Both my chrome and my edge browsers on my Dell laptop are so slow that they are almost unusable. On the rare occasion a page loads, usually not all of the images load. I use Avast and it has not detected any malware, virus, or spyware. My other Dell laptop on the same network loads everything fine and because my browsers are synced, it's all the same extensions, etc. I changed networks to a hotspot from my phone with no difference. A Dell rep spent three hours last night with remote desktop and reset the browsers with no effect. Then they reset windows: no change. Please help.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-04-2025
Ran by micro (administrator) on ACV-LPTP (Dell Inc. Inspiron 15 3520) (12-04-2025 15:15:36)
Running from C:\Users\micro\OneDrive\Desktop\FRST64.exe
Loaded Profiles: micro
Platform: Microsoft Windows 11 Home Version 24H2 26100.3775 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe <6>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe ->) (Adobe Inc. -> Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrotray.exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.UserProcess.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DellOptimizer\Dell.Optimizer.DthProxy\Dell.Optimizer.DthProxy.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DellOptimizer\DellOptimizer.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> ) C:\Program Files (x86)\Dell\UpdateService\DCF\Dell.Update.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> ) C:\Program Files\Dell\DTP\DiagnosticsSubAgent\Dell.TechHub.Diagnostics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\MyDell\Console\Dell.UCA.Systray.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\MyDell\Manager\Dell.UCA.Manager.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\TechHub\Dell.CoreServices.Client.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\AnalyticsSubAgent\Dell.TechHub.Analytics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\DataManagerSubAgent\Dell.TechHub.DataManager.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> TitanCoreSubAgent) C:\Program Files\Dell\MyDell\Components\MyDellCoreSubAgent\TitanCoreSubAgent.exe
(C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe ->) (Rivet Networks LLC) [File not signed] C:\Program Files\Rivet Networks\SmartByte\RAPS.exe
(DriverStore\FileRepository\ipf_cpu.inf_amd64_c493e10bcfd25250\ipf_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_c493e10bcfd25250\ipf_helper.exe
(explorer.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe <3>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <18>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
(services.exe ->) (Dell Technologies Inc. -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Technologies Inc. -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(services.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\TechHub\Dell.TechHub.exe
(services.exe ->) (FOR TESTING ONLY - IPF_PreProd_Cert -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dtt_sw.inf_amd64_8edcf6be1c4ddd78\ipfsvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_8a3f88e34f6b8385\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorvd.inf_amd64_d0ba3dc7378fedf6\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_cde08185192dc86d\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_de4d8dbdd2d25cdd\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_c493e10bcfd25250\ipf_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_b966ea70c5407e74\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_29fd1afabcf5470c\AS\IAS\IntelAudioService.exe
(services.exe ->) (McAfee Canada ULC -> TunnelBear) C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(services.exe ->) (Rivet Networks) [File not signed] C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe
(services.exe ->) (Rivet Networks) [File not signed] C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(services.exe ->) (Rivet Networks, LLC.) [File not signed] C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe
(services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd) C:\Windows\System32\DriverStore\FileRepository\wavesapo11de.inf_amd64_f9892edce6f065fd\WavesAudioService.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo11de.inf_amd64_f9892edce6f065fd\WavesSysSvc64.exe
(services.exe ->) (Zoom Video Communications, Inc. -> Zoom Communications, Inc.) C:\Program Files\Common Files\Zoom\Support\CptService.exe
(Slack Technologies, LLC -> Slack Technologies Inc.) C:\Users\micro\AppData\Local\slack\app-4.43.51\slack.exe <7>
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2514.4.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\WindowsApps\AdobeNotificationClient_6.0.0.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (DELL) [File not signed] C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo11de.inf_amd64_f9892edce6f065fd\WavesSvc64.exe [5514984 2024-01-19] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [455976 2025-04-09] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [6928680 2025-04-12] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [133128 2024-05-07] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2756368 2023-08-10] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM-x32\...\Run: [FastFoto] => C:\Program Files (x86)\Epson Software\FastFoto\FastFoto.exe [3392792 2023-10-24] (SEIKO EPSON CORPORATION -> )
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1131432 2025-01-23] (Adobe Inc. -> Adobe Inc.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\106.0.4.0\GoogleDriveFS.exe [65444448 2025-03-26] (Google LLC -> Google LLC.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\106.0.4.0\GoogleDriveFS.exe [65444448 2025-03-26] (Google LLC -> Google LLC.)
HKU\S-1-5-21-4028688911-4248998318-3670724698-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\106.0.4.0\GoogleDriveFS.exe [65444448 2025-03-26] (Google LLC -> Google LLC.)
HKU\S-1-5-21-4028688911-4248998318-3670724698-1001\...\Run: [HP OfficeJet Pro 7740 (NET)] => C:\Program Files\HP\HP OfficeJet Pro 7740 series\Bin\ScanToPCActivationApp.exe [3770528 2022-02-17] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-4028688911-4248998318-3670724698-1001\...\Run: [com.squirrel.MightyText.MightyText] => C:\Users\micro\AppData\Local\MightyText\Update.exe [1849568 2022-10-29] (Openphone Inc. -> GitHub)
HKU\S-1-5-21-4028688911-4248998318-3670724698-1001\...\Run: [AvastBrowserAutoLaunch_550A4FC8C39E949BCE0BBD776DA5CD4A] => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [3738496 2025-03-23] (Avast Software s.r.o. -> Gen Digital Inc.)
HKU\S-1-5-21-4028688911-4248998318-3670724698-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [12307864 2025-03-13] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-4028688911-4248998318-3670724698-1001\...\Run: [MicrosoftEdgeAutoLaunch_9B827EC21065CBA858A185C60A702E62] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4418112 2025-04-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4028688911-4248998318-3670724698-1001\...\Run: [com.squirrel.slack.slack] => C:\Users\micro\AppData\Local\slack\slack.exe [307504 2025-04-04] (Slack Technologies, LLC -> Slack Technologies Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\106.0.4.0\GoogleDriveFS.exe [65444448 2025-03-26] (Google LLC -> Google LLC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [203936 2024-01-13] (Adobe Inc. -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\135.0.7049.85\Installer\chrmstp.exe [2025-04-12] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files\AVAST Software\Browser\Application\133.0.29113.143\Installer\chrmstp.exe [2025-03-26] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {3732040D-3140-47C6-8F16-66F4D680AB1C} - \McAfee\WPS\systemrebootedtask -> No File <==== ATTENTION
Task: {75DDA8DE-5DF3-4BF3-B9D1-5F4DB7D2350C} - \McAfee\WPS\amwebapitriggertask -> No File <==== ATTENTION
Task: {8E56B584-D46D-4EA0-B72A-CF67133B91AE} - \McAfee\WPS\NGMCadence -> No File <==== ATTENTION
Task: {8F6C988D-850B-4BB9-8B3C-E26E2E88A7C3} - \McAfee\WPS\mcpcoscanner -> No File <==== ATTENTION
Task: {95D7B51E-827C-46BF-9E12-5F7B5350A6ED} - \McAfee\WPS\tracker_remover -> No File <==== ATTENTION
Task: {CAC38FE4-5492-49CD-B889-B6B271C2C420} - \McAfee\WPS\datupdatetask -> No File <==== ATTENTION
Task: {D62344A1-C1DE-4A90-91D5-43FBD173DC10} - \McAfee\WPS\odsscheduledtask -> No File <==== ATTENTION
Task: {FB035BD9-5472-4EE1-A6F0-71EA5C685C9F} - \McAfee\WPS\AntiTrackerTask -> No File <==== ATTENTION
Task: {264760FA-3DE9-4894-A5CD-E3BD6B799E76} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2024-12-19] (Adobe Inc. -> Adobe Inc.)
Task: {A6C3E073-C484-4156-936B-70755A7D64D3} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [3738496 2025-03-23] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {72038D13-A7BE-4510-984C-0966DA0E8DAB} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [3738496 2025-03-23] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {98AF0C58-185B-49B7-97EA-8E61E0B6AECD} - System32\Tasks\Avast Software\Avast Antivirus Patcher => C:\Program Files\Common Files\Avast Software\Icarus\avast-av\icarus.exe [8594216 2025-03-27] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {99600ED5-1419-4AD1-8FD1-C2E03B9BA807} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [6079272 2025-04-12] (Avast Software s.r.o. -> Gen Digital Inc.) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup" --configpath "C:\ProgramData\Avast Software\Cleanup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\Avast Software\Cle (the data entry has 53 more characters).
Task: {AF0FD685-D347-4840-9104-2DCD7D2A85A9} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [8594216 2025-03-31] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {789957D1-537A-46F7-906A-BA2DF7375298} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5293864 2025-04-09] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {6DFC0C40-8FC5-413F-A344-1E5DA7169175} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2564904 2024-11-19] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {4A54A97B-80DB-412F-8E70-5BC94C06346E} - System32\Tasks\AvastBrowserProtectS-1-5-21-4028688911-4248998318-3670724698-1001 => C:\Program Files\AVAST Software\Browser\Application\AvastBrowserProtect.exe [1690008 2024-08-19] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {22295EA2-1DA2-4F60-B7B7-3E57A584962C} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [192664 2024-09-14] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {AC1CD83C-18E6-40CC-AF0E-D95A236DFACF} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [192664 2024-09-14] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {126A2BD8-D226-4709-BADB-15B3A56275D3} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\FrameworkAgents\SupportAssistInstaller.exe [1254728 2025-01-13] (Dell Technologies Inc. -> Dell Inc.) -> C:\Program Files\Dell\SupportAssistAgent\bin\AutoUpdate
Task: {F0A932A3-1023-4923-B9DA-967AB4E9CD63} - System32\Tasks\EPSON FF-680W Update => C:\Program Files (x86)\epson\Epson Scan 2\Update\e_dtsksd.exe [690176 2021-10-25] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {A4111CDB-233F-46DA-90B0-CB80B39A5DBA} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem137.0.7115.0{0DEC8686-384E-4F52-86B0-E61E2D608C3B} => C:\Program Files (x86)\Google\GoogleUpdater\137.0.7115.0\updater.exe [7360096 2025-04-08] (Google LLC -> Google LLC)
Task: {60123EB5-998E-4C0B-9FE3-24DCF581EE55} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [78288 2025-03-07] (HP Inc. -> HP Inc.)
Task: {06301384-94A2-4E0C-8CB6-26139304327F} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [78288 2025-03-07] (HP Inc. -> HP Inc.)
Task: {9F572A23-D76D-4E3D-885C-BAE48FA551E2} - System32\Tasks\Launch Adobe CCXProcess => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [194048 2024-12-05] (Adobe Inc. -> Adobe Inc.)
Task: {0822CC6D-DD82-4FD1-A8C6-491A6B18F9D3} - System32\Tasks\Microsoft\Office\Office Apps Prewarm => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [315512 2025-04-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {F1663ADD-48E2-4499-BC57-10EAFAAE9F55} - System32\Tasks\Microsoft\Office\Office Apps Prewarm Recurring => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [315512 2025-04-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {66DB2DDA-811E-48C7-B025-69A8103E5459} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [29106392 2025-04-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {8EF46844-3F3B-4861-AF23-99DF1073DA38} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [29106392 2025-04-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {AF89FAF4-A291-4629-A324-65AEB119B91C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [315512 2025-04-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {658328EE-9C2D-4DF4-AC0A-9EC7D1708964} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [315512 2025-04-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {B2668531-151E-4639-8447-7095FDFA2D41} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [204400 2025-04-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {9E5A4A5D-3314-4361-96C0-F62AFCB61003} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4536688 2025-03-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {21E3DB3A-9441-4E77-9D3C-EAFB26B25C87} - System32\Tasks\Microsoft\Windows\AccountHealth\RecoverabilityToastTask => {B7F5B442-EBF8-46CD-9F0B-D8E45ED43492} C:\WINDOWS\system32\AccountHealth.dll [258048 2025-03-28] (Microsoft Windows -> Microsoft Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {8723600B-CA9D-4616-A42B-B8BC5A2AE491} - System32\Tasks\MyDell.Updater => C:\Program Files\Dell\MyDell\Updater\MyDell.Updater.exe [433584 2024-07-17] (Dell Technologies Inc. -> Dell Technologies, Inc.)
Task: {C386FC10-A947-43C7-8043-DA3485FB7602} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [87040 2022-07-28] (DELL) [File not signed]
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\EPSON FF-680W Update.job => C:\Program Files (x86)\epson\Epson Scan 2\Update\e_dtsksd.exe0/EXE_S:EPSON FF-680W,ES0170.DAT /F:UpdateACV-LPTP\microĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{8e5570af-b372-484d-87df-061025072b33}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{8e5570af-b372-484d-87df-061025072b33}: [DhcpNameServer] 192.168.9.169
Tcpip\..\Interfaces\{8e5570af-b372-484d-87df-061025072b33}\A59607C697D244732303: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{8e5570af-b372-484d-87df-061025072b33}\A59607C697D244732303: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{8e5570af-b372-484d-87df-061025072b33}\A59607C697D244732303: [DhcpDomain] home
Tcpip\..\Interfaces\{f57a5ccf-d396-4027-a641-a81d31a9c81f}: [NameServer] 172.17.3.1
Tcpip\..\Interfaces\{f87bab0c-425d-4a57-a692-a943ae42d498}: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{f87bab0c-425d-4a57-a692-a943ae42d498}: [DhcpDomain] home
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\micro\AppData\Local\Microsoft\Edge\User Data\Default [2025-04-12]
Edge Extension: (Google Translate) - C:\Users\micro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2024-09-09]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Send to Kindle for Google Chromeâ„¢) - C:\Users\micro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cgdjpilhipecahhcilnafpblkieebhea [2024-01-26]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Eno® from Capital One®) - C:\Users\micro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\clmkdohmabikagpnhjmgacbclihgmdje [2025-04-07]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Mailto: for Gmail™) - C:\Users\micro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dgkkmcknielgdhebimdnfahpipajcpjn [2024-08-05]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (User-Agent Switcher for Chrome) - C:\Users\micro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2024-06-06]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (MightyText - SMS from PC & Text from Computer) - C:\Users\micro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dkfhfaphfkopdgpbfkebjfcblcafcmpi [2025-03-05]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Session Buddy) - C:\Users\micro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2025-03-12]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Disable HTML5 Autoplay) - C:\Users\micro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\efdhoaajjjgckpbkoglidkeendpkolai [2024-01-26]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (BookWithMatrix) - C:\Users\micro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\enpgegaockimafpdjomphligajfkcaeo [2024-01-26]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (HTTPS Everywhere) - C:\Users\micro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fchjpkplmbeeeaaogdbhjbgbknjobohb [2024-01-26]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (Ghostery Tracker & Ad Blocker - Privacy AdBlock) - C:\Users\micro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fclbdkbhjlgkbpfldjodgjncejkkjcme [2025-04-10]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (Avast Online Security & Privacy) - C:\Users\micro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdgpikaaheckgdijjmepmdjjkbceakif [2025-03-24]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (Google Docs Offline) - C:\Users\micro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-04-04]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\micro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2025-04-10]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (Awesome Screen Recorder & Screenshot) - C:\Users\micro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gpmljinohlbfgmeoaeceoajachkabijo [2025-04-04]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (Voice Search) - C:\Users\micro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hhfkcobomkalfdlmkongnhnhahkmnaad [2024-01-26]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (GME to the moon) - C:\Users\micro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hnmnjoeblnfcgfoongbfjfedjmmodamd [2024-02-03]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Bitly | Short links and QR Codes) - C:\Users\micro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic [2024-01-26]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Start!) - C:\Users\micro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\iniabgbbmccaomaocmhcfioahgipigbh [2024-01-26]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Send to Kindle (by Klip.me)) - C:\Users\micro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan [2024-01-26]hxxp://clients2.google.com/service/update2/crx
Edge Extension: (Save to Pocket) - C:\Users\micro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jicacccodjjgmghnmekophahpmddeemd [2024-01-26]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (View Image Info (properties)) - C:\Users\micro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jldjjifbpipdmligefcogandjojpdagn [2024-01-26]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Edge relevant text changes) - C:\Users\micro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-26]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (Capital One Shopping: Save Now) - C:\Users\micro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kiiaghlmeikbpmeabhilfphikfcefljn [2025-03-11]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (StayFocusd - Block Distracting Websites & Web Analytics) - C:\Users\micro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji [2024-12-18]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Keeper® Password Manager & Digital Vault) - C:\Users\micro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lfochlioelphaglamdcakfjemolpichk [2025-03-05]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (Reader Mode) - C:\Users\micro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\llimhhconnjiflfimocjggfjdlmlhblm [2025-04-10]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (HTML5 Audio Description (via screenreader)) - C:\Users\micro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mipjggdmdaagfmpnomakdcgchdcgfbdg [2024-01-26]hxxp://clients2.google.com/service/update2/crx
Edge Extension: (Keeper® Password Manager & Digital Vault) - C:\Users\micro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mpfckamfocjknfipmpjdkkebpnieooca [2025-03-06]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (Legrooms+ for Google Flights) - C:\Users\micro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nhonfddkgankhjilponlbdccpabaaknp [2025-03-13]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Authenticator: 2FA Client) - C:\Users\micro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ocglkepbibnalbgmbachknglpdipeoio [2024-08-28]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (EBSCOhost Passport â„¢) - C:\Users\micro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ogcopdaeipjphchggpacpamopkdehdgg [2024-04-03]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (ColorPick Eyedropper) - C:\Users\micro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ohcpnigalekghcmgcdcenkpelffpdolg [2024-01-26]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (TunnelBear VPN) - C:\Users\micro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\omdakjcmkglenbhjadbccaookpfjihpa [2024-02-03]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Send from Gmail (by Google)) - C:\Users\micro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc [2024-06-05]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (AirReview: Airbnb Investment & Hosting Tools) - C:\Users\micro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\plkdnpjpnhhnmigmekaocdfokkmebdnm [2025-04-11]hxxps://clients2.google.com/service/update2/crx
FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-02]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-04-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-03-13] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2025-01-23] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2025-04-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-04-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1697.6\npAvastBrowserUpdate3.dll [2024-09-14] (Avast Software s.r.o. -> Gen Digital Inc.)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1697.6\npAvastBrowserUpdate3.dll [2024-09-14] (Avast Software s.r.o. -> Gen Digital Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2025-01-23] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default [2025-04-12]
CHR DownloadDir: C:\Users\micro\OneDrive\Desktop
CHR Extension: (Google Translate) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2024-09-11]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (MindMeister) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdehgigffdnkjpaindemkaniebfaepjm [2024-02-15]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Keeper® Password Manager & Digital Vault) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfogiafebfohielmmehodmfbbebbbpei [2025-03-12]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Authenticator) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhghoamapcdpbohphigoooaddinpkbai [2024-09-03]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Downloadyze — A Multi Page Downloader) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmadppkfhoofholcdndbcodfomajacf [2024-12-20]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (HelloFax) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Extensions\bocmleclimfnadgmcdgecijlblfcmfnm [2024-02-15]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2025-04-10]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Send to Kindle for Google Chrome™) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdjpilhipecahhcilnafpblkieebhea [2024-01-26]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Spotify - Music for every moment) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2024-02-15]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Mailto: for Gmail™) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgkkmcknielgdhebimdnfahpipajcpjn [2024-08-14]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2024-06-09]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Session Buddy) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2025-03-17]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-04-09]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (BookWithMatrix) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Extensions\enpgegaockimafpdjomphligajfkcaeo [2024-01-26]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Google Docs Offline) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-24]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Avast Online Security & Privacy) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2025-03-30]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Voice Search) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhfkcobomkalfdlmkongnhnhahkmnaad [2024-01-26]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (GME to the moon) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmnjoeblnfcgfoongbfjfedjmmodamd [2024-01-26]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (View Image Info (properties)) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Extensions\jldjjifbpipdmligefcogandjojpdagn [2024-01-26]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Points Path) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kblbdlhoeakihpcaimpdjnfkjffnhhej [2025-04-06]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Zoom Chrome Extension) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgjfgplpablkjnlkjmjdecgdpfankdle [2025-03-27]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Until AM Web App) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kodigjkcpaoeodlnmcnekemakpnmegnk [2024-02-15]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (StayFocusd - Block Distracting Websites & Web Analytics) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji [2024-12-20]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (All-in-One Messenger) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lainlkmlgipednloilifbppmhdocjbda [2024-02-15]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Reader Mode) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Extensions\llimhhconnjiflfimocjggfjdlmlhblm [2025-04-09]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2024-02-19]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Ghostery Tracker & Ad Blocker - Privacy AdBlock) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2025-04-09]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Capital One Shopping: Save Now) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2025-03-30]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Legrooms+ for Google Flights) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhonfddkgankhjilponlbdccpabaaknp [2025-03-12]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Save to Pocket) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2024-02-15]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Awesome Screen Recorder & Screenshot) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlipoenfbbikpbjkfpfillcgkoblgpmj [2025-04-06]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Chrome Web Store Payments) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-01-26]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (EBSCOhost Passport ™) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogcopdaeipjphchggpacpamopkdehdgg [2024-04-09]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (ColorPick Eyedropper) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohcpnigalekghcmgcdcenkpelffpdolg [2024-01-26]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Cometdocs PDF Converter) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Extensions\olgfoomjdkeijllelookodfgiogbdoch [2024-02-15]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Psykopaint) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2024-02-15]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Send from Gmail (by Google)) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc [2024-06-09]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (AirReview: Airbnb Investment & Hosting Tools) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Extensions\plkdnpjpnhhnmigmekaocdfokkmebdnm [2025-04-11]hxxps://clients2.google.com/service/update2/crx
CHR Profile: C:\Users\micro\AppData\Local\Google\Chrome\User Data\Guest Profile [2025-04-12]
CHR Profile: C:\Users\micro\AppData\Local\Google\Chrome\User Data\Profile 1 [2025-04-12]
CHR Notifications: Profile 1 -> hxxps://calendar.google.com; hxxps://libraryh3lp.com
CHR Extension: (Keeper® Password Manager & Digital Vault) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bfogiafebfohielmmehodmfbbebbbpei [2025-04-12]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-04-12]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Google Docs Offline) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-01-08]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2024-02-19]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Chrome Web Store Payments) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-01-27]hxxps://clients2.google.com/service/update2/crx
CHR Profile: C:\Users\micro\AppData\Local\Google\Chrome\User Data\Profile 2 [2025-04-12]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-04-12]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Google Docs Offline) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-04-12]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Chrome Web Store Payments) - C:\Users\micro\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-02-04]hxxps://clients2.google.com/service/update2/crx
CHR Profile: C:\Users\micro\AppData\Local\Google\Chrome\User Data\System Profile [2025-04-12]
CHR HKU\S-1-5-21-4028688911-4248998318-3670724698-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-4028688911-4248998318-3670724698-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2024-12-19] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944040 2025-01-23] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7500072 2025-04-09] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [192664 2024-09-14] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [807208 2025-04-09] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2478376 2025-04-09] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [859432 2025-04-09] (Avast Software s.r.o. -> Gen Digital Inc.)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [192664 2024-09-14] (Avast Software s.r.o. -> Gen Digital Inc.)
S3 AvastSecureBrowserElevationService; C:\Program Files\AVAST Software\Browser\Application\133.0.29113.143\elevation_service.exe [2207056 2025-03-23] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2024-09-14] (Avast Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [19304744 2025-04-12] (Avast Software s.r.o. -> Gen Digital Inc.)
S4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13860056 2025-04-01] (Microsoft Corporation -> Microsoft Corporation)
S4 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [459456 2024-11-26] (Dell Technologies Inc. -> Dell Technologies Inc.)
S4 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [153792 2024-11-26] (Dell Technologies Inc. -> Dell Technologies Inc.)
S4 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [481984 2024-11-26] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [22240 2024-09-26] (Dell Technologies Inc. -> Dell INC.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [51648 2024-11-14] (Dell Technologies Inc. -> )
R2 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [153304 2024-12-04] (Dell Technologies Inc. -> Dell)
R2 dptftcs; C:\WINDOWS\System32\DriverStore\FileRepository\dtt_sw.inf_amd64_8edcf6be1c4ddd78\ipfsvc.exe [562040 2024-11-19] (FOR TESTING ONLY - IPF_PreProd_Cert -> Intel Corporation)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [206304 2021-10-25] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S4 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243664 2025-03-07] (HP Inc. -> HP Inc.)
S2 Intel® Platform License Manager Service; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_c25dbc60ad3b371a\lib\PlatformLicenseManagerService.exe [742904 2024-11-19] (Intel Corporation -> Intel® Corporation)
R2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_29fd1afabcf5470c\AS\IAS\IntelAudioService.exe [530520 2023-10-18] (Intel Corporation -> Intel)
R2 ipfsvc; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_c493e10bcfd25250\ipf_uf.exe [3102808 2024-11-19] (Intel Corporation -> Intel Corporation)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpDefenderCoreService.exe [1427024 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 RAPSService; C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe [56832 2022-07-28] (Rivet Networks, LLC.) [File not signed]
S3 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [56832 2022-07-28] (Rivet Networks, LLC.) [File not signed]
R2 SmartByte Analytics Service; C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe [1623552 2022-07-28] (Rivet Networks) [File not signed]
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2381824 2022-07-28] (Rivet Networks) [File not signed]
S4 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [149832 2025-01-13] (Dell Technologies Inc. -> Dell Inc.)
R2 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe [140416 2025-01-15] (McAfee Canada ULC -> TunnelBear)
R2 WavesAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo11de.inf_amd64_f9892edce6f065fd\WavesAudioService.exe [161000 2024-01-19] (Waves Inc -> Waves Audio Ltd)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\NisSrv.exe [3199648 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MsMpEng.exe [133704 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZoomCptService; "C:\Program Files\Common Files\Zoom\Support\CptService.exe" -user_path "C:\Users\micro\AppData\Roaming\Zoom"
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [248376 2025-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [393272 2025-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [296528 2025-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [84560 2025-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [28280 2024-11-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [37944 2025-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [282680 2025-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [553528 2025-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [98872 2025-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [69688 2025-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [942672 2025-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [1427512 2025-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [207440 2025-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [391760 2025-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 Cirrus_HDAudio; C:\WINDOWS\System32\DriverStore\FileRepository\cshda2.inf_amd64_af8529f1b3e31508\CSHDA2.sys [304200 2024-05-08] (Microsoft Windows Hardware Compatibility Publisher -> Cirrus Logic, Inc)
R3 cshsbc; C:\WINDOWS\System32\drivers\cshsbc.sys [224640 2023-11-20] (Microsoft Windows Hardware Compatibility Publisher -> Cirrus Logic Inc.)
R3 DellInstrumentation; C:\WINDOWS\System32\drivers\DellInstrumentation.sys [35896 2024-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [222528 2024-10-21] (Microsoft Windows -> Microsoft Corporation)
S3 GeneStor; C:\WINDOWS\System32\drivers\GeneStor.sys [139488 2021-08-19] (GENESYS LOGIC, INC. -> Genesys Logic)
R2 googledrivefs31626; C:\Program Files\Google\Drive File Stream\Drivers\31626\googledrivefs31626.sys [384096 2024-07-17] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 iaLPSS2_GPIO2_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_302e75596cffa74a\iaLPSS2_GPIO2_ADL.sys [150616 2022-10-18] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_adl.inf_amd64_e736c048ca307ed2\iaLPSS2_I2C_ADL.sys [220224 2022-10-18] (Intel Corporation -> Intel Corporation)
R0 iaStorVD; C:\WINDOWS\System32\drivers\iaStorVD.sys [1606816 2023-07-24] (Intel Corporation -> Intel Corporation)
R3 IntcUSB; C:\WINDOWS\System32\DriverStore\FileRepository\intcusb.inf_amd64_bc398e7169495415\IntcUSB.sys [922712 2023-10-18] (Intel Corporation -> Intel® Corporation)
R3 IntelGNA; C:\WINDOWS\System32\DriverStore\FileRepository\gna.inf_amd64_04d4eecc5838a558\gna.sys [88776 2022-06-23] (Intel Corporation -> Intel Corporation)
R3 ipf_acpi; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_acpi.inf_amd64_ca5ac87d28341730\ipf_acpi.sys [89688 2024-11-19] (Intel Corporation -> Intel Corporation)
R3 ipf_cpu; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_c493e10bcfd25250\ipf_cpu.sys [89688 2024-11-19] (Intel Corporation -> Intel Corporation)
R3 ipf_lf; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_c493e10bcfd25250\ipf_lf.sys [504920 2024-11-19] (Intel Corporation -> Intel Corporation)
S2 l1vhlwf; C:\WINDOWS\System32\drivers\l1vhlwf.sys [144840 2025-03-28] (Microsoft Windows -> Microsoft Corporation)
S3 polarbear-split-tunneling; C:\Program Files (x86)\TunnelBear\Drivers\x64\SplitTunnelingDriver.sys [29176 2025-01-15] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 PRI-Driver; C:\WINDOWS\System32\DriverStore\FileRepository\socthermalprovider_sw.inf_amd64_d8d2967b40ed3b12\Intel® PRI Driver\PRI-Driver.sys [297080 2024-11-04] (Intel Corporation -> Intel Corporation)
R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [167080 2022-07-28] (Intel Corporation -> Rivet Networks, LLC.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2024-08-10] (TunnelBear, Inc. -> The OpenVPN Project)
S3 ThermalFilter; C:\WINDOWS\System32\DriverStore\FileRepository\c_thermal.inf_amd64_732a53ed1662b707\ThermalFilter.sys [75376 2025-03-28] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [98304 2024-10-21] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [22080 2024-08-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [602504 2024-08-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2024-08-08] (Microsoft Windows -> Microsoft Corporation)
S3 wini3ctarget; C:\WINDOWS\System32\DriverStore\FileRepository\wini3ctarget.inf_amd64_bdb09ebda2834009\wini3ctarget.sys [75168 2025-03-28] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [29592 2024-11-10] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WSDPrintDevice; C:\WINDOWS\System32\DriverStore\FileRepository\wsdprint.inf_amd64_1f9e32519098c0b6\WSDPrint.sys [57344 2024-10-21] (Microsoft Windows -> Microsoft Corporation)
S3 WSDScan; C:\WINDOWS\System32\DriverStore\FileRepository\sti.inf_amd64_971c769b103df369\WSDScan.sys [61440 2024-10-21] (Microsoft Windows -> Microsoft Corporation)
S3 IntelTACD; \??\C:\Windows\System32\drivers\IntelTACD.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-04-12 15:15 - 2025-04-12 15:16 - 000056899 _____ C:\Users\micro\OneDrive\Desktop\FRST.txt
2025-04-12 15:14 - 2025-04-12 15:14 - 002404864 _____ (Farbar) C:\Users\micro\OneDrive\Desktop\FRST64.exe
2025-04-12 15:14 - 2025-04-12 15:14 - 000000000 ____D C:\Users\micro\OneDrive\Desktop\FRST-OlderVersion
2025-04-12 14:54 - 2025-04-12 14:54 - 000751096 _____ C:\WINDOWS\system32\perfh00A.dat
2025-04-12 14:54 - 2025-04-12 14:54 - 000154044 _____ C:\WINDOWS\system32\perfc00A.dat
2025-04-12 14:03 - 2025-04-12 15:15 - 000000000 ____D C:\FRST
2025-04-12 14:03 - 2025-04-12 14:03 - 000087488 _____ C:\Users\micro\OneDrive\Desktop\Unconfirmed 73484.crdownload
2025-04-11 21:42 - 2025-04-11 21:42 - 000000000 ____D C:\Program Files (x86)\REALTEK
2025-04-11 21:42 - 2024-08-22 19:19 - 012226016 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\Drivers\rtwlane.sys
2025-04-11 21:42 - 2022-07-11 16:55 - 000472424 _____ C:\WINDOWS\SysWOW64\ISSRemoveSP.exe
2025-04-11 21:41 - 2025-04-11 21:41 - 000000000 ____D C:\ProgramData\Realtek
2025-04-11 21:05 - 2025-04-11 21:42 - 000000000 ___HD C:\$SysReset
2025-04-11 20:32 - 2025-04-11 20:32 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-04-11 20:06 - 2025-04-11 20:06 - 133586472 _____ (Dell, Inc.) C:\Users\micro\Downloads\Inspiron_Vostro_3420_3520_1.30.0 (1).exe
2025-04-11 20:04 - 2025-04-11 20:04 - 014680064 _____ (Dell, Inc.) C:\Users\micro\Downloads\Inspiron_Vostro_3420_3520_1.30.0.exe
2025-04-11 19:50 - 2025-04-11 19:50 - 000000000 ____D C:\WINDOWS\Panther
2025-04-11 19:13 - 2025-04-11 19:13 - 000000000 ____D C:\ProgramData\Projector Inc
2025-04-11 17:20 - 2025-04-11 17:20 - 000002133 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Cleanup Premium.lnk
2025-04-11 01:56 - 2024-10-01 22:27 - 005561768 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\Netwtw14.sys
2025-04-11 01:56 - 2024-10-01 22:26 - 001619368 _____ (Intel Corporation) C:\WINDOWS\system32\IntelIHVRouter14.dll
2025-04-10 10:13 - 2025-04-10 10:13 - 000005813 _____ C:\Users\micro\OneDrive\Desktop\options_closed_2025.csv
2025-04-10 10:13 - 2025-04-10 10:13 - 000002226 _____ C:\Users\micro\OneDrive\Desktop\options_closed_2024.csv
2025-04-10 10:12 - 2025-04-10 10:12 - 000011603 _____ C:\Users\micro\OneDrive\Desktop\2024_options.csv
2025-04-10 10:11 - 2025-04-10 10:11 - 000015113 _____ C:\Users\micro\OneDrive\Desktop\options_2025.csv
2025-04-10 07:07 - 2025-04-10 07:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoom
2025-04-10 03:20 - 2025-04-10 03:20 - 000000000 ____D C:\inetpub
2025-04-08 20:04 - 2025-04-12 12:10 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-04-08 17:43 - 2025-04-08 17:42 - 000316200 _____ (Gen Digital Inc.) C:\WINDOWS\system32\aswBoot.exe
2025-04-07 14:27 - 2025-04-07 14:27 - 000002264 _____ C:\Users\micro\AppData\LocalLow\6c515e6f4c25823d280fe92163b55dabbe7f1f0f7f25a61cac3ecc98c90c31e4
2025-04-07 14:25 - 2025-04-08 14:16 - 000192900 _____ C:\Users\micro\AppData\LocalLow\dea23cf0244c35c30ded5636913d5df0e2321bd671e7c85fc64712baa684e896
2025-04-07 14:25 - 2025-04-08 14:14 - 000000130 _____ C:\Users\micro\AppData\LocalLow\72830b805d64f6459956d2352363f56fbd305b47adefedb32c1e5f6e3cfa0189
2025-04-07 14:24 - 2025-04-08 14:34 - 000104869 _____ C:\Users\micro\AppData\LocalLow\e613b4a83ff1e6338015e9747b5d118d98c4a3c6641433f8f931f568c53ff99f
2025-04-07 14:24 - 2025-04-08 14:34 - 000000130 _____ C:\Users\micro\AppData\LocalLow\419d4f2ed002d2a5bf3f9d179fdf725c8a12686fad0e7b5eba2fc968ae805c58
2025-04-04 10:09 - 2025-04-11 17:25 - 000002372 _____ C:\Users\micro\OneDrive\Desktop\Slack.lnk
2025-04-03 15:07 - 2025-04-03 15:07 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-04-01 19:20 - 2025-04-01 19:20 - 000317324 _____ C:\Users\micro\OneDrive\Desktop\NW Sunset Circle Cavanaugh.pdf
2025-04-01 18:25 - 2025-04-01 18:25 - 000128129 _____ C:\Users\micro\OneDrive\Desktop\Home _ OnPoint Community Credit Union.pdf
2025-04-01 13:38 - 2025-04-01 13:38 - 002653803 _____ C:\Users\micro\OneDrive\Desktop\alan april 2025 TransUnion Credit Report.pdf
2025-03-31 02:16 - 2025-03-31 02:16 - 000000000 ____D C:\WINDOWS\system32\AccountHealthAssets
2025-03-27 19:58 - 2025-03-27 19:58 - 000029042 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-03-27 19:58 - 2025-03-27 19:58 - 000029042 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-03-25 17:29 - 2025-03-25 17:37 - 000956835 _____ C:\Users\micro\Downloads\consentapplication.pdf
2025-03-21 10:35 - 2025-03-21 10:35 - 008987616 _____ C:\Users\micro\Downloads\Staging Report on 2742 SW Leah - Google Docs.pdf
2025-03-21 08:20 - 2025-04-12 14:43 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2025-03-21 08:20 - 2025-03-21 08:20 - 000002086 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk
2025-03-21 08:20 - 2025-03-21 08:20 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-03-19 09:57 - 2025-03-19 09:57 - 000298834 _____ C:\Users\micro\Downloads\session-buddy-export-2025-03-19-09-57-23.json
2025-03-16 21:54 - 2025-03-16 21:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TunnelBear
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-04-12 15:09 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-04-12 15:04 - 2024-01-26 16:15 - 000000000 ____D C:\Users\micro\AppData\Local\D3DSCache
2025-04-12 15:03 - 2024-01-28 11:07 - 000385098 _____ C:\Users\micro\AppData\LocalLow\4510301a6debac7bb96ba6e668ac3383271c26c4eb6798c206d42ac5ba3b906e
2025-04-12 15:03 - 2024-01-28 11:07 - 000000130 _____ C:\Users\micro\AppData\LocalLow\6d8e67a632f594be1d223ffb54c90fe6446fef2465a9a763349317a93891ce8e
2025-04-12 15:02 - 2024-10-20 19:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-04-12 15:02 - 2024-04-01 00:24 - 000000000 ____D C:\WINDOWS\INF
2025-04-12 15:02 - 2024-01-30 01:09 - 000000000 ____D C:\Users\micro\AppData\Local\CrashDumps
2025-04-12 14:54 - 2024-10-20 19:29 - 001683482 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-04-12 14:52 - 2024-10-20 19:28 - 000007884 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-04-12 14:52 - 2024-04-18 15:40 - 000001670 ___SH C:\Users\micro\AppData\Roaming\Microsoft\LastFlashConfig.wfc
2025-04-12 14:50 - 2024-01-28 14:28 - 000000466 _____ C:\Users\micro\AppData\LocalLow\a843c5f609c0d0de7272d0a5b24805c88dd73687c5381fe73a7dc37b63a2748f
2025-04-12 14:48 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\Registration
2025-04-12 14:48 - 2024-03-03 11:24 - 000000130 _____ C:\Users\micro\AppData\LocalLow\3209a2264cf3c9bfb64901dc676bda96f3f57fc23c20f7599e349e65a69d7d87
2025-04-12 14:48 - 2024-01-28 14:19 - 000000000 ____D C:\Users\micro\AppData\Roaming\Slack
2025-04-12 14:47 - 2025-01-22 17:11 - 000012288 ___SH C:\DumpStack.log.tmp
2025-04-12 14:47 - 2024-10-20 19:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-04-12 14:47 - 2024-09-14 10:42 - 000000000 ____D C:\ProgramData\Avast Software
2025-04-12 14:47 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\ServiceState
2025-04-12 14:47 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-04-12 14:47 - 2024-04-01 00:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-04-12 14:47 - 2024-04-01 00:21 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2025-04-12 14:43 - 2024-10-20 19:35 - 000003464 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-04-12 14:43 - 2024-10-20 19:35 - 000003240 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-04-12 14:43 - 2024-10-20 19:35 - 000002628 _____ C:\WINDOWS\system32\Tasks\MyDell.Updater
2025-04-12 14:43 - 2024-10-20 19:35 - 000002604 _____ C:\WINDOWS\system32\Tasks\Launch Adobe CCXProcess
2025-04-12 14:43 - 2024-10-20 19:35 - 000002258 _____ C:\WINDOWS\system32\Tasks\SmartByte Telemetry
2025-04-12 14:43 - 2024-10-20 19:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2025-04-12 14:42 - 2024-07-15 10:26 - 000000130 _____ C:\Users\micro\AppData\LocalLow\fedc0112051f6a7554125061bfc0417233f025afaee87922568403ac077eb281
2025-04-12 14:30 - 2024-10-14 07:44 - 000000000 ____D C:\Program Files (x86)\TunnelBear
2025-04-12 14:15 - 2024-02-22 19:25 - 000000130 _____ C:\Users\micro\AppData\LocalLow\e68b3becd33291447dcd13579c0f8e20b4690d10816171f2ba63236eafb576a0
2025-04-12 14:05 - 2024-12-01 13:35 - 000000000 ____D C:\Users\micro\OneDrive\Desktop\flickr_backup
2025-04-11 22:08 - 2024-01-26 16:14 - 000000000 ____D C:\Users\micro\AppData\Local\Packages
2025-04-11 22:08 - 2023-09-20 23:55 - 000000000 ____D C:\ProgramData\Packages
2025-04-11 21:49 - 2024-01-28 14:28 - 000347222 _____ C:\Users\micro\AppData\LocalLow\fd848121fb19175e0a67c91636e16ee2c60f24dbdfbd50a49356250617d01a6f
2025-04-11 21:41 - 2023-09-20 23:48 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2025-04-11 21:40 - 2023-09-20 23:48 - 000000000 ____D C:\ProgramData\Dell
2025-04-11 21:27 - 2024-10-20 19:23 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2025-04-11 20:48 - 2023-09-20 23:43 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-04-11 20:46 - 2023-09-20 23:47 - 000000000 ____D C:\ProgramData\Package Cache
2025-04-11 20:45 - 2023-09-20 23:47 - 000000000 ____D C:\Program Files\dotnet
2025-04-11 20:32 - 2024-01-26 16:21 - 000000000 ____D C:\Program Files\Google
2025-04-11 19:50 - 2024-02-11 12:06 - 000000925 _____ C:\WINDOWS\Tasks\EPSON FF-680W Update.job
2025-04-11 19:49 - 2025-01-22 17:15 - 000003354 _____ C:\WINDOWS\system32\Tasks\Dell SupportAssistAgent AutoUpdate
2025-04-11 19:46 - 2024-01-26 14:38 - 000000000 ___SD C:\Users\micro\AppData\Roaming\Microsoft\Credentials
2025-04-11 19:37 - 2024-09-16 12:30 - 000000000 ____D C:\Users\micro\AppData\Local\ElevatedDiagnostics
2025-04-11 19:26 - 2024-04-18 15:19 - 000000000 ____D C:\Users\micro\AppData\Roaming\Microsoft\MMC
2025-04-11 18:37 - 2024-01-26 17:20 - 000000000 ____D C:\Users\micro\AppData\Roaming\Microsoft\Office
2025-04-11 17:26 - 2024-01-26 16:47 - 000000000 ____D C:\Users\micro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2025-04-11 17:25 - 2024-10-03 11:21 - 000000000 ____D C:\Users\micro\AppData\Roaming\Bitwarden
2025-04-11 17:25 - 2024-10-03 11:20 - 000000000 ____D C:\Program Files\Bitwarden
2025-04-11 17:25 - 2024-08-22 16:24 - 000001528 _____ C:\Users\micro\OneDrive\Desktop\CapCut.lnk
2025-04-11 17:23 - 2024-10-20 19:35 - 000003446 _____ C:\WINDOWS\system32\Tasks\EPSON FF-680W Update
2025-04-11 17:22 - 2024-10-23 18:14 - 000000000 ____D C:\WINDOWS\Minidump
2025-04-11 17:22 - 2024-01-30 14:24 - 000000000 ____D C:\Users\micro\AppData\Roaming\Zoom
2025-04-11 17:20 - 2024-09-14 10:45 - 000000000 ____D C:\Users\micro\AppData\Roaming\Avast Software
2025-04-11 17:19 - 2024-09-14 10:43 - 000000000 ____D C:\Program Files\Avast Software
2025-04-11 16:26 - 2024-02-14 03:29 - 000014078 _____ C:\Users\micro\AppData\LocalLow\a409750cc47a4783c6472c6ac9a131e8f86788ae57545ed742cfaffbac6baf3d
2025-04-11 16:26 - 2024-02-14 03:29 - 000000026 _____ C:\Users\micro\AppData\LocalLow\479f142dc68f2c656a6697423514d6d9f4e7c05d922d42ada90c3f24e90930d4
2025-04-11 15:08 - 2024-10-21 09:18 - 000000000 ____D C:\Users\micro\AppData\Local\Deployment
2025-04-11 13:27 - 2024-04-01 00:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-04-10 21:28 - 2024-06-18 15:48 - 000145911 _____ C:\Users\micro\AppData\LocalLow\95e27de6c5f1f5d38fc048e1bf30244ec65cf620051ecf0b497b5fd9b026c4cd
2025-04-10 21:28 - 2024-06-18 15:48 - 000000130 _____ C:\Users\micro\AppData\LocalLow\41aae27b8e5a9f2d5014d432cc0811524d1d6e4e1594d307aa5a6f934fa435e8
2025-04-10 18:11 - 2024-02-08 10:55 - 000000000 ____D C:\Users\micro\AppData\Roaming\.purple
2025-04-10 07:07 - 2024-10-21 16:03 - 000000000 ____D C:\Program Files\Zoom
2025-04-10 03:20 - 2024-10-20 20:13 - 000000000 ____D C:\WINDOWS\system32\Drivers\es-MX
2025-04-10 03:20 - 2024-04-01 01:08 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2025-04-10 03:20 - 2024-04-01 01:08 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-04-10 03:20 - 2024-04-01 00:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-04-10 03:20 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-04-10 03:20 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2025-04-10 03:20 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-04-10 03:20 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-04-10 03:20 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\system32\es-MX
2025-04-10 03:20 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-04-09 22:47 - 2024-10-20 19:26 - 003352064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-04-09 15:17 - 2024-04-01 00:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-04-06 12:17 - 2024-10-20 19:25 - 000000000 ____D C:\Users\micro
2025-04-04 10:09 - 2024-01-28 14:19 - 000000000 ____D C:\Users\micro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies Inc
2025-04-04 10:09 - 2024-01-28 14:19 - 000000000 ____D C:\Users\micro\AppData\Local\slack
2025-04-04 09:58 - 2024-02-22 19:25 - 000024171 _____ C:\Users\micro\AppData\LocalLow\fd84a82013498f69bc040e6ec8d8d8291a152cc760e35edd235d3dc92781442b
2025-04-04 09:58 - 2024-01-30 14:25 - 000000000 ____D C:\Users\micro\OneDrive\Documents\Zoom
2025-04-03 15:05 - 2023-09-20 23:54 - 000000000 ____D C:\Program Files\Microsoft Office
2025-04-01 18:30 - 2024-02-06 14:46 - 000000130 _____ C:\Users\micro\AppData\LocalLow\c02381e992a278f86b5e7c21c9fa4b99244038043218fd4691137ec280c1f733
2025-03-31 03:03 - 2024-04-01 00:26 - 000000000 ____D C:\ProgramData\USOPrivate
2025-03-31 02:16 - 2024-10-20 20:19 - 000000000 ____D C:\WINDOWS\InboxApps
2025-03-31 02:16 - 2024-04-01 01:09 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2025-03-31 02:16 - 2024-04-01 01:09 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2025-03-31 02:16 - 2024-04-01 00:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2025-03-31 02:16 - 2024-04-01 00:26 - 000000000 ___SD C:\WINDOWS\system32\UNP
2025-03-31 02:16 - 2024-04-01 00:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2025-03-31 02:16 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\UUS
2025-03-31 02:16 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-03-31 02:16 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-03-31 02:16 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2025-03-31 02:16 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-03-31 02:16 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\SystemApps
2025-03-31 02:16 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-03-31 02:16 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2025-03-31 02:16 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-03-31 02:16 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-03-31 02:16 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-03-31 02:16 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-03-31 02:16 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-03-31 02:16 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-03-31 02:16 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-03-31 02:16 - 2024-04-01 00:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-03-31 02:16 - 2024-04-01 00:26 - 000000000 ____D C:\Program Files\Common Files\System
2025-03-31 02:16 - 2024-04-01 00:21 - 000000000 ____D C:\WINDOWS\servicing
2025-03-26 11:53 - 2024-09-14 10:49 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2025-03-26 06:24 - 2024-02-18 20:28 - 000002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2025-03-26 06:24 - 2024-02-18 20:28 - 000002064 _____ C:\Users\micro\OneDrive\Desktop\Google Drive.lnk
==================== Files in the root of some directories ========
2024-02-11 13:21 - 2024-02-11 13:21 - 000000000 _____ () C:\Users\micro\AppData\Roaming\Twain.log
2024-07-24 13:09 - 2024-07-24 13:31 - 000001456 _____ () C:\Users\micro\AppData\Local\Adobe Save for Web 13.0 Prefs
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-04-2025
Ran by micro (12-04-2025 15:17:51)
Running from C:\Users\micro\OneDrive\Desktop
Microsoft Windows 11 Home Version 24H2 26100.3775 (X64) (2024-10-21 02:35:26)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-4028688911-4248998318-3670724698-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4028688911-4248998318-3670724698-503 - Limited - Disabled)
Guest (S-1-5-21-4028688911-4248998318-3670724698-501 - Limited - Disabled)
micro (S-1-5-21-4028688911-4248998318-3670724698-1001 - Administrator - Enabled) => C:\Users\micro
WDAGUtilityAccount (S-1-5-21-4028688911-4248998318-3670724698-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: McAfee (Disabled - Up to date) {17E6E93C-6841-5FC7-DEB8-480FDC929279}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: McAfee (Enabled) {2FDD6819-222E-5E9F-F5E7-E13A2241D502}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-FFFF-7760-BC15014EA700}) (Version: 25.001.20435 - Adobe)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 6.5.0.348 - Adobe Inc.)
Adobe Lightroom (HKLM-x32\...\LRCC_7_4_1) (Version: 7.4.1 - Adobe Inc.)
Adobe Media Encoder (Beta) (HKLM-x32\...\AMEBETA_24_6) (Version: 24.6 - Adobe Inc.)
Adobe Media Encoder 2024 (HKLM-x32\...\AME_24_4_1) (Version: 24.4.1 - Adobe Inc.)
Adobe Photoshop 2024 (HKLM-x32\...\PHSP_25_9_1) (Version: 25.9.1.626 - Adobe Inc.)
Adobe Premiere Pro (Beta) (HKLM-x32\...\PPROBETA_24_6) (Version: 24.6 - Adobe Inc.)
Adobe Premiere Pro 2024 (HKLM-x32\...\PPRO_24_4_1) (Version: 24.4.1 - Adobe Inc.)
Adobe Premiere Rush (HKLM-x32\...\RUSH_2_10) (Version: 2.10 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601108}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Avast Cleanup Premium (HKLM\...\Avast Cleanup) (Version: 24.4.17598.20292 - Gen Digital Inc.)
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 25.3.9983.2649 - Gen Digital Inc.)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 133.0.29113.143 - Gen Digital Inc.)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1697.6 - AVAST Software) Hidden
Brackets (HKLM-x32\...\{DECDF311-E886-4879-A6BF-39B2C7F07862}) (Version: 2.2.1 - brackets.io) Hidden
Brackets (HKLM-x32\...\Brackets 2.2.1) (Version: 2.2.1 - brackets.io)
CapCut (HKU\S-1-5-21-4028688911-4248998318-3670724698-1001\...\CapCut) (Version: 4.3.0.1694 - Bytedance Pte. Ltd.)
Cirrus High Definition Audio Driver (HKLM-x32\...\{130d2d60-3436-45ed-a510-cd6f3bcc0483}) (Version: 2.2.59 - Cirrus Logic Inc.)
Cirrus High Definition Audio Driver Setup (HKLM\...\{73B4E7F6-9441-4093-928E-5770CB3638C4}) (Version: 2.2.59 - Cirrus Logic Inc.) Hidden
Dell Core Services (HKLM\...\{3AE48AB7-8646-46BB-84DB-3FC6FF01CA39}) (Version: 1.6.52.0 - Dell, Inc.) Hidden
Dell Optimizer (HKLM\...\{1344E072-D68B-48FF-BD2A-C1CCCC511A50}) (Version: 5.0.1100.0 - Dell) Hidden
Dell Optimizer (HKLM-x32\...\{286A9ADE-A581-43E8-AA85-6F5D58C7DC88}) (Version: 5.0.1100.0 - Dell Inc.) Hidden
Dell SupportAssist (HKLM\...\{58A22579-B760-4155-BA8D-5C6A07702E31}) (Version: 4.8.0.24312 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{F70E4C63-1E9C-410F-B9B5-08E8CEC36EC8}) (Version: 5.5.13.1 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{720a2ba7-49f7-4f23-a550-abf179916969}) (Version: 5.5.13.1 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{D3EFD276-F67A-45CD-B8A3-7CE38B2FF434}) (Version: 5.5.13.0 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{c7ccf084-ab05-431c-8474-6b66df04f996}) (Version: 5.5.13.0 - Dell Inc.)
Dell Update for Windows Universal (HKLM\...\{B724D287-C1C8-472E-B56B-41AEA619740F}) (Version: 5.4.0 - Dell Inc.)
Epson Event Manager (HKLM-x32\...\{067039C9-A41C-42F5-9571-B06E0700AAA4}) (Version: 3.11.77 - Seiko Epson Corporation)
Epson FastFoto (HKLM-x32\...\{40ac89c2-22df-4b48-a831-25e9bdafc973}) (Version: 2.1.13.0 - Seiko Epson Corporation)
Epson FastFoto (HKLM-x32\...\{4B3EE26C-0EFE-4648-978C-5CE38AC53F2E}) (Version: 2.1.13.0 - Seiko Epson Corporation) Hidden
Epson FF-680W User’s Guide (HKLM-x32\...\UsersGuideEpson FF-680W User’s Guide_is1) (Version: 1.0 - Epson America, Inc.)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{3615C893-F844-4A5B-B949-8409EAB62271}) (Version: 3.00.05 - Seiko Epson Corporation)
Epson Scan OCR Component Pro (HKLM-x32\...\{FF6BD53F-14FD-4CA6-B582-175DAA845E7C}) (Version: 1.1.1 - Seiko Epson Corporation)
EPSON Scan PDF Extensions (HKLM-x32\...\{E4C6B326-8218-4FC2-8B48-85A19DAB3AE4}) (Version: 1.03.02.01 - Seiko Epson Corporation)
Epson ScanSmart (HKLM-x32\...\{1A1B60BB-F156-4F6D-AD79-8A096B67E9AB}) (Version: 3.7.10 - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{711E8536-AB71-4455-A6C4-357FDBBEBF91}) (Version: 4.6.7 - Seiko Epson Corporation)
Fidelity Active Trader Pro®64 - 1 (HKU\S-1-5-21-4028688911-4248998318-3670724698-1001\...\338126d24171cffb) (Version: 11.1.646.0 - Fidelity Investments)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 135.0.7049.85 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 106.0.4.0 - Google LLC)
HP Dropbox Plugin (HKLM-x32\...\{C54DEA1F-7A8D-410B-A675-04E0FB562CB0}) (Version: 40.13.54.81239 - HP)
HP Google Drive Plugin (HKLM-x32\...\{533B4739-13DD-4AAB-9524-070B3F0CE6ED}) (Version: 40.13.54.81239 - HP)
HP OfficeJet Pro 7740 series Basic Device Software (HKLM\...\{18DFCC54-84A4-46B1-8AB1-01C5EB19765E}) (Version: 40.16.1234.2248 - HP Inc.)
Intel® Arc Software & Drivers (HKLM\...\Intel® Arc Software & Drivers) (Version: 1.0.962.4 - Intel® Corporation)
Intel® Software Installer (HKLM-x32\...\{4638c57f-119d-4015-b4bd-40be8a51c13c}) (Version: 23.90.0.2 - Intel Corporation) Hidden
Microsoft .NET Host - 6.0.28 (x64) (HKLM\...\{CA84969C-64F9-4606-A998-E692A5DA9B9F}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft .NET Host - 7.0.7 (x64) (HKLM\...\{E914E975-A0B1-49F7-AB71-28DACD495C44}) (Version: 56.31.61636 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.15 (x64) (HKLM\...\{4C903F19-B4C3-4D0C-8CC9-D444C511AF1C}) (Version: 64.60.31149 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.20 (x64) (HKLM\...\{76FA02FF-603F-48BB-9E3F-17ED5DB861E8}) (Version: 48.83.63169 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.25 (x64) (HKLM\...\{AE86D888-1404-47CC-A7BB-8D86C0503E58}) (Version: 48.100.4028 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.28 (x64) (HKLM\...\{7C4254A1-17EE-4840-B9D3-7CA9B34C75CD}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.7 (x64) (HKLM\...\{62A9DE14-DB7A-41D9-9D7E-ED494E6FCBAF}) (Version: 56.31.61636 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.15 (x64) (HKLM\...\{11CCC9F6-77AA-4421-9EAC-BAEC36D96817}) (Version: 64.60.31149 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.20 (x64) (HKLM\...\{6CE8AD8C-E6D5-4BF7-91C3-7F8106A5CD93}) (Version: 48.83.63169 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.20 (x64) (HKLM-x32\...\{403b0cfe-5969-462d-8eb2-aafde344360e}) (Version: 6.0.20.32620 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.25 (x64) (HKLM\...\{3544B2EE-E62F-4D11-B79C-3DDEACE94DA5}) (Version: 48.100.4028 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.28 (x64) (HKLM\...\{4BCC5DFD-5D10-4ACC-AAA9-8A1578A9F0C6}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.7 (x64) (HKLM\...\{ECCA3DB0-6DEF-42CD-A21A-F2F7B918FB59}) (Version: 56.31.61636 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.15 (x64) (HKLM\...\{8731E6E3-AF96-4515-ACEC-DBFB3DF55292}) (Version: 64.60.31149 - Microsoft Corporation) Hidden
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.18623.20156 - Microsoft Corporation)
Microsoft Access 2021 - en-us (HKLM\...\Access2021Retail - en-us) (Version: 16.0.18623.20156 - Microsoft Corporation)
Microsoft Access 2021 - es-es (HKLM\...\Access2021Retail - es-es) (Version: 16.0.18623.20156 - Microsoft Corporation)
Microsoft Access 2021 - fr-fr (HKLM\...\Access2021Retail - fr-fr) (Version: 16.0.18623.20156 - Microsoft Corporation)
Microsoft ASP.NET Core 7.0.7 - Shared Framework (x64) (HKLM-x32\...\{4a749a1a-b799-41b4-a328-33a7b2355e76}) (Version: 7.0.7.23274 - Microsoft Corporation)
Microsoft ASP.NET Core 7.0.7 Shared Framework (x64) (HKLM\...\{5ECA54B7-62F2-39EE-9514-31F7DFFFC968}) (Version: 7.0.7.23274 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\{526BDE6D-4082-3171-9139-D7D11D68A475}) (Version: 135.0.3179.73 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 135.0.3179.54 - Microsoft Corporation) Hidden
Microsoft OneNote - en-us (HKLM\...\OneNoteFreeRetail - en-us) (Version: 16.0.18623.20156 - Microsoft Corporation)
Microsoft OneNote - es-es (HKLM\...\OneNoteFreeRetail - es-es) (Version: 16.0.18623.20156 - Microsoft Corporation)
Microsoft OneNote - fr-fr (HKLM\...\OneNoteFreeRetail - fr-fr) (Version: 16.0.18623.20156 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.19202 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visio - en-us (HKLM\...\VisioPro2021Retail - en-us) (Version: 16.0.18623.20156 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34438 (HKLM-x32\...\{b49c10dd-4d54-45f8-ad13-fa25704456a4}) (Version: 14.42.34438.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.42.34438 (HKLM-x32\...\{ba10fda9-f731-441f-a999-000bbb7ceec2}) (Version: 14.42.34438.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.42.34438 (HKLM\...\{E528AD94-12D7-42C4-91A3-908BE28E9BD2}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.42.34438 (HKLM\...\{2E15F519-4FDA-4834-B4EE-7EFCE7D8D4EE}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.42.34438 (HKLM-x32\...\{A5592FEF-F948-4BA6-A066-8BBFC2DC7EE1}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.42.34438 (HKLM-x32\...\{5D0C4511-3CA1-4FF8-A4BA-C0E1957ABEEA}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-4028688911-4248998318-3670724698-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.99.2 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.25 (x64) (HKLM\...\{E016F2B9-01FE-4FAA-882E-ECC43FA49751}) (Version: 48.100.4037 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.25 (x64) (HKLM-x32\...\{fb0500c1-f968-4621-a48b-985b52884c49}) (Version: 6.0.25.33020 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.28 (x64) (HKLM\...\{443A7BE8-E5BE-4514-BDAB-0A872E3E846B}) (Version: 48.112.10435 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.28 (x64) (HKLM-x32\...\{bd3c5800-9256-43b9-97a7-eb349fc38d78}) (Version: 6.0.28.33420 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 7.0.7 (x64) (HKLM\...\{593F16DC-C2D3-4740-ABD4-A171B4E32B06}) (Version: 56.31.61651 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.7 (x64) (HKLM-x32\...\{e875fc20-9a37-4344-b046-0bb037cb2d57}) (Version: 7.0.7.32525 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.15 (x64) (HKLM\...\{0E4A7820-FDA4-4250-B7AC-E7A2F7B43B64}) (Version: 64.60.31203 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.15 (x64) (HKLM-x32\...\{5625bb48-295c-4113-bc92-d6a69b19b04c}) (Version: 8.0.15.34718 - Microsoft Corporation)
MyDell (HKLM-x32\...\{E131DFE7-2098-409A-B07F-82F2D76BF17B}) (Version: 3.3.54.0 - Dell, Inc.)
MyDell Application Management (HKLM\...\{F0BC3F6A-93E3-41E7-AD3A-2CB678BBD182}) (Version: 3.3.18.0 - Dell Technologies, Inc.) Hidden
MyDell Components Installer (HKLM\...\{2D169554-AC89-4B50-8F96-8CC0F0FABC63}) (Version: 3.3.23.0 - Dell, Technologies, Inc.) Hidden
MyDell Customer Connect (HKLM\...\{6F63F19A-0FE7-41AA-8C40-DE93D4552645}) (Version: 3.3.23.0 - Dell Technologies, Inc.) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18623.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18623.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.18623.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.18623.20156 - Microsoft Corporation) Hidden
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.14.14 - )
PyCharm 2024.1 (HKLM-x32\...\PyCharm 2024.1) (Version: 241.14494.241 - JetBrains s.r.o.)
Python 3.12.2 (64-bit) (HKU\S-1-5-21-4028688911-4248998318-3670724698-1001\...\{b6178a40-1665-4565-b73e-48dd6e039a65}) (Version: 3.12.2150.0 - Python Software Foundation)
Python 3.12.2 Core Interpreter (64-bit) (HKLM\...\{4534F2ED-1616-434D-98A6-0DA358DCD466}) (Version: 3.12.2150.0 - Python Software Foundation) Hidden
Python 3.12.2 Development Libraries (64-bit) (HKLM\...\{F131E2DD-B8C5-42F3-85B7-3D4BAC9582CD}) (Version: 3.12.2150.0 - Python Software Foundation) Hidden
Python 3.12.2 Documentation (64-bit) (HKLM\...\{BD32BDE9-835D-4013-8F9A-45FF11456F02}) (Version: 3.12.2150.0 - Python Software Foundation) Hidden
Python 3.12.2 Executables (64-bit) (HKLM\...\{097D2A37-E94B-4FAD-8C89-D63443BD4D4A}) (Version: 3.12.2150.0 - Python Software Foundation) Hidden
Python 3.12.2 pip Bootstrap (64-bit) (HKLM\...\{BDE73EDC-76AE-475D-8885-9B583631B0FC}) (Version: 3.12.2150.0 - Python Software Foundation) Hidden
Python 3.12.2 Standard Library (64-bit) (HKLM\...\{E172CAF3-ABC7-4B62-BA8C-3A2472DE44F6}) (Version: 3.12.2150.0 - Python Software Foundation) Hidden
Python 3.12.2 Tcl/Tk Support (64-bit) (HKLM\...\{B50C92E9-2780-433A-AA61-E9F06D0AFF8A}) (Version: 3.12.2150.0 - Python Software Foundation) Hidden
Python 3.12.2 Test Suite (64-bit) (HKLM\...\{94087C99-E4F5-4637-A789-3B6059DF787B}) (Version: 3.12.2150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{3B36061E-A25F-4E12-BFD1-68E724723D48}) (Version: 3.12.2150.0 - Python Software Foundation)
Qualys BrowserCheck (HKLM-x32\...\{AE50BCC5-3FA3-45D1-A675-A5F96EA12131}) (Version: 1.6.0 - Qualys)
REALTEK Wireless LAN and Bluetooth Driver (HKLM-x32\...\{6C2C3E2A-EECF-4CA7-9AE4-54907F256E50}) (Version: 23.22.0324.0411 - REALTEK Semiconductor Corp.)
Slack (HKU\S-1-5-21-4028688911-4248998318-3670724698-1001\...\slack) (Version: 4.43.51 - Slack Technologies Inc.)
SmartByte Drivers and Services (HKLM\...\{19A754FE-0343-4311-835F-33EAB7ADEA7B}) (Version: 3.1122.728.7 - Rivet Networks)
TunnelBear (HKLM-x32\...\{542bb2b6-c606-46a9-b361-30175c8ea747}) (Version: 4.11.0.0 - TunnelBear)
TunnelBear (HKLM-x32\...\{610C86DB-759B-4720-AFC7-06347867EDE8}) (Version: 4.11.0.0 - TunnelBear) Hidden
UXP WebView Support (HKLM-x32\...\UXPW_1_2_0) (Version: 1.2.0 - Adobe Inc.)
Zoom Workplace (64-bit) (HKLM\...\{8D8D4EA6-C699-4ADA-A2CC-E66F9297D7EB}) (Version: 6.4.63669 - Zoom)
Chrome apps:
============
Google Chat (HKU\S-1-5-21-4028688911-4248998318-3670724698-1001\...\1e25990b69bf729619888683ba46ffe1) (Version: 1.0 - Google\Chrome)
Instagram (HKU\S-1-5-21-4028688911-4248998318-3670724698-1001\...\b904be76db34fddac4c0ff314404953e) (Version: 1.0 - Google\Chrome)
Messages (HKU\S-1-5-21-4028688911-4248998318-3670724698-1001\...\71850199f4e46b419cb0ebf3c6bd2050) (Version: 1.0 - Google\Chrome)
Microsoft OneDrive (HKU\S-1-5-21-4028688911-4248998318-3670724698-1001\...\944c93ebea7ca7dae0a7941825a7ad6b) (Version: 1.0 - Google\Chrome)
Monarch Money (HKU\S-1-5-21-4028688911-4248998318-3670724698-1001\...\f7ae96616716c429a71a9daf90f3bbd8) (Version: 1.0 - Google\Chrome)
Quicken Simplifi (HKU\S-1-5-21-4028688911-4248998318-3670724698-1001\...\86f42e9c86d9121c44f8bfdb15b069ac) (Version: 1.0 - Google\Chrome)
Reddit (HKU\S-1-5-21-4028688911-4248998318-3670724698-1001\...\56a61d51d8402b9d8af575a79dce5d03) (Version: 1.0 - Google\Chrome)
Threads (HKU\S-1-5-21-4028688911-4248998318-3670724698-1001\...\e31f8df3a8f7e4c7be96fcaa7193f21e) (Version: 1.0 - Google\Chrome)
WhatsApp Web (HKU\S-1-5-21-4028688911-4248998318-3670724698-1001\...\0ad44747662e719a764da54a8b9bece3) (Version: 1.0 - Google\Chrome)
Packages:
=========
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3624.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-04-10] (Microsoft Windows)
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2024-01-28] (Adobe Systems Incorporated)
Active Trader Pro Beta -> C:\Program Files\WindowsApps\475B4D62-39BB-4548-8B64-8F39079C8D24_3.0.0.7_x64__5z2y2pxwv7j7c [2025-04-07] (Fidelity Investments (FMR LLC))
Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC [2025-03-21] ()
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_6.0.0.1_x86__enpm4xejd91yc [2024-05-21] (Adobe Systems Incorporated)
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt [2024-11-09] (INTEL CORP) [Startup Task]
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_5.5.0.0_x64__htrsf667h5kn2 [2025-02-06] (Dell Inc)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_4.8.0.0_x64__htrsf667h5kn2 [2025-01-23] (Dell Inc)
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_5.4.19.0_x86__htrsf667h5kn2 [2024-09-13] (Dell Inc)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_158.2.1134.0_x64__v10z8vjag6ke6 [2025-04-01] (HP Inc.)
Ink.Handwriting.en-US.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.en-US.1.0_0.780.13.0_x64__8wekyb3d8bbwe [2025-02-26] (Microsoft Corporation)
Ink.Handwriting.en-US.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.en-US.1.0_0.780.13.0_x86__8wekyb3d8bbwe [2025-02-26] (Microsoft Corporation)
Ink.Handwriting.Main.en-US.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.Main.en-US.1.0.1_0.780.13.0_x64__8wekyb3d8bbwe [2025-02-26] (Microsoft Corporation)
Intel® Rapid Storage Technology Application -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_20.0.1019.0_x64__8j3eq9eme6ctt [2024-11-22] (INTEL CORP)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-01-30] (Microsoft Corp.)
OneDrive -> C:\Program Files\WindowsApps\microsoft.microsoftskydrive_19.23.19.0_x64__8wekyb3d8bbwe [2024-09-30] (Microsoft Corporation)
Replit -> C:\Program Files\WindowsApps\replit.com-D1C64614_1.0.0.1_neutral__rrvvrh8fxhgqr [2025-04-10] (replit.com)
SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_3.1.1002.0_x64__rh07ty8m5nkag [2024-01-26] (Rivet Networks LLC)
SpotifyAB.SpotifyMusic -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0 [2025-03-27] (Spotify AB) [Startup Task]
Waves MaxxAudio Pro for Dell 2022 -> C:\Program Files\WindowsApps\WavesAudio.MaxxAudioProforDell2022_5.0.59.0_x64__fh4rh281wavaa [2024-10-05] (Waves Audio)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2514.4.0_x64__cv1g1gvanyjgm [2025-04-10] (WhatsApp Inc.) [Startup Task]
WinAppRuntime.Main.1.4 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.4_4000.1309.2056.0_x64__8wekyb3d8bbwe [2024-08-16] (Microsoft Corp.)
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.373.1736.0_x64__8wekyb3d8bbwe [2025-01-29] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_7000.456.1632.0_x64__8wekyb3d8bbwe [2025-04-10] (Microsoft Corp.)
Windows App Runtime DDLM 4000.964.11.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.964.11.0-x6_4000.964.11.0_x64__8wekyb3d8bbwe [2024-01-27] (Microsoft Corporation)
Windows App Runtime DDLM 4000.964.11.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.964.11.0-x8_4000.964.11.0_x86__8wekyb3d8bbwe [2024-01-27] (Microsoft Corporation)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-04-10] (Microsoft Windows)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4028688911-4248998318-3670724698-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-4028688911-4248998318-3670724698-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-4028688911-4248998318-3670724698-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-4028688911-4248998318-3670724698-1001_Classes\CLSID\{6da32e32-0686-8d4f-e799-79dc9f129f0f}\localserver32 -> C:\Program Files\Dell\MyDell\Console\NGA.ThickClient.exe (Dell Technologies Inc. -> Dell)
CustomCLSID: HKU\S-1-5-21-4028688911-4248998318-3670724698-1001_Classes\CLSID\{BEA218D2-6950-497B-9434-61683EC065FE}\InprocServer32 -> C:\Users\micro\AppData\Local\Programs\Python\Launcher\pyshellext.amd64.dll (Python Software Foundation -> Python Software Foundation)
CustomCLSID: HKU\S-1-5-21-4028688911-4248998318-3670724698-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-4028688911-4248998318-3670724698-1001_Classes\CLSID\{ed071ecf-3772-736c-aec0-661da10aeefc}\localserver32 -> C:\Program Files\Dell\MyDell\Console\Dell.UCA.Systray.exe (Dell Technologies Inc. -> Dell)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\106.0.4.0\drivefsext.dll [2025-03-26] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\106.0.4.0\drivefsext.dll [2025-03-26] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\106.0.4.0\drivefsext.dll [2025-03-26] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\106.0.4.0\drivefsext.dll [2025-03-26] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2025-01-16] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2025-01-16] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2025-01-16] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-04-09] (Avast Software s.r.o. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\106.0.4.0\drivefsext.dll [2025-03-26] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\106.0.4.0\drivefsext.dll [2025-03-26] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\106.0.4.0\drivefsext.dll [2025-03-26] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\106.0.4.0\drivefsext.dll [2025-03-26] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-04-09] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2025-01-16] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2025-03-06] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-04-09] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers1: [Avast Cleanup Premium] -> {13004120-FCAF-4232-A255-807EAD6E7D01} => C:\Program Files\Avast Software\Cleanup\tucontextmenu.dll [2025-04-12] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\106.0.4.0\drivefsext.dll [2025-03-26] (Google LLC -> Google LLC.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-04-09] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers4: [Avast Cleanup Premium] -> {13004120-FCAF-4232-A255-807EAD6E7D01} => C:\Program Files\Avast Software\Cleanup\tucontextmenu.dll [2025-04-12] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\106.0.4.0\drivefsext.dll [2025-03-26] (Google LLC -> Google LLC.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\106.0.4.0\drivefsext.dll [2025-03-26] (Google LLC -> Google LLC.)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2025-01-16] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2025-03-06] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-04-09] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers6: [Avast Cleanup Premium] -> {13004120-FCAF-4232-A255-807EAD6E7D01} => C:\Program Files\Avast Software\Cleanup\tucontextmenu.dll [2025-04-12] (Avast Software s.r.o. -> Gen Digital Inc.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\micro\OneDrive\Desktop\Google Drive.lnk -> C:\Program Files\Google\Drive File Stream\launch.bat ()
ShortcutWithArgument: C:\Users\micro\OneDrive\Desktop\Al - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\micro\OneDrive\Desktop\Google Chat.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=mdpkiolbdkhdjpekfbkbmhigcaggjagi
ShortcutWithArgument: C:\Users\micro\OneDrive\Desktop\Instagram.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=akpamiohjfcnimfljfndmaldlcfphjmp
ShortcutWithArgument: C:\Users\micro\OneDrive\Desktop\Microsoft OneDrive.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=abnfpfhjmipcnaibcolbacfhgfcmjjbn
ShortcutWithArgument: C:\Users\micro\OneDrive\Desktop\Monarch Money.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=amfocbaodnbjankcmmkijopbkmoifgig
ShortcutWithArgument: C:\Users\micro\OneDrive\Desktop\Quicken Simplifi.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fklbjelakphlmibggfkjhjphnednphng
ShortcutWithArgument: C:\Users\micro\OneDrive\Desktop\Reddit.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=lgnggepjiihbfdbedefdhcffnmhcahbm
ShortcutWithArgument: C:\Users\micro\OneDrive\Desktop\Threads.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=aaanfdldlfhmjfdagojbccckmhelibbf
ShortcutWithArgument: C:\Users\micro\OneDrive\Desktop\WhatsApp Web.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hnpfjngllnobngcgfapefoaidbinmjnm
ShortcutWithArgument: C:\Users\micro\OneDrive\Desktop\desktop clean nov24\Messages.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hpfldicfbfomlpcikngkocigghgafkph
ShortcutWithArgument: C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_mdpkiolbdkhdjpekfbkbmhigcaggjagi\Google Chat.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=mdpkiolbdkhdjpekfbkbmhigcaggjagi
ShortcutWithArgument: C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_lgnggepjiihbfdbedefdhcffnmhcahbm\Reddit.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=lgnggepjiihbfdbedefdhcffnmhcahbm
ShortcutWithArgument: C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_hpfldicfbfomlpcikngkocigghgafkph\Messages.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hpfldicfbfomlpcikngkocigghgafkph
ShortcutWithArgument: C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_hnpfjngllnobngcgfapefoaidbinmjnm\WhatsApp Web.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hnpfjngllnobngcgfapefoaidbinmjnm
ShortcutWithArgument: C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_fklbjelakphlmibggfkjhjphnednphng\Quicken Simplifi.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fklbjelakphlmibggfkjhjphnednphng
ShortcutWithArgument: C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_amfocbaodnbjankcmmkijopbkmoifgig\Monarch Money.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=amfocbaodnbjankcmmkijopbkmoifgig
ShortcutWithArgument: C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_akpamiohjfcnimfljfndmaldlcfphjmp\Instagram.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=akpamiohjfcnimfljfndmaldlcfphjmp
ShortcutWithArgument: C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_abnfpfhjmipcnaibcolbacfhgfcmjjbn\Microsoft OneDrive.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=abnfpfhjmipcnaibcolbacfhgfcmjjbn
ShortcutWithArgument: C:\Users\micro\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_aaanfdldlfhmjfdagojbccckmhelibbf\Threads.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=aaanfdldlfhmjfdagojbccckmhelibbf
ShortcutWithArgument: C:\Users\micro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\All-in-One Messenger.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=lainlkmlgipednloilifbppmhdocjbda
ShortcutWithArgument: C:\Users\micro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Chat.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=mdpkiolbdkhdjpekfbkbmhigcaggjagi
ShortcutWithArgument: C:\Users\micro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Instagram.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=akpamiohjfcnimfljfndmaldlcfphjmp
ShortcutWithArgument: C:\Users\micro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Messages.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hpfldicfbfomlpcikngkocigghgafkph
ShortcutWithArgument: C:\Users\micro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Microsoft OneDrive.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=abnfpfhjmipcnaibcolbacfhgfcmjjbn
ShortcutWithArgument: C:\Users\micro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Monarch Money.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=amfocbaodnbjankcmmkijopbkmoifgig
ShortcutWithArgument: C:\Users\micro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Quicken Simplifi.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fklbjelakphlmibggfkjhjphnednphng
ShortcutWithArgument: C:\Users\micro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Reddit.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=lgnggepjiihbfdbedefdhcffnmhcahbm
ShortcutWithArgument: C:\Users\micro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Threads.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=aaanfdldlfhmjfdagojbccckmhelibbf
ShortcutWithArgument: C:\Users\micro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\WhatsApp Web.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hnpfjngllnobngcgfapefoaidbinmjnm
ShortcutWithArgument: C:\Users\micro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Monarch Money.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=amfocbaodnbjankcmmkijopbkmoifgig
ShortcutWithArgument: C:\Users\micro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b9f5b383aba824ab\MightyText - SMS from PC & Text from Computer.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=dkfhfaphfkopdgpbfkebjfcblcafcmpi
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2025-04-03] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2025-03-13] (Adobe Inc. -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2025-03-13] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2025-04-03] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2025-03-13] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2025-03-13] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2025-03-13] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2025-03-13] (Adobe Inc. -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-04-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-04-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-04-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-04-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-04-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-04-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-04-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-04-03] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-4028688911-4248998318-3670724698-1001\...\sharepoint.com -> hxxps://pccedu-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2022-05-06 22:24 - 2025-04-12 14:46 - 000000822 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4028688911-4248998318-3670724698-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\micro\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalCache\Microsoft\IrisService\5003946842604889710\133728972620979068.jpg
DNS Servers: 192.168.254.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: Intel® Wi-Fi 6 AX201 160MHz -> Netwtw14.sys
Ethernet 4: TunnelBear Adapter V9 #3 -> tap-tb-0901.sys
Ethernet 2: TunnelBear Adapter V9 -> tap-tb-0901.sys
Ethernet 3: TunnelBear Adapter V9 #2 -> tap-tb-0901.sys
vms_vsf: Hyper-V Virtual Switch Extension Filter
ms_l1vhlwf: Nested Network Virtualization
vms_vsp: Hyper-V Virtual Switch Extension Protocol
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "WavesSvc"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKLM\...\StartupApproved\Run32: => "FastFoto"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-4028688911-4248998318-3670724698-1001\...\StartupApproved\Run: => "BID Drop Box"
HKU\S-1-5-21-4028688911-4248998318-3670724698-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-4028688911-4248998318-3670724698-1001\...\StartupApproved\Run: => "GoogleDriveFS"
HKU\S-1-5-21-4028688911-4248998318-3670724698-1001\...\StartupApproved\Run: => "HP OfficeJet Pro 7740 (NET)"
HKU\S-1-5-21-4028688911-4248998318-3670724698-1001\...\StartupApproved\Run: => "com.squirrel.MightyText.MightyText"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{AC498B86-9483-4DA3-AE08-CBF1FEB22247}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{DFC74F17-1F17-4745-8381-5970682DA62B}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [UDP Query User{A0248485-1806-4E83-9DA7-7204731712B3}C:\program files\jetbrains\pycharm 2024.1\bin\pycharm64.exe] => (Allow) C:\program files\jetbrains\pycharm 2024.1\bin\pycharm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [TCP Query User{FBDC9846-FE4A-4135-9E4D-70C9F61CE297}C:\program files\jetbrains\pycharm 2024.1\bin\pycharm64.exe] => (Allow) C:\program files\jetbrains\pycharm 2024.1\bin\pycharm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [{7EF100D3-4C53-49AC-8930-70D63BB87FCC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{574E6CD0-A268-40AD-BC8B-5DCCFE44F13F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{537F7A8C-A21D-42F7-951D-2E9F2369D28F}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 7740 series\Bin\HPNetworkCommunicatorCom.exe (HP Inc. -> HP Inc.)
FirewallRules: [{0E0C90AF-6D9C-4AB2-99F8-DED579D12110}] => (Allow) LPort=5357
FirewallRules: [{A0D1B882-DE74-467E-8DFE-56268297651C}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 7740 series\Bin\DeviceSetup.exe (HP Inc. -> HP Inc.)
FirewallRules: [{9717D07D-CBF8-44C4-AA90-2D39150D6F14}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 7740 series\bin\FaxPrinterUtility.exe (HP Inc. -> HP Inc.)
FirewallRules: [{546C5BB9-4EEE-471A-A7F7-9737C52DBA3E}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 7740 series\bin\SendAFax.exe (HP Inc. -> HP Inc.)
FirewallRules: [{D8D16B5B-DDCB-4310-BEEC-C55EBF9707AE}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 7740 series\bin\DigitalWizards.exe (HP Inc. -> HP Inc.)
FirewallRules: [{AEFAB3E5-6930-4F4B-A42F-203D254EC81C}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 7740 series\bin\FaxApplications.exe (HP Inc. -> HP Inc.)
FirewallRules: [{552C02D2-F6FB-44FA-9178-AF5BAD12C10E}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{CAACC318-EC9E-45D0-8823-82AAA84C5FCF}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{844CEE2A-925A-4F12-806B-1816E5ECD5B2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{80F7B971-7A93-46C1-A6B5-7B582269F998}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{6123C22C-D09D-4CAE-AF8C-976FE7CD41B3}C:\program files\adobe\adobe premiere pro 2024\adobe premiere pro.exe] => (Allow) C:\program files\adobe\adobe premiere pro 2024\adobe premiere pro.exe (Adobe Inc. -> Adobe)
FirewallRules: [TCP Query User{021533A2-8DA8-4FE9-BAF5-74C1420B9930}C:\program files\adobe\adobe premiere pro 2024\adobe premiere pro.exe] => (Allow) C:\program files\adobe\adobe premiere pro 2024\adobe premiere pro.exe (Adobe Inc. -> Adobe)
FirewallRules: [UDP Query User{DC4A33A2-7CCA-48D5-97FD-CD56A0181BB7}C:\program files (x86)\brackets\node.exe] => (Allow) C:\program files (x86)\brackets\node.exe (Adobe Inc. -> Node.js)
FirewallRules: [TCP Query User{35FC9536-F1C4-442D-B84D-08FF58DBDE37}C:\program files (x86)\brackets\node.exe] => (Allow) C:\program files (x86)\brackets\node.exe (Adobe Inc. -> Node.js)
FirewallRules: [{0632FBE3-9E96-41F9-BFF4-1B6C7BD16D6B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E8A70848-5825-42B1-B879-DEA28E813AA3}] => (Allow) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{454B0A42-8137-46F6-9A8A-5021BB5E19F4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4ED294D8-FF2A-4AE8-86C2-81648B048FEB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A8FD70F8-176C-47B8-B973-56A6F4ABFC12}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7BB5A286-5E75-4AB8-AA1D-4EC694E5CA1A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C70E4544-D66D-423E-938D-16F17FFE1B93}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{FAFD332F-8409-445B-861C-5C26D156720B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{FDA7FC55-1135-402C-A442-3C7898B7F126}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5589092D-247B-4D65-A790-33D6F09B160C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{955050D5-5BFD-4420-A501-AD8B0393E620}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{40BC48C5-EE30-437D-A009-CCF2A329F790}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.260.564.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [FPS-SpoolWorker-In-TCP] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-V2] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-NoScope] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{54A329D7-20F3-4080-AB8B-CAA04F78A01A}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25072.1609.3541.7814_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FBE71FF1-DB2A-471D-A081-985F4A21AAE4}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25072.1609.3541.7814_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0F88DF68-91EF-4E11-B9D7-411C03368EBA}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\135.0.3179.54\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3008FFA4-4AF0-4C9A-8216-85B05F5DCAC9}] => (Allow) C:\Program Files\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Communications, Inc.)
FirewallRules: [{02847F33-8F1F-4338-906B-70C17F9621BF}] => (Allow) C:\Program Files\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{08C733F2-AC71-4F6F-A45C-B9753AABEEA7}] => (Allow) C:\Program Files\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{C85724C0-FD12-4CDC-8DF5-01F971EA5867}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{8E2C10E5-0B68-46AD-8042-6F5996CB0168}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{DCBBCEBF-756C-4974-8F3D-69CA155B55D2}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
11-04-2025 20:26:08 Removed Google Chrome
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/12/2025 02:48:07 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\ACV-LPTP$ via https://INTC-KeyId-1...plates/Aik/scepfailed:
GetCACaps
Method: GET(31ms)
Stage: GetCACaps
The server name or address could not be resolved 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)
Error: (04/12/2025 02:47:44 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Users\micro\AppData\Local\CapCut\Apps\CapCut.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.26100.3624_none_85b5a039f7b0882a.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.26100.3624_none_3e086962e3345f24.manifest.
Error: (04/12/2025 02:15:35 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied..This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {b86a44be-c6cd-4498-ae17-59a132a13270}
Error: (04/12/2025 02:11:33 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied..This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {b86a44be-c6cd-4498-ae17-59a132a13270}
Error: (04/11/2025 09:56:33 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Users\micro\AppData\Local\CapCut\Apps\CapCut.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.26100.3624_none_85b5a039f7b0882a.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.26100.3624_none_3e086962e3345f24.manifest.
Error: (04/11/2025 09:44:03 PM) (Source: Universal Print) (EventID: 1) (User: )
Description: Failed to GetUserSid. hr: 0x8001012d
Error: (04/11/2025 09:43:08 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.]
Error: (04/11/2025 09:42:11 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid..
Operation:
Executing Asynchronous Operation
Context:
Current State: DoSnapshotSet
System errors:
=============
Error: (04/12/2025 02:48:43 PM) (Source: Microsoft-Windows-DeviceAssociationService) (EventID: 3509) (User: NT AUTHORITY)
Description: Device Association Failed - Select Ceremony.
Error: (04/12/2025 02:48:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The IntelTACD service failed to start due to the following error:
The system cannot find the file specified.
Error: (04/12/2025 02:48:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The IntelTACD service failed to start due to the following error:
The system cannot find the file specified.
Error: (04/12/2025 02:48:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The IntelTACD service failed to start due to the following error:
The system cannot find the file specified.
Error: (04/12/2025 02:48:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The IntelTACD service failed to start due to the following error:
The system cannot find the file specified.
Error: (04/12/2025 02:48:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The IntelTACD service failed to start due to the following error:
The system cannot find the file specified.
Error: (04/12/2025 02:48:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The IntelTACD service failed to start due to the following error:
The system cannot find the file specified.
Error: (04/12/2025 02:48:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The IntelTACD service failed to start due to the following error:
The system cannot find the file specified.
CodeIntegrity:
===============
Date: 2025-04-06 12:17:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Avast Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2025-03-31 02:14:45
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Google\Chrome\Application\134.0.6998.178\chrome.dll that did not meet the Microsoft signing level requirements.
Date: 2025-03-30 11:39:18
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Google\Chrome\Application\134.0.6998.166\chrome_elf.dll that did not meet the Microsoft signing level requirements.
Date: 2025-01-15 07:48:41
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\AI\ai.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Store signing level requirements.
Date: 2024-12-06 14:48:07
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Google\Chrome\Application\131.0.6778.86\chrome.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. 1.30.0 12/16/2024
Motherboard: Dell Inc. 084YKK
Processor: 12th Gen Intel® Core™ i3-1215U
Percentage of memory in use: 88%
Total physical RAM: 7876.74 MB
Available physical RAM: 914.94 MB
Total Virtual: 28356.74 MB
Available Virtual: 17323.98 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:453.94 GB) (Free:245.21 GB) (Model: NVMe P41PL NVMe SOLIDIGM 512GB) (Protected) NTFS
\\?\Volume{67e71c82-dea7-4080-8e58-f6531841a65d}\ (WINRETOOLS) (Fixed) (Total:1.13 GB) (Free:0.35 GB) NTFS
\\?\Volume{5297c911-c3fc-41c9-8ef2-dac31280b74d}\ (Image) (Fixed) (Total:19.83 GB) (Free:0.13 GB) NTFS
\\?\Volume{b68c8309-be90-489f-ae84-2f449e471f64}\ (DELLSUPPORT) (Fixed) (Total:1.52 GB) (Free:0.45 GB) NTFS
\\?\Volume{4dd6bf97-f159-4fe2-98e0-7f2c55f2e6bc}\ (ESP) (Fixed) (Total:0.39 GB) (Free:0.29 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 2E91E045)
Partition: GPT.
==================== End of Addition.txt =======================
Answered
![Google Chrome keeps getting the default search set to Yahoo [Closed] - last post by Gary R](https://www.geekstogo.com/forum/uploads/profile/photo-thumb-296954.jpg?_r=0)
Sign In
Create Account
