (01/04/2025 11:21:01 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Dell Digital Delivery Services service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
Windows Defender:
================
Date: 2025-01-03 12:36:32
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-01-02 12:29:31
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-01-01 15:17:00
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-12-31 12:59:20
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-12-30 12:31:56
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]
Date: 2024-02-24 22:17:15
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence and will attempt to revert to a previous version.
Security intelligence Attempted: Current
Error Code: 0x80501102
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.
Security intelligence Version: 1.405.529.0;1.405.529.0
Engine Version: 1.1.24010.10
Date: 2024-01-24 22:21:01
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence and will attempt to revert to a previous version.
Security intelligence Attempted: Current
Error Code: 0x80501102
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.
Security intelligence Version: 1.403.2631.0;1.403.2631.0
Engine Version: 1.1.23110.2
Date: 2023-12-14 22:15:58
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence and will attempt to revert to a previous version.
Security intelligence Attempted: Current
Error Code: 0x80501102
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.
Security intelligence Version: 1.403.479.0;1.403.479.0
Engine Version: 1.1.23110.2
Date: 2023-09-13 10:13:17
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.397.844.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.23080.2005
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2023-07-09 08:37:18
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.391.3829.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.23050.3
Error code: 0x80072f8f
Error description: A security error occurred
CodeIntegrity:
===============
Date: 2025-01-04 12:28:02
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbamsi32.dll that did not meet the Microsoft signing level requirements.
Date: 2025-01-04 12:08:28
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.
Date: 2025-01-04 11:33:50
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.
Date: 2025-01-04 11:29:24
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_c20ce9ae4ce56285\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2025-01-04 11:27:49
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Dropbox\Client\Dropbox.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Dropbox\Client\214.4.5217\vulkan-1.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. 2.10.0 09/14/2022
Motherboard: Dell Inc. 0427JK
Processor: 11th Gen Intel(R) Core(TM) i7-11700K @ 3.60GHz
Percentage of memory in use: 48%
Total physical RAM: 15985.25 MB
Available physical RAM: 8236.52 MB
Total Virtual: 18161.25 MB
Available Virtual: 8231.18 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:931.36 GB) (Free:737.69 GB) (Model: NVMe Micron 2300 NVMe 1024GB) NTFS
Drive d: (DATA) (Fixed) (Total:1862.89 GB) (Free:1330.67 GB) (Model: ST2000DM008-2FR102) NTFS
Drive f: (DATA Mirror) (Fixed) (Total:1863.01 GB) (Free:520.42 GB) (Model: ST2000DL001-9VT156) NTFS
\\?\Volume{c4b27e7d-70c8-4006-91db-60df3a2c3fe4}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.13 GB) NTFS
\\?\Volume{4f64e8f2-ccce-4436-a3b9-506c2f826af0}\ (Image) (Fixed) (Total:19.84 GB) (Free:0.15 GB) NTFS
\\?\Volume{bbdbb0ba-8242-4263-8488-72fc6a0fae5f}\ (DELLSUPPORT) (Fixed) (Total:1.41 GB) (Free:0.36 GB) NTFS
\\?\Volume{db1394aa-2ac1-499f-bfa9-cd8d75abd2aa}\ (ESP) (Fixed) (Total:0.14 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 8D1D7866)
Partition: GPT.
==========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 454C59B6)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (Size: 953.9 GB) (Disk ID: 8D1D7887)
Partition: GPT.
==================== End of Addition.txt =======================
- Mar 9, 2017
- 636
Uninstall WebAdvisor by McAfee using the following instruction:
https://www.mcafee.com/support/s/article/000001616?language=en_US
or
Тhe reason is..:
When McAfee WebAdvisor updates, it verifies whether your web browser’s default search engine is set and powered to Secure Search by Yahoo. If your browser uses a different search engine, like Google, McAfee WebAdvisor changes it to the Yahoo search engine if you’ve enabled Secure Search.
In your next reply, please include:
https://www.mcafee.com/support/s/article/000001616?language=en_US
or
- Download the Revo Uninstaller Free and save it on your Desktop.
- Double click on the exe file created on your Desktop to run the installer, and follow the instructions to install the program.
- Double click the program's icon to open it.
- Write in the search area, on the top left, the following program:
Code:
WebAdvisor by McAfee- Choose the Uninstall tab from the menu and let the program to create a Restore point.
- Choose Scan, and then the Advanced mode scan.
- Select all the Online Services items found, Delete and Next.
- Let the procedure be completed and click on Finish.
- Restart the computer.
Тhe reason is..:
When McAfee WebAdvisor updates, it verifies whether your web browser’s default search engine is set and powered to Secure Search by Yahoo. If your browser uses a different search engine, like Google, McAfee WebAdvisor changes it to the Yahoo search engine if you’ve enabled Secure Search.
- Right click on FRST and select Run as administrator
- Copy/paste the following in the Search: box
Code:
Searchall: McAfee,McAfee WebAdvisor- Click Search Files button
- When completed click OK and a Search.txt document will open on your desktop
- Аttach the report in your reply. If the file is too large zip and upload it here.
In your next reply, please include:
- Search report
- Jan 3, 2025
- 17
I've uninstalled it and run the search - result below. Yahoo still shows, but presumably I need to reset / reboot?
Farbar Recovery Scan Tool (x64) Version: 04-01-2025
Ran by Vince (04-01-2025 16:50:16)
Running from C:\Users\Vince\OneDrive\Desktop
Boot Mode: Normal
================== Search Files: "Searchall: McAfee,McAfee WebAdvisor" =============
File:
========
Folder:
========
Registry:
========
====== End of Search ======
Farbar Recovery Scan Tool (x64) Version: 04-01-2025
Ran by Vince (04-01-2025 16:50:16)
Running from C:\Users\Vince\OneDrive\Desktop
Boot Mode: Normal
================== Search Files: "Searchall: McAfee,McAfee WebAdvisor" =============
File:
========
Folder:
========
Registry:
========
====== End of Search ======
- Mar 9, 2017
- 636
- Mar 9, 2017
- 636
Next ....:
Farbar Recovery Scan Tool - Fix
NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system that cannot be undone
Please download the attached file to the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.
Run FRST and click Fix only once and wait.
The Computer will restart when the fix is completed.
It will create a log (Fixlog.txt) please post it to your reply.
In your next reply, please include:
Farbar Recovery Scan Tool - Fix
NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system that cannot be undone
Please download the attached file to the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.
Run FRST and click Fix only once and wait.
The Computer will restart when the fix is completed.
It will create a log (Fixlog.txt) please post it to your reply.
- Right click on FRST and select Run as administrator
- Copy/paste the following in the Search: box
Code:
Searchall:McAfee;McAfee WebAdvisor- Click Search Files button
- When completed click OK and a Search.txt document will open on your desktop
- Аttach the report in your reply. If the file is too large zip and upload it here.
In your next reply, please include:
- Fixlog.txt
- Search report
Last edited:
- Mar 9, 2017
- 636
The following will remove the tools we used as well as reset system restore points:
KpRm by Kernel-panik
Due to lack of activity, this topic is now closed. You requested help but did not respond to follow-up questions or instructions within three days and your topic has been moved here.
If you still need help, open a new topic, and wait for a new helper.
KpRm by Kernel-panik
- Download KpRm and save it to your Desktop (see here if you must use Chrome)
- Note: If the file is detected as malware it is not and it is safe to download. The detection is a false positive.
- Right click on the icon and select Run as administrator
- Click Yes on the Disclaimer
- Place a check mark in Delete Tools, Create Restore Point, and Delete in 7 days
- Click Run
- Click OK on All operations are completed
- KpRm will delete itself from you Desktop and you can either save or remove the report that is generated
- You are free to remove any other tools/reports still remaining
- Please copy and paste its contents in your next reply.
Due to lack of activity, this topic is now closed. You requested help but did not respond to follow-up questions or instructions within three days and your topic has been moved here.
If you still need help, open a new topic, and wait for a new helper.
- Status
Similar threads
- Locked
