This topic is locked
As of late, it seems that I've had some issues, especially with buffering, jitteriness of media files and VERY noticeable in Facebook.
Normally I am the only user, but I have let my kid use my laptop to prep for school and research universities... He's a bit of a gamer so I don't know if he messed with some settings.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-01-2025
Ran by butle (administrator) on JSBUTLER (HP HP Laptop 15-fd0xxx) (22-01-2025 22:56:47)
Running from C:\Users\butle\OneDrive\Desktop\FRST64.exe
Loaded Profiles: butle
Platform: Microsoft Windows 11 Home Version 24H2 26100.2894 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\AI\ai.exe
(C:\Program Files\Norton\Suite\NortonSvc.exe ->) (NortonLifeLock Inc. -> Gen Digital Inc.) C:\Program Files\Norton\Suite\aswEngSrv.exe
(C:\Program Files\Norton\Suite\VpnSvc.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton\Suite\WireGuard\wireguardtun.exe
(C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.1.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityBackground.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.1.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(C:\Program Files\WindowsApps\Microsoft.YourPhone_1.24112.110.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.24112.110.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.34401.20.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.112\msedgewebview2.exe <7>
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\NetworkCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\BridgeCommunication.exe <24>
(DriverStore\FileRepository\ipf_cpu.inf_amd64_fe2967a6eb0d3a7d\ipf_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_fe2967a6eb0d3a7d\ipf_helper.exe
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.1.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityBackground.exe
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2412.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe
(explorer.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP OfficeJet Pro 8720\Bin\ScanToPCActivationApp.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <25>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE
(NortonLifeLock Inc. -> Gen Digital Inc.) C:\Program Files\Norton\Suite\NortonUI.exe <4>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_1c5e940d4ffae802\RtkAudUService64.exe <2>
(SECOMN64.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOCL64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (FOR TESTING ONLY - IPF_PreProd_Cert -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dtt_sw.inf_amd64_683097297aaa9bb4\ipfsvc.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Common Files\Foxit\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_7dcf4ebd9d1b4772\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\SysInfoCap.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_8660e4d6e8832471\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_64dc54263337697d\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_fe2967a6eb0d3a7d\ipf_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_f1ee27a36959d31b\AS\IAS\IntelAudioService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncHelper.exe
(services.exe ->) (NortonLifeLock Inc. -> Gen Digital Inc.) C:\Program Files\Norton\Suite\afwServ.exe
(services.exe ->) (NortonLifeLock Inc. -> Gen Digital Inc.) C:\Program Files\Norton\Suite\AvDump.exe
(services.exe ->) (NortonLifeLock Inc. -> Gen Digital Inc.) C:\Program Files\Norton\Suite\nllToolsSvc.exe
(services.exe ->) (NortonLifeLock Inc. -> Gen Digital Inc.) C:\Program Files\Norton\Suite\NortonSvc.exe
(services.exe ->) (NortonLifeLock Inc. -> Gen Digital Inc.) C:\Program Files\Norton\Suite\VpnSvc.exe
(services.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton\Suite\aswidsagent.exe
(services.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton\Suite\wsc_proxy.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_e267cb29cfb4eaa6\RtkAudUService64.exe
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(services.exe ->) (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Program Files\Common Files\Zoom\Support\CptService.exe
(sihost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> DesktopExtension) C:\Program Files\WindowsApps\AD2F1837.myHP_39.52446.140.0_x64__v10z8vjag6ke6\win32\DesktopExtension.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24112.22.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2450.6.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> ) C:\Program Files\WindowsApps\AD2F1837.myHP_39.52446.140.0_x64__v10z8vjag6ke6\HP.myHP.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP OfficeJet Pro 8720\Bin\HPNetworkCommunicatorCom.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\Overlay\OverlayHelper.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\SystemOptimizer\SystemOptimizer.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.21.11061.0_x64__8wekyb3d8bbwe\Solitaire.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2412.1001.22.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_e267cb29cfb4eaa6\RtkAudUService64.exe [2377704 2024-12-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [NortonUI.exe] => C:\Program Files\Norton\Suite\AvLaunch.exe [429160 2024-12-27] (NortonLifeLock Inc. -> Gen Digital Inc.)
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.146\Installer\setup.exe [6871608 2025-01-12] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [539152 2024-04-24] (HP Inc. -> HP Inc.)
HKU\S-1-5-19\...\RunOnce: [OMENCC_InstallationBooster] => C:\system.sav\util\OMENCC_InstallationBooster.exe [16424 2020-03-07] (HP Inc. -> )
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [5006904 2025-01-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [539152 2024-04-24] (HP Inc. -> HP Inc.)
HKU\S-1-5-20\...\RunOnce: [OMENCC_InstallationBooster] => C:\system.sav\util\OMENCC_InstallationBooster.exe [16424 2020-03-07] (HP Inc. -> )
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [5006904 2025-01-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3839441441-1830215674-2231628907-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [539152 2024-04-24] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-3839441441-1830215674-2231628907-1001\...\Run: [MicrosoftEdgeAutoLaunch_90A1141CF9F6BC9FF7F1F056C715D384] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3923496 2025-01-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3839441441-1830215674-2231628907-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [5006904 2025-01-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3839441441-1830215674-2231628907-1001\...\Run: [HP OfficeJet Pro 8720 (NET)] => C:\Program Files\HP\HP OfficeJet Pro 8720\Bin\ScanToPCActivationApp.exe [3770528 2021-11-15] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-3839441441-1830215674-2231628907-1001\...\Run: [utweb] => "C:\Users\butle\AppData\Roaming\uTorrent Web\utweb.exe" /MINIMIZED (No File)
HKU\S-1-5-21-3839441441-1830215674-2231628907-1001\...\Run: [CanvaAutoLaunchAvailabilityCheckAgent] => C:\Users\butle\AppData\Local\Programs\Canva\Canva.exe [186736848 2024-12-24] (Canva -> Canva Pty Ltd)
HKU\S-1-5-21-3839441441-1830215674-2231628907-1001\...\RunOnce: [zoommsirepair] => C:\Program Files\Zoom\bin\installer.exe [1099064 2025-01-15] (Zoom Video Communications, Inc. -> Zoom Communications, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\132.0.6834.110\Installer\chrmstp.exe [2025-01-22] (Google LLC -> Google LLC)
BootExecute: autocheck autochk * nllBoot.exe /A:"C:" /A:"* STARTUP" /L:"1033" /heur:80 /RA:fix /pup /archives /IA:0 /KBD:2 /dir:"C:\Program Files\Norton\Suite"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {06F7D64E-D7FC-4B23-9DB2-0200C82FD9E6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1574856 2024-09-25] (Adobe Inc. -> Adobe Inc.)
Task: {E6E01960-1464-4270-9F21-86F0888690AB} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{9B0F0436-7D30-481B-81E9-F64B00065408} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {504A0168-98E6-4BF4-AD75-9A1DBB8CEF67} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [1003528 2024-12-17] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\HP\HP Support Framework\\/show
Task: {1F3BB440-2F81-4409-9E4E-BFA2A30DC1CB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [479984 2024-12-17] (HP Inc. -> HP Inc.)
Task: {735B0245-AD62-4D51-8DA9-287E6C934913} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPPrinterLowInk => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPPrinterLowInk\HPPrinterLowInk.exe [231944 2024-12-17] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\HP\HP Support Framework\\/show
Task: {DD3CB623-794A-4FC1-A395-8E4606DB0365} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1170440 2024-12-17] (HP Inc. -> HP Inc.)
Task: {CBE8E904-265C-429A-8793-2F96B24B8047} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN889C61SP => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1170440 2024-12-17] (HP Inc. -> HP Inc.)
Task: {E4650971-6B69-44FB-AEFD-256F3D5D8FBD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1170440 2024-12-17] (HP Inc. -> HP Inc.)
Task: {3D15A1E2-04F9-424C-A375-921671C30A91} - System32\Tasks\HP\Consent Manager Launcher => C:\WINDOWS\system32\sc.exe [102400 2024-12-15] (Microsoft Windows -> Microsoft Corporation) -> start hptouchpointanalyticsservice
Task: {9DC6D36A-958D-4FBF-AC06-A1759C70FF87} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64976 2024-10-21] (HP Inc. -> HP Inc.)
Task: {F0F1AD01-638E-49CA-A99B-00D9DD530431} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64976 2024-10-21] (HP Inc. -> HP Inc.)
Task: {4E7981C2-65C9-44E5-95BA-240CF5358294} - System32\Tasks\HP\HP PSDr\HP PSDr Printer Health Monitor => C:\Program Files (x86)\HP\HP Support Framework\Modules\PSDR\HPPSDrPrinterHealthMonitor.exe [67592 2024-12-17] (HP Inc. -> HP Inc.)
Task: {5A7D5531-0206-4F3F-B37F-BFF1D67E637B} - System32\Tasks\HP\HP Support Assistant\sp150974.exe => C:\ProgramData\HP\HP Support Framework\Softpaq\14828\sp150974.exe [59530112 2024-02-28] (HP Inc. -> HP Inc.) -> C:\ProgramData\HP\HP Support Framework\Softpaq\14828\/s /e cmd.exe /a /c ""setup.exe" /L1033 /s /v/qn"
Task: {1CC1E484-1952-4C4A-826D-E2836681F0FD} - System32\Tasks\Microsoft\Office\Office Apps Prewarm => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {3500B34D-E5D7-460B-A400-DBE592E15CCC} - System32\Tasks\Microsoft\Office\Office Apps Prewarm Recurring => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {7513767F-0FA8-44E4-8770-1456C374D61E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28751032 2025-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {2F1FDF63-22D9-4576-B5CC-F30CEAFDEAD8} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\opushutil.exe [67248 2025-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {7EE91301-EDFB-4D24-9BB6-7507CC14D1BD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28751032 2025-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {862D9348-C11C-45CB-B4CA-6E0D5E5422D8} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {FAE10835-D816-49CC-A143-4ACCC81C6461} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {C76F254F-1D2C-4AE0-BDE3-3E2F3CEF63D5} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [194672 2025-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {E7FB2588-70EE-4466-96BC-21C879B71107} - System32\Tasks\Norton\Norton 360 Patcher => C:\Program Files\Common Files\Norton\Icarus\norton-suite\icarus.exe [8661096 2024-12-16] (NortonLifeLock Inc. -> Gen Digital Inc.)
Task: {5E6E35D3-2FD4-46FE-8424-C64E3F06B0BC} - System32\Tasks\Norton\Norton VPN Bug Report => C:\Program Files\Norton\Suite\AvBugReport.exe [5998184 2024-12-27] (NortonLifeLock Inc. -> Gen Digital Inc.) -> --send "dumps|report" --silent --product 187 --programpath "C:\Program Files\Norton\Suite" --configpath "C:\ProgramData\Norton\VPN" --path "C:\ProgramData\Norton\VPN\log" --path "C:\ProgramData\Norton\Icarus\Logs" --logpath "C:\ProgramData\Norton\VPN\log" --guid 4784b46d-a844-4a52-b7e5-f067bc5f71c6
Task: {7E1AFFB1-6B19-4771-ADA0-3DF8CF2032DD} - System32\Tasks\Norton\Overseer => C:\Program Files\Common Files\Norton\Overseer\overseer.exe [2566760 2024-12-27] (NortonLifeLock Inc. -> Gen Digital Inc.)
Task: {31D8E8B1-79D0-4A02-94C7-DBE62B7B0338} - System32\Tasks\Norton\Suite Emergency Update => C:\Program Files\Norton\Suite\AvEmUpdate.exe [5215848 2024-12-27] (NortonLifeLock Inc. -> Gen Digital Inc.)
Task: {FA3FB144-7DC5-4580-93B8-7975B12402C4} - System32\Tasks\OmenInstallMonitor => C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe [71632 2024-12-20] (HP Inc. -> HP Inc.)
Task: {CF1ADE0A-66E7-4315-B583-B548CF0A4606} - System32\Tasks\OmenInstallMonitorCustomEvent => C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe [71632 2024-12-20] (HP Inc. -> HP Inc.)
Task: {91FA9D85-B9B8-42CB-820E-0C1CDEB13EC9} - System32\Tasks\OmenOverlay => C:\Program Files\HP\Overlay\OverlayHelper.exe [67024 2024-12-20] (HP Inc. -> HP Inc.)
Task: {4FF955C6-BE61-4C76-80F6-1C739B50EA62} - System32\Tasks\OmenOverlayCustomEvent => C:\Program Files\HP\Overlay\OverlayHelper.exe [67024 2024-12-20] (HP Inc. -> HP Inc.)
Task: {2A32E030-85A1-4CFB-88BA-CBAA7DA37C27} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222504 2025-01-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {24495607-E784-4573-ADE0-FB7939ABD38A} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3839441441-1830215674-2231628907-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222504 2025-01-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {22EF9474-060C-4674-84CE-5772C0693D42} - System32\Tasks\SystemOptimizer => C:\Program Files\HP\SystemOptimizer\SystemOptimizer.exe [157648 2024-12-20] (HP Inc. -> HP Inc.)
Task: {6F2FAC8F-DFD5-4E7E-83E3-7E1925B1409D} - System32\Tasks\SystemOptimizerCustomEvent => C:\Program Files\HP\SystemOptimizer\SystemOptimizer.exe [157648 2024-12-20] (HP Inc. -> HP Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{47656e44-6967-6957-4775-6172644e4c4c}: [NameServer] 10.252.0.0
Tcpip\..\Interfaces\{842a06a4-19ce-4f28-8c61-44ca6f7ea625}: [NameServer] 10.10.0.1
Tcpip\..\Interfaces\{c22eadae-f74f-442b-bbf0-2c66bcae4eb2}: [DhcpNameServer] 192.168.1.254
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\butle\AppData\Local\Microsoft\Edge\User Data\Default [2025-01-23]
Edge Notifications: Default -> hxxps://calendar.google.com; hxxps://www.facebook.com
Edge HomePage: Default -> hxxps://www.google.ca/webhp?authuser=2
Edge StartupUrls: Default -> "hxxps://www.google.ca/"
Edge DefaultSearchURL: Default -> hxxps://nortonsafe.search.ask.com/web?omnisearch=yes&q={searchTerms}
Edge DefaultSearchKeyword: Default -> nortonsafe
Edge DefaultSuggestURL: Default -> hxxps://ss-sym.search.ask.com/ss?limit=10&li=ff&hl=en&q={searchTerms}
Edge Extension: (Norton Safe Web) - C:\Users\butle\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bdaafgjhhjkdplpffldcncdignokfkbo [2025-01-07]
Edge Extension: (Google Docs Offline) - C:\Users\butle\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-23]
Edge Extension: (Norton Safe Search) - C:\Users\butle\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ikkagnliefbhcdgnnhfidhhbocdhkdeb [2025-01-15]
Edge Extension: (Edge relevant text changes) - C:\Users\butle\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-12-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-12-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-12-05] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-12-05] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-12-05] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-12-05] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-12-05] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-12-16] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\butle\AppData\Local\Google\Chrome\User Data\Default [2024-12-30]
CHR Extension: (Google Docs Offline) - C:\Users\butle\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\butle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-11-24]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-09-25] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13617896 2025-01-09] (Microsoft Corporation -> Microsoft Corporation)
R2 dptftcs; C:\WINDOWS\System32\DriverStore\FileRepository\dtt_sw.inf_amd64_683097297aaa9bb4\ipfsvc.exe [562040 2024-05-24] (FOR TESTING ONLY - IPF_PreProd_Cert -> Intel Corporation)
R3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncHelper.exe [3530280 2025-01-16] (Microsoft Corporation -> Microsoft Corporation)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Common Files\Foxit\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe [2500072 2024-11-26] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
S3 GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [220464 2023-04-10] (Gamigo Inc. -> )
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [475680 2023-04-14] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\AppHelperCap.exe [887904 2024-12-10] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\DiagsCap.exe [886392 2024-12-10] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\NetworkCap.exe [882296 2024-12-10] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243664 2024-10-21] (HP Inc. -> HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1d34c425fe5300d\x64\SysInfoCap.exe [887392 2024-12-10] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_7dcf4ebd9d1b4772\x64\TouchpointAnalyticsClientService.exe [569008 2024-05-08] (HP Inc. -> HP Inc.)
S2 Intel® Platform License Manager Service; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_fc84dfa25a6a7727\lib\PlatformLicenseManagerService.exe [741488 2023-12-14] (Intel Corporation -> Intel® Corporation)
R2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_f1ee27a36959d31b\AS\IAS\IntelAudioService.exe [532944 2024-10-16] (Intel Corporation -> Intel)
R2 ipfsvc; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_fe2967a6eb0d3a7d\ipf_uf.exe [3084992 2024-05-21] (Intel Corporation -> Intel Corporation)
R3 nllbIDSAgent; C:\Program Files\Norton\Suite\aswidsagent.exe [7641704 2024-12-27] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R2 Norton Antivirus; C:\Program Files\Norton\Suite\NortonSvc.exe [779880 2024-12-27] (NortonLifeLock Inc. -> Gen Digital Inc.)
R2 Norton Firewall; C:\Program Files\Norton\Suite\afwServ.exe [2376296 2024-12-27] (NortonLifeLock Inc. -> Gen Digital Inc.)
R2 Norton Tools; C:\Program Files\Norton\Suite\nllToolsSvc.exe [1230952 2024-12-27] (NortonLifeLock Inc. -> Gen Digital Inc.)
R2 nortonAvDumper64; C:\Program Files\Norton\Suite\AvDump.exe [3498088 2024-12-27] (NortonLifeLock Inc. -> Gen Digital Inc.)
R2 NortonVpn; C:\Program Files\Norton\Suite\VpnSvc.exe [12924008 2024-12-27] (NortonLifeLock Inc. -> Gen Digital Inc.)
R2 NortonWscReporter; C:\Program Files\Norton\Suite\wsc_proxy.exe [76552 2024-12-27] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.244.1204.0003\OneDriveUpdaterService.exe [3876392 2025-01-16] (Microsoft Corporation -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe [3199648 2024-05-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe [133576 2024-05-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZoomCptService; "C:\Program Files\Common Files\Zoom\Support\CptService.exe" -user_path "C:\Users\butle\AppData\Roaming\Zoom"
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [222528 2024-12-15] (Microsoft Windows -> Microsoft Corporation)
S3 GSCx64; C:\WINDOWS\System32\DriverStore\FileRepository\gscheci.inf_amd64_b9e8b3b7b7afc367\TeeDriverGSCW8x64.sys [279088 2023-06-26] (Intel Corporation -> Intel Corporation)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1421dec2010cc057\x64\hpcustomcapdriver.sys [18984 2024-05-07] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.)
R2 HpReadHWData; C:\WINDOWS\system32\drivers\HpReadHWData.sys [57952 2024-12-20] (HP Inc. -> Windows ® Win 7 DDK provider)
R3 iaLPSS2_GPIO2_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_6f8ae740d22247ce\iaLPSS2_GPIO2_ADL.sys [141288 2024-05-16] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_adl.inf_amd64_563fbcd35feb69a6\iaLPSS2_I2C_ADL.sys [211432 2024-05-16] (Intel Corporation -> Intel Corporation)
S3 iaLPSS2_SPI_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_spi_adl.inf_amd64_334c460fea9b11a4\iaLPSS2_SPI_ADL.sys [171608 2022-12-14] (Intel Corporation -> Intel Corporation)
S3 iaLPSS2_UART2_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_uart2_adl.inf_amd64_43d5df63d19fde70\iaLPSS2_UART2_ADL.sys [329320 2022-12-14] (Intel Corporation -> Intel Corporation)
R3 IntelGNA; C:\WINDOWS\System32\DriverStore\FileRepository\gna.inf_amd64_8e2f374849f1eba9\gna.sys [90208 2024-01-12] (Intel Corporation -> Intel Corporation)
R3 ipf_acpi; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_acpi.inf_amd64_c4581e5c36b81f6c\ipf_acpi.sys [88656 2024-05-21] (Intel Corporation -> Intel Corporation)
R3 ipf_cpu; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_fe2967a6eb0d3a7d\ipf_cpu.sys [88144 2024-05-21] (Intel Corporation -> Intel Corporation)
R3 ipf_lf; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_fe2967a6eb0d3a7d\ipf_lf.sys [499392 2024-05-21] (Intel Corporation -> Intel Corporation)
S2 l1vhlwf; C:\WINDOWS\System32\drivers\l1vhlwf.sys [140728 2024-12-15] (Microsoft Windows -> Microsoft Corporation)
R0 nllArDisk; C:\WINDOWS\System32\drivers\nllArDisk.sys [20560 2024-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 nllArPot; C:\WINDOWS\System32\drivers\nllArPot.sys [235088 2024-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 nllbidsdriver; C:\WINDOWS\System32\drivers\nllbidsdriver.sys [383056 2025-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 nllbidsh; C:\WINDOWS\System32\drivers\nllbidsh.sys [296016 2024-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 nllbuniv; C:\WINDOWS\System32\drivers\nllbuniv.sys [84560 2024-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 nllElam; C:\WINDOWS\System32\drivers\nllElam.sys [28280 2024-12-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 nllKbd; C:\WINDOWS\System32\drivers\nllKbd.sys [28728 2024-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 nllMonFlt; C:\WINDOWS\System32\drivers\nllMonFlt.sys [275024 2024-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 nllNetHub; C:\WINDOWS\System32\drivers\nllNetHub.sys [550992 2024-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 nllRdr; C:\WINDOWS\System32\drivers\nllRdr2.sys [98360 2024-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 nllRvrt; C:\WINDOWS\System32\drivers\nllRvrt.sys [69712 2024-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 nllSnx; C:\WINDOWS\System32\drivers\nllSnx.sys [955960 2024-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 nllSP; C:\WINDOWS\System32\drivers\nllSP.sys [1424952 2024-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 nllStm; C:\WINDOWS\System32\drivers\nllStm.sys [204344 2024-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 nllVmm; C:\WINDOWS\System32\drivers\nllVmm.sys [381488 2024-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 nllVpnRdr; C:\WINDOWS\System32\drivers\nllVpnRdr.sys [80504 2024-12-27] (Microsoft Windows Hardware Compatibility Publisher -> NortonLifelock Inc.)
R3 nllWintun; C:\WINDOWS\System32\drivers\nllWintun.sys [40640 2024-12-27] (Microsoft Windows Hardware Compatibility Publisher -> NortonLifeLock Inc.)
R3 nllWireGuard; C:\WINDOWS\System32\drivers\nllWireguard.sys [174680 2024-12-27] (Microsoft Windows Hardware Compatibility Publisher -> NortonLifeLock Inc.)
R3 RtkBtFilter2; C:\WINDOWS\System32\drivers\RtkBtFilter2.sys [176608 2024-09-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [98304 2024-12-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [20936 2024-05-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [601376 2024-05-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105760 2024-05-05] (Microsoft Windows -> Microsoft Corporation)
S3 WSDPrintDevice; C:\WINDOWS\System32\DriverStore\FileRepository\wsdprint.inf_amd64_1f9e32519098c0b6\WSDPrint.sys [57344 2024-12-15] (Microsoft Windows -> Microsoft Corporation)
S3 WSDScan; C:\WINDOWS\System32\DriverStore\FileRepository\sti.inf_amd64_971c769b103df369\WSDScan.sys [61440 2024-12-15] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-01-22 22:56 - 2025-01-22 22:57 - 000037905 _____ C:\Users\butle\OneDrive\Desktop\FRST.txt
2025-01-22 22:53 - 2025-01-22 22:57 - 000000000 ____D C:\FRST
2025-01-22 22:52 - 2025-01-22 22:53 - 002403328 _____ (Farbar) C:\Users\butle\OneDrive\Desktop\FRST64.exe
2025-01-22 22:49 - 2025-01-22 22:49 - 000000000 ___RD C:\Users\butle\OneDrive\Desktop\Geeks2Go
2025-01-20 22:29 - 2025-01-20 22:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoom
2025-01-19 17:59 - 2025-01-19 17:59 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-01-16 18:33 - 2025-01-16 18:33 - 000048583 _____ C:\Users\butle\Downloads\guitarlessonjan152025.zip
2025-01-15 22:28 - 2024-12-04 03:34 - 006662080 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2025-01-15 12:09 - 2025-01-16 18:29 - 000000514 _____ C:\Users\butle\OneDrive\Desktop\Zetland To Do.txt
2025-01-14 23:48 - 2025-01-22 15:33 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-01-06 12:10 - 2024-09-24 20:59 - 020221168 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPRes.dll
2025-01-06 12:10 - 2024-09-24 20:59 - 004466392 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPEnh.exe
2025-01-06 12:10 - 2024-09-24 20:59 - 001126512 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2025-01-06 12:10 - 2024-09-24 20:59 - 000814320 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys
2025-01-06 12:10 - 2024-09-24 20:59 - 000429296 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPEnhService.exe
2025-01-06 12:10 - 2024-09-24 20:59 - 000331376 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll
2025-01-05 22:28 - 2025-01-05 22:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PDF Reader
2024-12-29 19:53 - 2024-12-29 19:53 - 000002264 _____ C:\Users\butle\AppData\LocalLow\81d726d76eb1592405d70a3de525bf0cd32d0ce43948827cd8619ca9f53bb534
2024-12-29 01:16 - 2024-12-29 01:16 - 000002264 _____ C:\Users\butle\AppData\LocalLow\823ba6a17db81a8187542cd6d1a71d9bb3ca622bb00d3860e44ba825ca8ab6ee
2024-12-26 22:49 - 2024-12-26 22:58 - 000000000 ____D C:\Users\butle\AppData\Local\BitTorrentHelper
2024-12-26 22:49 - 2024-12-26 22:49 - 000001872 _____ C:\Users\butle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk
2024-12-26 22:42 - 2024-12-26 22:42 - 000000000 ____D C:\Users\butle\AppData\Roaming\Norton
2024-12-26 22:21 - 2024-12-26 22:45 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton
2024-12-26 22:21 - 2024-12-26 22:21 - 000316008 _____ (Gen Digital Inc.) C:\WINDOWS\system32\nllBoot.exe
2024-12-26 22:21 - 2024-12-26 22:21 - 000053048 _____ (Gen Digital Inc.) C:\WINDOWS\system32\icarus_rvrt.exe
2024-12-26 22:21 - 2024-12-26 22:21 - 000002052 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360.lnk
2024-12-26 22:21 - 2024-12-26 22:21 - 000000000 ____D C:\Program Files\Norton
2024-12-26 22:21 - 2024-12-26 22:21 - 000000000 ____D C:\Program Files\Common Files\Norton
2024-12-26 11:17 - 2024-12-26 22:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-01-22 22:52 - 2024-04-10 10:11 - 000086833 _____ C:\Users\butle\AppData\LocalLow\d9ec534cb2b823c433950a0b29f3bf43af91d7e4baf3bdf47287f351b9b522df
2025-01-22 22:46 - 2024-01-11 12:46 - 000000130 _____ C:\Users\butle\AppData\LocalLow\aae5869fa0bec4d8d27610345766f7ef02e2889cb0620366db786ae3c9e60f86
2025-01-22 22:43 - 2024-04-01 00:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-01-22 22:43 - 2024-01-11 12:46 - 000031263 _____ C:\Users\butle\AppData\LocalLow\96b4e09f9d106d02c2df9d25efab0623acb10b2aa352982ff915d2fb958abe41
2025-01-22 19:07 - 2024-12-15 14:24 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-01-22 19:07 - 2023-10-06 12:35 - 000000000 ____D C:\Users\butle\AppData\Local\OGH
2025-01-22 17:47 - 2024-01-12 14:48 - 000598598 _____ C:\Users\butle\AppData\LocalLow\5fc18818885154e2f8f5ba65eec1eefad757bab62ecbde0aab33b042f4d9d547
2025-01-22 15:33 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-01-22 14:23 - 2024-11-24 12:56 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-01-21 23:51 - 2024-04-01 00:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-01-21 23:51 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-01-20 22:34 - 2024-06-05 12:50 - 000262274 _____ C:\Users\butle\AppData\LocalLow\d7ab55b136db7af61d358961466174c44b88e0abcf74413efc14283cf253191f
2025-01-20 22:34 - 2024-06-05 12:50 - 000000130 _____ C:\Users\butle\AppData\LocalLow\0d8ce0cf35aa7c7d3119ff805ea411913e9063dbbfde48d90472b24757f677cb
2025-01-20 22:29 - 2024-10-30 21:13 - 000000000 ____D C:\Program Files\Zoom
2025-01-19 18:04 - 2023-10-06 22:16 - 000000000 ____D C:\Users\butle\AppData\Roaming\Microsoft\Word
2025-01-19 18:00 - 2024-04-01 00:26 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2025-01-19 18:00 - 2023-10-06 22:06 - 000000000 ____D C:\Program Files\Microsoft Office
2025-01-19 17:18 - 2023-10-05 17:32 - 000000000 ____D C:\Users\butle\AppData\Local\Packages
2025-01-19 17:18 - 2022-11-02 21:35 - 000000000 ____D C:\ProgramData\Packages
2025-01-19 14:03 - 2024-06-05 14:00 - 000225178 _____ C:\Users\butle\AppData\LocalLow\95b0b2480c9a6ca64b48551cac8b5e53ceaf41808ca1ac1375894f173800fe01
2025-01-18 18:22 - 2024-01-18 15:46 - 000000130 _____ C:\Users\butle\AppData\LocalLow\c66ea2d0c43a5ab0f82ad7cad0e5b71023e6a7c78bf47e45c6fedaab1806b45d
2025-01-18 18:21 - 2024-01-18 15:46 - 000021287 _____ C:\Users\butle\AppData\LocalLow\5642129d91fd36633bafcdfcb905f769dd89380fe5f84073508767d36ed1ce04
2025-01-18 14:58 - 2022-11-02 21:32 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-01-17 23:38 - 2023-10-06 22:18 - 000000000 ____D C:\Users\butle\AppData\Roaming\Microsoft\Excel
2025-01-16 20:36 - 2023-11-05 14:34 - 000000000 ____D C:\Users\butle\AppData\Roaming\Canva
2025-01-16 18:35 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\ServiceState
2025-01-16 18:15 - 2024-01-11 03:15 - 000245341 _____ C:\Users\butle\AppData\LocalLow\4a78f3e5c6247c6a4890f4e462e1f041286224a63c30ac8cbb70097e25a504bc
2025-01-16 12:16 - 2024-04-01 00:24 - 000000000 ____D C:\WINDOWS\INF
2025-01-16 12:15 - 2024-01-12 14:48 - 000000130 _____ C:\Users\butle\AppData\LocalLow\9561ed9a0b78144747fa26e4c4fd2a49defb5e38fac37da7863fcf98aeb7cb48
2025-01-16 05:32 - 2024-01-11 03:31 - 000016811 _____ C:\Users\butle\AppData\LocalLow\ef54eddb2ded8674d924a92863f229125f4b7962e4f7fe0c46c7682970b66a1d
2025-01-16 05:30 - 2024-12-15 14:29 - 000842280 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-01-16 03:45 - 2024-12-15 14:28 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-01-16 03:45 - 2024-12-15 14:25 - 000001460 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-01-16 03:45 - 2024-12-15 14:24 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2025-01-16 03:45 - 2024-04-01 00:21 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2025-01-16 03:45 - 2023-10-08 02:17 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-01-16 03:45 - 2023-10-06 09:20 - 000000000 ____D C:\ProgramData\Norton
2025-01-16 03:45 - 2023-10-05 17:45 - 000000000 ___RD C:\Users\butle\OneDrive
2025-01-16 03:45 - 2023-07-07 12:13 - 000000000 ____D C:\Program Files\HP
2025-01-16 03:45 - 2022-11-02 21:32 - 000012288 ___SH C:\DumpStack.log.tmp
2025-01-15 20:09 - 2024-12-15 14:28 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3839441441-1830215674-2231628907-1001
2025-01-15 20:09 - 2024-12-15 14:28 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-01-15 20:09 - 2023-10-06 22:11 - 000002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-01-15 13:59 - 2024-04-01 00:26 - 000000000 ____D C:\ProgramData\USOPrivate
2025-01-15 13:43 - 2024-12-15 14:24 - 000493512 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-01-15 13:42 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-01-15 13:42 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2025-01-15 13:42 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-01-15 13:42 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-01-15 11:21 - 2024-06-05 14:00 - 000000026 _____ C:\Users\butle\AppData\LocalLow\37946076e56186c3488739aed986e139d4728855a68844f32e036f83e51e8c36
2025-01-15 02:44 - 2023-10-06 12:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-01-14 21:40 - 2023-10-06 12:34 - 206927936 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-01-14 13:21 - 2023-10-06 09:47 - 000000000 ____D C:\Users\butle\AppData\Local\CrashDumps
2025-01-08 17:53 - 2023-10-05 17:43 - 000000000 ____D C:\Users\butle\AppData\Local\D3DSCache
2025-01-08 17:51 - 2023-09-05 22:10 - 000000000 ____D C:\Program Files (x86)\Realtek
2025-01-08 14:42 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2025-01-02 16:25 - 2023-10-06 10:37 - 000004321 _____ C:\Users\butle\OneDrive\Desktop\Contact info.txt
2025-01-02 10:45 - 2024-01-11 03:31 - 000000026 _____ C:\Users\butle\AppData\LocalLow\236b4e3e9d3b30821e20fc1082b4627565dab061dbbb2f3b0c8c5c34c1c75fee
2025-01-02 01:37 - 2023-10-06 10:36 - 000000000 ____D C:\Users\butle\OneDrive\Desktop\Zetland
2024-12-30 22:03 - 2024-02-08 00:33 - 000005621 _____ C:\Users\butle\AppData\LocalLow\6c64d65d9da3abefa1a4d301a5579aa93c644fe96aaeb293e658ff5b441ffcc7
2024-12-29 12:10 - 2024-01-11 00:45 - 000002264 _____ C:\Users\butle\AppData\LocalLow\ab43ebc6fba7691c182de163f369d401a06a2d0e629b0dbcc8c2932757ecda52
2024-12-29 11:19 - 2024-01-13 14:28 - 000002264 _____ C:\Users\butle\AppData\LocalLow\293c28e268efa354785bbc8c09f9046cd78c0292ce35b91aeffb605b8364ac12
2024-12-29 01:17 - 2024-12-15 14:28 - 000004274 _____ C:\WINDOWS\system32\Tasks\OmenInstallMonitorCustomEvent
2024-12-29 01:17 - 2024-12-15 14:28 - 000004216 _____ C:\WINDOWS\system32\Tasks\OmenOverlayCustomEvent
2024-12-29 01:17 - 2024-12-15 14:28 - 000003872 _____ C:\WINDOWS\system32\Tasks\OmenInstallMonitor
2024-12-29 01:17 - 2024-12-15 14:28 - 000003814 _____ C:\WINDOWS\system32\Tasks\OmenOverlay
2024-12-29 01:16 - 2024-01-30 01:30 - 000012335 _____ C:\Users\butle\AppData\LocalLow\1dc6c00a8ccb1ba456966b5f470493e9b53380f303883ce5012e6c64eb5a9a36
2024-12-29 01:16 - 2024-01-30 01:30 - 000000026 _____ C:\Users\butle\AppData\LocalLow\943971334c50f0517bdc61808505f922998cecb5c10254d7b37090a176a26d61
2024-12-29 01:16 - 2024-01-11 00:34 - 000006740 _____ C:\Users\butle\AppData\LocalLow\16d253a824dd932f7254a75238749bf1ac7ebfd4727516d4bcdcf9f798579f9c
2024-12-29 01:15 - 2024-12-15 14:28 - 000004252 _____ C:\WINDOWS\system32\Tasks\SystemOptimizerCustomEvent
2024-12-29 01:15 - 2024-12-15 14:28 - 000003850 _____ C:\WINDOWS\system32\Tasks\SystemOptimizer
2024-12-29 01:15 - 2024-12-15 14:28 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2024-12-29 01:15 - 2024-04-10 10:11 - 000000026 _____ C:\Users\butle\AppData\LocalLow\6d7c2a7b445f7857f49fc3983f8d03f9864b9f42ad3aef83d8710cdc776beb38
2024-12-29 01:15 - 2024-01-11 03:15 - 000002264 _____ C:\Users\butle\AppData\LocalLow\388432ce7fee1a113d46753a964a15dfff163693c0c044b0e8fdc62e2169a3c1
2024-12-29 01:15 - 2024-01-11 03:15 - 000000026 _____ C:\Users\butle\AppData\LocalLow\10a4dca5d4e4c061e5be589b05c7453a289bc5897d5dfde751f9ade306a1ddcc
2024-12-28 20:52 - 2023-10-05 18:01 - 000000000 ____D C:\Users\butle\AppData\Local\HP
2024-12-26 22:45 - 2023-10-06 09:20 - 000000000 ____D C:\ProgramData\NortonInstaller
2024-12-26 22:45 - 2023-10-06 09:20 - 000000000 ____D C:\Program Files (x86)\NortonInstaller
2024-12-26 22:44 - 2024-04-01 00:21 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2024-12-26 22:43 - 2023-10-17 04:26 - 000000000 ____D C:\Users\butle\AppData\Local\Norton
2024-12-26 22:21 - 2024-04-01 00:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-12-26 14:43 - 2024-12-15 11:14 - 000000000 ___DC C:\WINDOWS\Panther
2024-12-26 03:01 - 2024-05-08 21:46 - 000000000 ____D C:\Users\butle\AppData\LocalLow\Norton
==================== Files in the root of some directories ========
2023-10-10 20:11 - 2023-10-10 20:11 - 000007605 _____ () C:\Users\butle\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-01-2025
Ran by butle (22-01-2025 22:58:34)
Running from C:\Users\butle\OneDrive\Desktop
Microsoft Windows 11 Home Version 24H2 26100.2894 (X64) (2024-12-15 21:28:50)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3839441441-1830215674-2231628907-500 - Administrator - Disabled)
butle (S-1-5-21-3839441441-1830215674-2231628907-1001 - Administrator - Enabled) => C:\Users\butle
DefaultAccount (S-1-5-21-3839441441-1830215674-2231628907-503 - Limited - Disabled)
Guest (S-1-5-21-3839441441-1830215674-2231628907-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3839441441-1830215674-2231628907-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton 360 (Enabled - Up to date) {343E1860-FD6F-AB8D-96E4-A5006AA98D2C}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 (Enabled) {0C059945-B700-AAD5-BDBB-0C35947ACA57}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 24.005.20320 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601102}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Canva (HKU\S-1-5-21-3839441441-1830215674-2231628907-1001\...\3d0ba22d-e02b-5c6d-93a1-4e2a9af9c1f2) (Version: 1.101.0 - Canva Pty Ltd)
Foxit PDF Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 2024.4.0.27683 - Foxit Software Inc.)
Google Chrome (HKLM\...\{53B568B1-41B1-3D05-B14F-FC57035DA908}) (Version: 132.0.6834.110 - Google LLC)
Guitar Pro 8 (HKLM\...\com.arobas-music.guitarpro8_is1) (Version: 8.1.1-17 - Arobas Music)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.20.0 - HP Inc)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP OfficeJet Pro 8720 Basic Device Software (HKLM\...\{59944A30-0BDB-424E-B033-7134067C0182}) (Version: 40.15.1230.21319 - HP Inc.)
HP Software Framework (HKLM-x32\...\{71E18A14-1BDB-4B58-A67F-1BCDA12462FD}) (Version: 7.1.15.1 - HP)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.18429.20044 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\{DE493D86-8367-3619-97B6-69B997F0DBE3}) (Version: 132.0.2957.115 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 131.0.2903.146 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.244.1204.0003 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.14501 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34433 (HKLM-x32\...\{804e7d66-ccc2-4c12-84ba-476da31d103d}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.42.34433 (HKLM-x32\...\{e7802eac-3305-4da0-9378-e55d1ed05518}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.42.34433 (HKLM\...\{E1902FC6-C423-4719-AB8A-AC7B2694B367}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.42.34433 (HKLM\...\{382F1166-A409-4C5B-9B1E-85ED538B8291}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.42.34433 (HKLM-x32\...\{84E3E712-6343-484B-8B6C-9F145F019A70}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.42.34433 (HKLM-x32\...\{C2BB95AA-90F3-4891-81C1-A7E565BB836C}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Norton 360 (HKLM\...\Norton 360) (Version: 24.12.9725.1248 - Gen Digital Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18429.20044 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18429.20044 - Microsoft Corporation) Hidden
Standard Soundbank (HKLM\...\com.arobas-music.soundbank.standard_is1) (Version: 2.0.0-9 - Arobas Music)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - gamigo, Inc.) Hidden
Welcome to Primrose Lake (HKLM-x32\...\WTA-d6c55a7e-7e80-4bfb-a0b5-7df32d6ade41) (Version: 7.0.0.877 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 5.0.0.342 - WildTangent)
WildTangent ShortcutProvider (HKLM-x32\...\{80831F60-19D7-43B3-A60C-5CAF8C478DF6}) (Version: 7.0.0.886 - WildTangent) Hidden
Windows Subsystem for Linux Update (HKLM\...\{F8474A47-8B5D-4466-ACE3-78EAB3BF21A8}) (Version: 5.10.102.1 - Microsoft Corporation)
Zoom Workplace (64-bit) (HKLM\...\{27AE7462-439F-4DB5-8307-C9379670F114}) (Version: 6.3.56144 - Zoom)
Packages:
=========
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt [2024-12-04] (INTEL CORP) [Startup Task]
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_23.4.27.0_x64__xbfy0k16fey96 [2024-09-27] (Dropbox Inc.)
Energy Star -> C:\Program Files\WindowsApps\AD2F1837.HPInc.EnergyStar_1.2.0.0_x64__v10z8vjag6ke6 [2024-11-07] (HP Inc.)
HP Audio Center -> C:\Program Files\WindowsApps\AD2F1837.HPAudioCenter_1.51.329.0_x64__v10z8vjag6ke6 [2024-11-07] (HP Inc.)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_2.6.4.0_x64__v10z8vjag6ke6 [2024-12-20] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.3.7.0_x64__v10z8vjag6ke6 [2024-09-27] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_156.1.1125.0_x64__v10z8vjag6ke6 [2024-10-21] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.41.29.0_x64__v10z8vjag6ke6 [2024-12-20] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.1.0_x64__v10z8vjag6ke6 [2024-12-20] (HP Inc.)
Ink.Handwriting.en-US.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.en-US.1.0_0.645.1237.0_x64__8wekyb3d8bbwe [2024-10-21] (Microsoft Corporation)
Ink.Handwriting.en-US.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.en-US.1.0_0.645.1237.0_x86__8wekyb3d8bbwe [2024-10-21] (Microsoft Corporation)
Ink.Handwriting.Main.en-US.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.Main.en-US.1.0.1_0.645.1237.0_x64__8wekyb3d8bbwe [2024-10-21] (Microsoft Corporation)
Journal -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJournal_1.23306.1292.0_x64__8wekyb3d8bbwe [2024-12-04] (Microsoft Corporation)
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2410.16002.0_x64__8wekyb3d8bbwe [2024-12-04] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-10-06] (Microsoft Corp.)
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.6.9080.0_x64__8wekyb3d8bbwe [2024-09-12] (Microsoft Studios)
Microsoft Minesweeper -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMinesweeper_4.5.4011.0_x64__8wekyb3d8bbwe [2024-10-21] (Microsoft Studios)
Microsoft Sudoku -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSudoku_2.11.8191.0_x64__8wekyb3d8bbwe [2024-09-04] (Microsoft Studios)
Microsoft Ultimate Word Games -> C:\Program Files\WindowsApps\Microsoft.Studios.Wordament_4.5.10081.0_x64__8wekyb3d8bbwe [2024-11-07] (Microsoft Studios)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_54.20907.567.0_x64__8wekyb3d8bbwe [2024-09-27] (Microsoft Corporation)
myHP -> C:\Program Files\WindowsApps\AD2F1837.myHP_39.52446.140.0_x64__v10z8vjag6ke6 [2024-12-04] (HP Inc.) [Startup Task]
OfficePushNotificationsUtility -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16 [2025-01-20] ()
OMEN Gaming Hub -> C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2412.5.0_x64__v10z8vjag6ke6 [2024-12-20] (HP Inc.) [Startup Task]
SpotifyAB.SpotifyMusic -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0 [2024-12-20] (Spotify AB) [Startup Task]
Tubi - Free Movies and TV -> C:\Program Files\WindowsApps\TubiInc.Tubi-FreeMoviesandTV_2.0.2.0_neutral__6e499re8j0dp2 [2024-11-24] (Tubi, Inc.)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2450.6.0_x64__cv1g1gvanyjgm [2024-12-20] (WhatsApp Inc.) [Startup Task]
WinAppRuntime.Main.1.3 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.3_3000.934.1904.0_x64__8wekyb3d8bbwe [2023-10-07] (Microsoft Corp.)
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.311.2039.0_x64__8wekyb3d8bbwe [2024-12-04] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_6000.318.2304.0_x64__8wekyb3d8bbwe [2024-12-04] (Microsoft Corp.)
Windows App Runtime DDLM 3000.882.2207.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.3000.882.2207.0-x6_3000.882.2207.0_x64__8wekyb3d8bbwe [2023-10-06] (Microsoft Corporation)
Windows App Runtime DDLM 3000.882.2207.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.3000.882.2207.0-x8_3000.882.2207.0_x86__8wekyb3d8bbwe [2023-10-06] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3839441441-1830215674-2231628907-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3839441441-1830215674-2231628907-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\butle\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.24.14501\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3839441441-1830215674-2231628907-1001_Classes\CLSID\{2124CC3E-D36E-4F50-9016-2BDE35590E0F} -> [Jeremy's S23] => C:\Users\butle\CrossDevice\Jeremy's S23 [2024-12-11 14:19]
CustomCLSID: HKU\S-1-5-21-3839441441-1830215674-2231628907-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-16] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-16] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-16] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-16] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-16] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-16] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-16] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ BUOverlayExcluded] -> {42DE06EE-09E4-4808-A8AA-F63B1D3F6CE5} => C:\Program Files\Norton\Suite\ashShell.dll [2024-12-27] (NortonLifeLock Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers: [ BUOverlayPending] -> {5A4597A9-CC87-4ED2-A7E5-3BC62CF54901} => C:\Program Files\Norton\Suite\ashShell.dll [2024-12-27] (NortonLifeLock Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers: [ BUOverlayProtected] -> {9C11454A-4B5C-4586-B0BB-E51BB6033668} => C:\Program Files\Norton\Suite\ashShell.dll [2024-12-27] (NortonLifeLock Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers: [00nll] -> {472083B2-C522-11CF-8763-00608CC02F24} => C:\Program Files\Norton\Suite\ashShell.dll [2024-12-27] (NortonLifeLock Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-16] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-16] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-16] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-16] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-16] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-16] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-16] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [00nll] -> {472083B2-C522-11CF-8763-00608CC02F24} => C:\Program Files\Norton\Suite\ashShell.dll [2024-12-27] (NortonLifeLock Inc. -> Gen Digital Inc.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-16] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [norton] -> {472083B2-C522-11CF-8763-00608CC02F24} => C:\Program Files\Norton\Suite\ashShell.dll [2024-12-27] (NortonLifeLock Inc. -> Gen Digital Inc.)
ContextMenuHandlers3: [00nll] -> {472083B2-C522-11CF-8763-00608CC02F24} => C:\Program Files\Norton\Suite\ashShell.dll [2024-12-27] (NortonLifeLock Inc. -> Gen Digital Inc.)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-16] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-16] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers6: [norton] -> {472083B2-C522-11CF-8763-00608CC02F24} => C:\Program Files\Norton\Suite\ashShell.dll [2024-12-27] (NortonLifeLock Inc. -> Gen Digital Inc.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2024-12-29 01:26 - 2024-12-29 01:26 - 000432128 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LauncherSDK\5dfa3daa8a6749a11f0f5a487763bae6\LauncherSDK.ni.dll
2024-12-29 01:26 - 2024-12-29 01:26 - 000037888 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Logging\f83258b406f7e0011032448137b9e628\Logging.ni.dll
2024-12-29 01:26 - 2024-12-29 01:26 - 000153088 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\RpcClient\4a6b1adc04dc4061c28f65e3c7a587e7\RpcClient.ni.dll
2024-12-29 01:26 - 2024-12-29 01:26 - 000118272 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\WMISDK\d49e3e748bf8439a8b13f5af10cd6caa\WMISDK.ni.dll
2024-12-29 01:26 - 2024-12-29 01:26 - 003884544 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Newtonsoft.Json\ee10bc4e78e9ccd4dd117ff08dbaee77\Newtonsoft.Json.ni.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\nllSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nllSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2024-12-17] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-12-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2024-12-17] (HP Inc. -> HP Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-01-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-01-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-01-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-01-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-01-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-01-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-01-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-01-20] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2022-05-06 22:24 - 2022-05-06 22:22 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2023-10-10 20:18 - 2023-10-10 20:18 - 000000434 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
172.27.160.1 JsButler.mshome.net # 2028 10 1 9 3 18 26 596
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3839441441-1830215674-2231628907-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\butle\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalCache\Microsoft\IrisService\18058909138496629256\133819614092657731.jpg
DNS Servers: 10.252.0.0 - 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: Realtek RTL8852BE WiFi 6 802.11ax PCIe Adapter -> rtwlane601.sys
Norton VPN: Norton VPN Wintun Adapter -> nllWintun.sys
Bluetooth Network Connection: Bluetooth Device (Personal Area Network) -> bthpan.sys
Norton VPN WireGuard: Norton VPN WireGuard Adapter -> nllWireguard.sys
vms_vsf: Hyper-V Virtual Switch Extension Filter
ms_l1vhlwf: Nested Network Virtualization
vms_vsp: Hyper-V Virtual Switch Extension Protocol
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-3839441441-1830215674-2231628907-1001\...\StartupApproved\Run: => "NoxMultiPlayer"
HKU\S-1-5-21-3839441441-1830215674-2231628907-1001\...\StartupApproved\Run: => "CanvaAutoLaunchAvailabilityCheckAgent"
HKU\S-1-5-21-3839441441-1830215674-2231628907-1001\...\StartupApproved\Run: => "utweb"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{08B0D5F9-EC11-4269-82F8-06067AF78697}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D8850F9E-4171-4431-B442-0A4F462164EE}] => (Allow) C:\hp\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{B0AFA11F-213B-43B4-A3D4-E1ED8381BA95}] => (Allow) C:\hp\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{4E9E390A-7A96-41F7-9127-6EF619656965}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8720\Bin\HPNetworkCommunicatorCom.exe (HP Inc. -> HP Inc.)
FirewallRules: [{0D9761CD-0169-4578-B3E6-736BAC59C8FD}] => (Allow) LPort=5357
FirewallRules: [{2A07FD8E-B0B4-47BB-B763-54AD1A45850E}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8720\Bin\DeviceSetup.exe (HP Inc. -> HP Inc.)
FirewallRules: [{564622D6-EFCD-4A31-8147-AABBFCA84C5C}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8720\bin\FaxPrinterUtility.exe (HP Inc. -> HP Inc.)
FirewallRules: [{A176FA92-F6E0-4ECB-9CEF-8AA7029D3CE9}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8720\bin\SendAFax.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5874D179-93F1-44D1-82F4-FC0FDC824370}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8720\bin\DigitalWizards.exe (HP Inc. -> HP Inc.)
FirewallRules: [{2379F6F4-276E-4557-8EA5-71B8A35C5F8C}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8720\bin\FaxApplications.exe (HP Inc. -> HP Inc.)
FirewallRules: [{6BDAEDF2-C3E6-469C-A666-6487E14A17DB}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe => No File
FirewallRules: [{2BB98220-638C-4258-A56A-FC89731E3055}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File
FirewallRules: [{07D1D086-7426-4AF7-81B1-8330D500BDD1}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => No File
FirewallRules: [{7B45ED6B-A3D5-4EF3-B9A8-3F83BF3559ED}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe => No File
FirewallRules: [{D75D1316-D8D8-47EB-8828-5CAA177AC7E9}] => (Allow) C:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe => No File
FirewallRules: [{D7F8FF32-1FA7-4D72-BECC-4A3B556FC76D}] => (Allow) C:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe => No File
FirewallRules: [{79EA017D-F075-4E1A-970C-2B810ACF81E2}] => (Allow) C:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe => No File
FirewallRules: [{302BDD81-B84B-4047-94C4-83ED8A33EF98}] => (Allow) C:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe => No File
FirewallRules: [{904B6ACA-0603-4B39-82D1-7C8A7B84A573}] => (Allow) C:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe => No File
FirewallRules: [{8F52D580-9F3D-40F7-8624-B6C8A6B8C541}] => (Allow) C:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe => No File
FirewallRules: [{8EA61204-873C-4DE7-8303-8A5669B33701}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe => No File
FirewallRules: [{0A947E77-41EB-4E3C-8C5A-8C0D9BF5D534}] => (Allow) C:\Program Files (x86)\Nox\bin\Nox.exe => No File
FirewallRules: [{BC647579-5E8E-4555-A16F-F4BAA20F568F}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2412.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{967EE855-42D7-4778-84FD-91051D2ABF97}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2412.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{A23BC2ED-D65B-42E9-8E45-DD0710CAD08A}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2412.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{6C9BFCAF-F578-4289-AFC2-292E6F063F78}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2412.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{1F761145-6EE4-4974-9258-7397CCF22307}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2412.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{4FC783A7-ED21-4F94-97C4-835D51C134D2}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2412.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{FBF3ECD8-89FD-43B8-AC0D-25AEF620CF91}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2412.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{85DE24D8-1547-40EE-B8C8-28C0CA386D1E}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2412.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{070369AD-5379-4DF2-BCEF-142E7D78C18B}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2412.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{CA8F298C-B622-4D9B-B733-6C0D0E0C0F2F}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2412.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{B81CCC5F-C87B-49A7-9BA9-3CE629017C6F}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2412.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{A8D10C75-F17B-4861-9F64-69BF00DAE78D}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2412.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{DD774D9B-32FE-4C24-A570-0043074CEE2B}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2412.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{A83E4BBD-00B4-4339-BE5A-B590D474279C}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2412.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{6F7AF1B2-6B30-4E38-A6E3-3880457F16A0}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2412.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{B1F71D29-4DD9-4112-BBE0-A61212DF02C6}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2412.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{5FFB28FF-7112-410F-9354-8F4626206A90}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{54D249F9-7733-4594-902F-A6E4FC01A052}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7A1B5CDF-C9A9-4B4E-A25D-BCDB80549EB1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{AD223E22-3204-49CA-B4CD-B1E7BDA6A9F7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1C8DAF51-829C-43A3-8D1E-9AC5EAF8E706}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4ADC5418-AD6E-476C-98B5-37BC4E647101}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{005039AB-461F-473B-9000-446ED3E77E7B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{80475BD0-D6E7-47C1-A183-ECFCA7F5F716}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8599ADCE-647D-4480-AB1D-E65A39ABBED7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A7319B18-E5EF-417D-8A77-72AD72AB0893}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6DFA126C-AD6E-4A24-A9E2-6CCCBE89CF1A}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.112\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5E5050CB-4FA1-49EA-86E6-28FF56E6334F}] => (Allow) C:\Program Files\Norton\Suite\NortonUI.exe (NortonLifeLock Inc. -> Gen Digital Inc.)
FirewallRules: [{344284A0-96F6-4AD3-8078-975AAA5FAD79}] => (Allow) C:\Program Files\Norton\Suite\NortonUI.exe (NortonLifeLock Inc. -> Gen Digital Inc.)
FirewallRules: [{F31482EF-94D4-467E-8E63-ACBD5C267ED2}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24335.208.3315.1951_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E778D67C-B01D-41C1-877E-C02C39A78A6F}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24335.208.3315.1951_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9CCF7DAA-ADD7-439E-B992-7EFBA4F167A7}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24348.802.3311.5092_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F293FA53-B782-4442-9F26-FA089613D6B9}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24348.802.3311.5092_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6DDA5E5B-1C09-42B6-847A-0028B7CAC329}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.146\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{01FC6B04-84BD-4B98-96CE-80D2DEE928EF}] => (Allow) C:\Program Files\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Communications, Inc.)
FirewallRules: [{C39A6EED-CABE-4408-86AB-C7DDC6E2F0E1}] => (Allow) C:\Program Files\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{F5EB9E0B-D1CE-4AE3-AAF6-28DDED534E6B}] => (Allow) C:\Program Files\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{744612EA-B1B4-43EA-B944-99527CE05FAE}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
14-01-2025 21:40:11 Windows Update
21-01-2025 23:51:12 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/21/2025 06:09:19 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: The program GameBar.exe version 7.224.11211.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Error: (01/19/2025 06:58:54 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: The program WhatsApp.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Error: (01/17/2025 03:15:01 AM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: The program GameBar.exe version 7.224.11211.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Error: (01/17/2025 12:04:40 AM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: The program WhatsApp.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Error: (01/16/2025 06:29:41 AM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: The program GameBar.exe version 7.224.11211.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Error: (01/15/2025 01:46:33 PM) (Source: Universal Print) (EventID: 1) (User: )
Description: Failed to GetUserSid. hr: 0x8001012d
Error: (01/14/2025 01:21:49 PM) (Source: Application Error) (EventID: 1000) (User: JSBUTLER)
Description: Faulting application name: ms-teamsupdate.exe, version: 24335.208.3315.1951, time stamp: 0x676283b3
Faulting module name: ntdll.dll, version: 10.0.26100.2454, time stamp: 0x7cb6b6a8
Exception code: 0xc0000374
Fault offset: 0x00000000000881f5
Faulting process id: 0x6478
Faulting application start time: 0x1db66c1f05661fb
Faulting application path: C:\Program Files\WindowsApps\MSTeams_24335.208.3315.1951_x64__8wekyb3d8bbwe\ms-teamsupdate.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 1e160a8a-c9d2-4f13-bd0f-d60072dc997c
Faulting package full name: MSTeams_24335.208.3315.1951_x64__8wekyb3d8bbwe
Faulting package-relative application ID: MSTeams.Update
Error: (01/13/2025 09:19:17 AM) (Source: Application Error) (EventID: 1000) (User: JSBUTLER)
Description: Faulting application name: ms-teamsupdate.exe, version: 24335.208.3315.1951, time stamp: 0x676283b3
Faulting module name: ntdll.dll, version: 10.0.26100.2454, time stamp: 0x7cb6b6a8
Exception code: 0xc0000374
Fault offset: 0x00000000000881f5
Faulting process id: 0x4bc8
Faulting application start time: 0x1db65d6e4335f78
Faulting application path: C:\Program Files\WindowsApps\MSTeams_24335.208.3315.1951_x64__8wekyb3d8bbwe\ms-teamsupdate.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 092731cb-8b29-401f-9aae-d4845957f260
Faulting package full name: MSTeams_24335.208.3315.1951_x64__8wekyb3d8bbwe
Faulting package-relative application ID: MSTeams.Update
System errors:
=============
Error: (01/22/2025 06:45:11 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {338B40F9-9D68-4B53-A793-6B9AA0C5F63B} did not register with DCOM within the required timeout.
Error: (01/22/2025 02:38:47 PM) (Source: DCOM) (EventID: 10010) (User: JSBUTLER)
Description: The server {C53A4F16-787E-42A4-B304-29EFFB4BF597} did not register with DCOM within the required timeout.
Error: (01/22/2025 01:56:34 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {338B40F9-9D68-4B53-A793-6B9AA0C5F63B} did not register with DCOM within the required timeout.
Error: (01/21/2025 06:15:12 PM) (Source: DCOM) (EventID: 10010) (User: JSBUTLER)
Description: The server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} did not register with DCOM within the required timeout.
Error: (01/21/2025 06:13:12 PM) (Source: DCOM) (EventID: 10010) (User: JSBUTLER)
Description: The server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} did not register with DCOM within the required timeout.
Error: (01/21/2025 06:11:11 PM) (Source: DCOM) (EventID: 10010) (User: JSBUTLER)
Description: The server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} did not register with DCOM within the required timeout.
Error: (01/21/2025 01:06:33 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {338B40F9-9D68-4B53-A793-6B9AA0C5F63B} did not register with DCOM within the required timeout.
Error: (01/20/2025 06:06:45 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {338B40F9-9D68-4B53-A793-6B9AA0C5F63B} did not register with DCOM within the required timeout.
CodeIntegrity:
===============
Date: 2025-01-16 23:33:26
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Norton\Suite\NortonSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2025-01-16 22:44:46
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\AI\ai.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton\Suite\aswhook.dll that did not meet the Store signing level requirements.
Date: 2024-12-26 22:42:26
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.24.8.36\symamsi.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: AMI F.12 08/20/2024
Motherboard: HP 8BB6
Processor: 13th Gen Intel® Core™ i5-1335U
Percentage of memory in use: 89%
Total physical RAM: 7835.77 MB
Available physical RAM: 826.23 MB
Total Virtual: 20615.99 MB
Available Virtual: 7037.87 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:952.76 GB) (Free:849.96 GB) (Model: KBG50ZNV1T02 KIOXIA) (Protected) NTFS
\\?\Volume{994eee51-0165-425b-8119-3a259bf0c013}\ () (Fixed) (Total:0.83 GB) (Free:0.13 GB) NTFS
\\?\Volume{b2e87d70-af6f-48f7-8d7e-1ca40a586214}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.16 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 953.9 GB) (Disk ID: A92846E0)
Partition: GPT.
==================== End of Addition.txt =======================
Sign In
Create Account
