Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 
This topic is locked
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-08-2022
Ran by Andrew (administrator) on PC-DOWNSTAIRS (Dell Inc. XPS 8700) (07-09-2022 18:28:32)
Running from C:\Users\Andrew\Desktop
Loaded Profiles: Andrew
Platform: Microsoft Windows 10 Home Version 21H1 19043.1889 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Garmin\Express\express.exe ->) (The CefSharp Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe
(C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe ->) (Intel® Services Manager -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Update Manager\bin\ui\updateui.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\DCF\Dell.DCF.UA.Bradbury.API.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DataManagerSubAgent\Dell.TechHub.DataManager.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DiagnosticsSubAgent\Dell.TechHub.Diagnostics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(C:\Users\Andrew\AppData\Local\Amazon Drive\AmazonPhotos.exe ->) (Amazon.com Services LLC -> AmazonPhotosDesktop) C:\Users\Andrew\AppData\Local\Amazon Drive\Electron\Amazon Photos.exe <4>
(Dropbox, Inc -> ) C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
(explorer.exe ->) (Amazon.com Services LLC -> Amazon.com Inc.) C:\Users\Andrew\AppData\Local\Amazon Drive\AmazonPhotos.exe
(explorer.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(explorer.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc) C:\Program Files\Citrix\Secure Access Client\nsload.exe
(explorer.exe ->) (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <10>
(explorer.exe ->) (GoPro, Inc. -> ) C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(explorer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(SearchIndexer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(services.exe ->) (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(services.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(services.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc) C:\Program Files\Citrix\Secure Access Client\nsverctl.exe
(services.exe ->) (CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (Dell Inc -> Dell) C:\Program Files\Dell\TechHub\Dell.TechHub.exe
(services.exe ->) (GoPro Media, Inc. -> ) C:\Program Files\GoPro\Fusion Studio 1.2\GoProFusionDeviceDetection.exe
(services.exe ->) (GoPro, Inc. -> ) C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
(services.exe ->) (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(services.exe ->) (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel® Services Manager -> ) C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(svchost.exe ->) (CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22062.543.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Slimware Utilities Holdings, Inc. -> SlimWare Utilities, Inc.) C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1804432 2015-09-18] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2017-01-19] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [GoPro Tray App] => C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe [1088944 2016-05-12] (GoPro, Inc. -> )
HKLM-x32\...\Run: [DropboxOEM] => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [462160 2014-09-02] (Dropbox, Inc -> )
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-4210094547-1222425090-1366728247-1001\...\Run: [UpdateAdmin] => C:\Users\Andrew\AppData\Local\UpdateAdmin\UpdateAdmin.exe /RUN (No File)
HKU\S-1-5-21-4210094547-1222425090-1366728247-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30919232 2019-03-19] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-4210094547-1222425090-1366728247-1001\...\Run: [Amazon Photos] => C:\Users\Andrew\AppData\Local\Amazon Drive\AmazonPhotos.exe [10970792 2022-08-18] (Amazon.com Services LLC -> Amazon.com Inc.)
HKU\S-1-5-21-4210094547-1222425090-1366728247-1001\...\Run: [MicrosoftEdgeAutoLaunch_F1673E5ED4C265388CE34C24EEBD84A5] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3795360 2022-09-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4210094547-1222425090-1366728247-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [809472 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\hpcpp170: C:\Windows\System32\spool\prtprocs\x64\hpcpp170.dll [610080 2014-06-17] (Hewlett-Packard Company -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\hpcpp175: C:\Windows\System32\spool\prtprocs\x64\hpcpp175.dll [617712 2014-11-20] (Hewlett-Packard Company -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\hpcpp180: C:\Windows\System32\spool\prtprocs\x64\hpcpp180.dll [647408 2015-08-18] (Hewlett-Packard Company -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\HP Universal Print Monitor: C:\WINDOWS\system32\HPMPW081.DLL [126704 2015-08-18] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM\...\Print\Monitors\HPMLM135: C:\WINDOWS\system32\hpmlm135.dll [237344 2014-06-17] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM\...\Print\Monitors\HPMLM180: C:\WINDOWS\system32\hpmlm180.dll [309488 2015-08-18] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\104.0.5112.102\Installer\chrmstp.exe [2022-08-27] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2014-06-03] (Broadcom Corporation -> Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NetScaler Gateway.lnk [2020-12-18]
ShortcutTarget: NetScaler Gateway.lnk -> C:\Program Files\Citrix\Secure Access Client\nsload.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
Startup: C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2020-06-14]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00404009-D7BB-4AF5-A381-DAEEC5D72A9C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {0EA94499-304F-41AB-89EE-84F2303B6357} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23713200 2022-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {15A496E5-96B1-476D-92AC-780498F09901} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {15CC294B-3056-4805-A7EC-5AE0ABD38A4F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-04-18] (Google LLC -> Google LLC)
Task: {216CC944-7763-4E79-89E9-0E8FF8341620} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {248C5E2E-1CFB-4D23-BBB2-D7F64955D779} - System32\Tasks\Dell\Dell Product Registration Update => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [157216 2014-10-31] (Leader Technologies Inc -> Aviata Inc)
Task: {3347228E-C394-4AFE-AA85-AA0B98CEF514} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File)
Task: {43228F50-698A-488B-8030-8B6BB1882375} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {46B67F2A-FAD5-4250-9697-A39B12665C05} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [690656 2022-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {4FA7EC31-86FC-4EA6-83EA-87096D39C2A8} - System32\Tasks\DriverUpdate Scan => C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe [28923072 2016-09-12] (Slimware Utilities Holdings, Inc. -> SlimWare Utilities, Inc.) <==== ATTENTION
Task: {525A151C-BFFC-4B5F-9113-F0CEE50C78D4} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {53BADDCD-28CA-4F33-8826-6F2188F8B7A6} - System32\Tasks\SlimCleaner Plus (Scheduled Scan - Andrew) => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe /doScheduledScan (No File)
Task: {57286F15-2588-4CAC-BFA9-117DF1F6128F} - \WPD\SqmUpload_S-1-5-21-4210094547-1222425090-1366728247-1001 -> No File <==== ATTENTION
Task: {5CC4323C-4BF5-4153-A519-192F27F9E956} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {62E6574A-55E7-4552-854C-BBF67289BEE8} - System32\Tasks\UninstallDDS-C960901F-CE14-4DE1-9729-1305F719A337 => C:\WINDOWS\TEMP\DeleteFolderTask.exe (No File) <==== ATTENTION
Task: {6836C0EF-4C6C-4D01-AD55-E013DF2E1D61} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {6A81C1D2-C4F7-41C7-8EAB-3FDF82902DB9} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-01-17] (Intel® Services Manager -> )
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {7A227889-D6B3-4FFB-B232-FCB294356CDD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {7C9547FD-93A1-4802-80C0-BA0133A7EFC1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-04-18] (Google LLC -> Google LLC)
Task: {80EEB6D5-AC53-4AD0-A64F-C1C2C3BEF836} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {8524BD3F-A9D5-483D-9E14-29B562AF6EDC} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [39920 2019-03-19] (Garmin International, Inc. -> )
Task: {85FC84F4-0B93-4FBE-9528-79A24C58555C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8D65079F-FF32-4994-AABE-EA516FD2046C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.)
Task: {98082658-E98D-46D2-9D9E-5E5D197A88C3} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {98C507EE-D460-4F5D-B3E1-C59C35C25E60} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {9982E89C-9095-4E2F-A3DA-857A3F07E607} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9C1D4450-D08D-4A54-9368-DC9580AF385A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23713200 2022-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {A46CADF2-BBC9-46F7-B8EE-2258EA4FA722} - System32\Tasks\DriverUpdate Startup => C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe [28923072 2016-09-12] (Slimware Utilities Holdings, Inc. -> SlimWare Utilities, Inc.) <==== ATTENTION
Task: {A4E89E72-7F0E-4EFB-8F1E-CBAAD962416C} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-01-17] (Intel® Services Manager -> )
Task: {AF4A9B4D-3E08-44B4-8EBF-F20A208772F7} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116632 2022-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {BAD02952-D5D8-4B4C-92C8-C8219A6E4999} - \McAfee\McAfee Idle Detection Task -> No File <==== ATTENTION
Task: {C436BE4F-9C2B-4031-92EF-AA963C847D65} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {CBAAE2F5-D401-4DE1-962D-793318B85051} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110144 2013-03-04] (CyberLink Corp. -> CyberLink)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D551B02D-717C-4D0A-AF83-E55D3D184A42} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {D9073195-0144-488C-879F-100C7F1E824C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {DEC55B40-CE8D-4AD3-B6E1-F39DA086C582} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {EE38E9B7-8D73-48B6-BDBB-2A7CE2558617} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {F255D1A4-505C-43DC-8A47-3FD5EC265EA9} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [340440 2013-03-22] (CyberLink Corp. -> CyberLink Corp.)
Task: {F30A3CDC-5362-4722-AF5D-F55FA4850F18} - System32\Tasks\Dell\Dell Product Registration => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [157216 2014-10-31] (Leader Technologies Inc -> Aviata Inc)
Task: {FA9775B8-F4A1-426A-8FA6-60DBB5AE4842} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\FrameworkAgents\SupportAssistInstaller.exe [665952 2022-06-21] (Dell Inc -> Dell Inc.)
Task: {FAB381EA-7EB8-4C3A-B42E-231026F6F8C4} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116632 2022-08-11] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DriverUpdate Scan.job => C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe
Task: C:\WINDOWS\Tasks\DriverUpdate Startup.job => C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe
Task: C:\WINDOWS\Tasks\SlimCleaner Plus (Scheduled Scan - Andrew).job => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 75.153.171.116
Tcpip\..\Interfaces\{3f3b97c2-85a3-4699-8b87-57a1f17bf68d}: [DhcpNameServer] 192.168.1.254 75.153.171.116
Tcpip\..\Interfaces\{594608cd-eadf-4a04-a0f2-5054ac193a5c}: [DhcpNameServer] 192.168.1.254 75.153.171.116
Edge:
=======
DownloadDir: C:\Users\Andrew\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-4210094547-1222425090-1366728247-1001 -> hxxp://www.google.com/
Edge Notifications: HKU\S-1-5-21-4210094547-1222425090-1366728247-1001 -> hxxps://chat.telus.com
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Andrew\AppData\Local\Microsoft\Edge\User Data\Default [2022-09-07]
Edge DownloadDir: Default -> C:\Users\Andrew\Downloads
Edge Notifications: Default -> hxxps://chat.telus.com; hxxps://mail.google.com; hxxps://telus.techsee.me; hxxps://www.facebook.com
Edge HomePage: Default -> hxxp://www.google.com/
Edge StartupUrls: Default -> "hxxps://google.com/"
Edge Extension: (Google Docs Offline) - C:\Users\Andrew\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-09-07]
Edge Profile: C:\Users\Andrew\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2022-09-07]
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}] - C:\Program Files (x86)\PremierOpinion\firefox
FF Extension: (PremierOpinion) - C:\Program Files (x86)\PremierOpinion\firefox [2016-10-09] [Legacy] [not signed]
FF Plugin: @Citrix.com/npagee64,version=11.1.63.15 -> C:\Program Files\Citrix\Secure Access Client\npagee64.dll [2020-01-16] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-08-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @Citrix.com/npagee,version=11.1.63.15 -> C:\Program Files\Citrix\Secure Access Client\npagee.dll [2020-01-16] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Andrew\AppData\Roaming\mozilla\plugins\npagee.dll [2020-12-18]
FF Plugin ProgramFiles/Appdata: C:\Users\Andrew\AppData\Roaming\mozilla\plugins\npagee64.dll [2020-12-18]
Chrome:
=======
CHR DefaultProfile: Profile 4
CHR Profile: C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Profile 2 [2022-09-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-09-07]
CHR Profile: C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Profile 4 [2022-09-07]
CHR Notifications: Profile 4 -> hxxps://alanxelsys.com; hxxps://mail.google.com
CHR Extension: (Google Docs Offline) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-09-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-09-07]
CHR Profile: C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\System Profile [2022-09-07]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12102608 2022-08-11] (Microsoft Corporation -> Microsoft Corporation)
S2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [458960 2022-05-20] (Dell Inc -> Dell Technologies Inc.)
S2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [138448 2022-05-20] (Dell Inc -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [484560 2022-05-20] (Dell Inc -> Dell Technologies Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2017-09-19] (Dell Inc -> Dell Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [44448 2022-04-27] (Dell Inc -> )
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [278568 2014-10-31] (Leader Technologies Inc -> Aviata, Inc.)
R2 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [134560 2022-02-19] (Dell Inc -> Dell)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [37808 2016-05-12] (GoPro, Inc. -> )
R2 GoProFusionDeviceDetectionService; C:\Program Files\GoPro\Fusion Studio 1.2\GoProFusionDeviceDetection.exe [41872 2018-05-31] (GoPro Media, Inc. -> )
R3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-01-17] (Intel® Services Manager -> )
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2014-11-17] (Hewlett-Packard) [File not signed]
R2 nsverctl; C:\Program Files\Citrix\Secure Access Client\nsverctl.exe [223656 2020-01-16] (Citrix Systems, Inc. -> Citrix Systems, Inc)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2014-11-17] (Hewlett-Packard) [File not signed]
S2 PremierOpinion; C:\Program Files (x86)\PremierOpinion\pmservice.exe [208320 2017-05-24] (VoiceFive Networks, Inc. -> VoiceFive, Inc.) <==== ATTENTION
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-29] (CyberLink Corp. -> CyberLink)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [137056 2022-06-21] (Dell Inc -> Dell Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe [3125112 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe [133560 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R2 cag; C:\Program Files\Common Files\Deterministic Networks\Common Files\cag.sys [112616 2017-06-13] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
R3 ctxva51; C:\WINDOWS\System32\drivers\ctxva51.sys [47720 2020-01-16] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
S3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [43400 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies)
R3 DellInstrumentation; C:\WINDOWS\System32\drivers\DellInstrumentation.sys [37808 2022-05-20] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
R1 DNE; C:\WINDOWS\system32\DRIVERS\dnelwf64.sys [327976 2015-10-14] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
R3 HPEWSFXBULK; C:\WINDOWS\system32\drivers\hpfx64bulk.sys [20504 2009-02-25] (Hewlett-Packard Company -> Hewlett Packard)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [83608 2016-04-27] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, Inc.)
R3 MpKslaabb0a4c; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0B816348-6475-47E3-AF32-86C2B21F62FC}\MpKslDrv.sys [141576 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2014-08-16] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 NVHDA; C:\WINDOWS\system32\drivers\nvhda64v.sys [138568 2021-08-19] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [13920 2022-09-07] (SlimWare Utilities Inc. -> )
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-09-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [453904 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [94480 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-09-07 17:45 - 2022-09-07 17:45 - 004058923 _____ C:\Users\Andrew\Downloads\Diagnostics_Logs-OLK-UTC.2022.9.7.23.45.34.931.zip
2022-08-30 08:49 - 2022-09-07 18:31 - 000032842 _____ C:\Users\Andrew\Desktop\FRST.txt
2022-08-30 08:48 - 2022-09-07 18:30 - 000000000 ____D C:\FRST
2022-08-30 08:47 - 2022-08-30 08:47 - 002371072 _____ (Farbar) C:\Users\Andrew\Desktop\FRST64 (1).exe
2022-08-29 09:52 - 2022-08-29 09:52 - 000001228 _____ C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Photos.lnk
2022-08-29 09:52 - 2022-08-29 09:52 - 000000000 ____D C:\Users\Andrew\AppData\Local\Amazon Drive
2022-08-11 18:13 - 2022-08-11 18:13 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2022-08-11 18:13 - 2022-08-11 18:13 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2022-08-11 18:13 - 2022-08-11 18:13 - 000011803 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-08-11 18:12 - 2022-08-11 18:12 - 000162304 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-08-11 18:12 - 2022-08-11 18:12 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-08-11 18:11 - 2022-08-11 18:11 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-08-11 18:11 - 2022-08-11 18:11 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2022-08-11 18:11 - 2022-08-11 18:11 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2022-08-11 17:34 - 2022-08-11 17:34 - 000000000 ___HD C:\$WinREAgent
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-09-07 18:30 - 2019-12-07 03:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-09-07 18:27 - 2015-06-07 13:48 - 000000000 ____D C:\Users\Andrew\Documents\Outlook Files
2022-09-07 17:56 - 2021-04-18 09:52 - 000000000 ____D C:\Program Files (x86)\Google
2022-09-07 17:09 - 2018-03-14 18:38 - 000000000 ____D C:\Users\Andrew\AppData\Local\Packages
2022-09-07 17:02 - 2020-12-18 03:53 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-09-07 17:01 - 2019-12-07 03:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-09-07 17:01 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-09-07 16:24 - 2021-09-11 21:49 - 000000000 ____D C:\Users\Andrew\AppData\Roaming\Amazon Cloud Drive
2022-09-07 16:23 - 2021-09-12 09:42 - 000001238 _____ C:\Users\Andrew\Desktop\Amazon Backup.lnk
2022-09-07 16:22 - 2016-10-08 17:20 - 000000448 _____ C:\WINDOWS\Tasks\DriverUpdate Startup.job
2022-09-07 16:20 - 2016-10-08 17:20 - 000013920 _____ C:\WINDOWS\system32\Drivers\SWDUMon.sys
2022-09-07 16:17 - 2020-12-18 04:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-09-07 16:17 - 2020-12-18 03:53 - 000008192 ___SH C:\DumpStack.log.tmp
2022-09-07 16:17 - 2017-08-23 00:46 - 000000000 ____D C:\ProgramData\NVIDIA
2022-09-07 16:16 - 2019-12-07 03:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-09-07 16:01 - 2018-01-21 20:53 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-09-07 15:25 - 2022-03-13 16:28 - 000019023 _____ C:\Users\Andrew\Desktop\Patrol Order.xlsx
2022-09-06 18:13 - 2022-08-07 08:20 - 000013371 _____ C:\Users\Andrew\Desktop\2022 Ski Patrol Prospects.xlsx
2022-09-04 19:50 - 2020-06-17 22:16 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-09-04 19:50 - 2020-06-17 22:16 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-08-31 18:07 - 2019-04-02 21:36 - 000000000 ____D C:\Users\Andrew\AppData\Local\D3DSCache
2022-08-31 09:43 - 2021-12-11 22:31 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4210094547-1222425090-1366728247-1001
2022-08-31 09:43 - 2021-02-06 01:29 - 000002388 _____ C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-08-31 09:43 - 2020-12-18 04:21 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4210094547-1222425090-1366728247-1001
2022-08-29 16:38 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-08-29 14:51 - 2021-04-18 09:52 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-08-29 14:51 - 2021-04-18 09:52 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-08-27 10:59 - 2021-04-18 09:53 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-08-27 10:59 - 2021-04-18 09:53 - 000002208 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-08-27 10:52 - 2022-04-04 17:51 - 000000000 ____D C:\Program Files\dotnet
2022-08-27 10:52 - 2015-02-15 07:47 - 000000000 ____D C:\ProgramData\Package Cache
2022-08-22 12:40 - 2022-07-07 08:31 - 000000000 ____D C:\Users\Andrew\Desktop\Cover Letters
2022-08-12 18:35 - 2019-12-07 03:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-08-11 21:57 - 2022-06-27 08:30 - 000000000 ____D C:\Users\Andrew\Desktop\Job Search
2022-08-11 18:41 - 2020-12-18 04:15 - 000792758 _____ C:\WINDOWS\system32\perfh00C.dat
2022-08-11 18:41 - 2020-12-18 04:15 - 000151678 _____ C:\WINDOWS\system32\perfc00C.dat
2022-08-11 18:41 - 2020-12-18 04:11 - 001769438 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-08-11 18:41 - 2019-12-07 03:13 - 000000000 ____D C:\WINDOWS\INF
2022-08-11 18:36 - 2020-12-18 03:53 - 000549392 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-08-11 18:33 - 2019-12-07 03:52 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-08-11 18:33 - 2019-12-07 03:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-08-11 18:33 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-08-11 18:33 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-08-11 18:33 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-08-11 18:33 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-08-11 18:33 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-08-11 18:33 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-08-11 18:33 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-08-11 18:33 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-08-11 18:33 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-08-11 18:11 - 2020-12-18 03:56 - 003011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-08-11 17:33 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2022-08-11 17:31 - 2015-09-29 19:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-08-11 17:29 - 2015-02-15 07:56 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-08-11 17:25 - 2015-09-29 19:21 - 144534560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-08-11 17:24 - 2020-12-18 04:00 - 000000000 ____D C:\Users\Andrew
2022-08-11 16:33 - 2021-11-07 11:39 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-08-11 16:33 - 2021-11-07 11:37 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-08-11 16:33 - 2021-11-07 11:37 - 000002063 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2022-08-11 16:27 - 2020-12-18 04:21 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-08-11 16:27 - 2020-12-18 04:21 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
==================== Files in the root of some directories ========
2015-11-24 19:56 - 2015-11-24 19:56 - 000000017 _____ () C:\Users\Andrew\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
dditional scan result of Farbar Recovery Scan Tool (x64) Version: 30-08-2022
Ran by Andrew (07-09-2022 18:33:06)
Running from C:\Users\Andrew\Desktop
Microsoft Windows 10 Home Version 21H1 19043.1889 (X64) (2020-12-18 10:22:38)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-4210094547-1222425090-1366728247-500 - Administrator - Disabled) => C:\Users\Administrator
Andrew (S-1-5-21-4210094547-1222425090-1366728247-1001 - Administrator - Enabled) => C:\Users\Andrew
DefaultAccount (S-1-5-21-4210094547-1222425090-1366728247-503 - Limited - Disabled)
Guest (S-1-5-21-4210094547-1222425090-1366728247-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4210094547-1222425090-1366728247-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-4210094547-1222425090-1366728247-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (HKLM\...\{0EBC740B-4363-489B-8C27-98CE0740BA19}) (Version: 18.2.4 - Hewlett-Packard) Hidden
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 22.002.20191 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824458876}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Amazon Photos (HKU\S-1-5-21-4210094547-1222425090-1366728247-1001\...\Amazon Photos) (Version: 8.1.3 - Amazon.com, Inc.)
ANT Drivers Installer x64 (HKLM\...\{6AE0802A-390F-4A82-B58B-A7F37F1FD82E}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Corel Graphics - Windows Shell Extension (HKLM\...\_{EBDC2D0D-1E26-4EF2-BB48-C7E18F7800C6}) (Version: 16.0.0.707 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{EBDC2D0D-1E26-4EF2-BB48-C7E18F7800C6}) (Version: 16.0.707 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (HKLM\...\{79899C6B-E315-4A3F-8904-02DEAB8D660D}) (Version: 16.0.707 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IPM (HKLM\...\{B6DF7031-2843-44FD-9CAB-DECAB4257456}) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Writing Tools (x64) (HKLM\...\{DDE82E3D-20C4-48E1-AE1D-B1F10E42CA44}) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 (64-Bit) (HKLM\...\_{BDBFAC49-8877-472F-876B-75ADB7DBC955}) (Version: 16.0.0.707 - Corel Corporation)
CyberLink LabelPrint 2.5 (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.0.6603 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.3214 - CyberLink Corp.) Hidden
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.3123 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.3126 - CyberLink Corp.) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3205.55 - CyberLink Corp.) Hidden
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.60 - Dell Inc.)
Dell Customer Connect (HKLM-x32\...\{04A41EBC-AB30-4574-A14D-E0CDFE31AB70}) (Version: 1.5.1.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{BC8233D8-59BA-4D40-92B9-4FDE7452AA8B}) (Version: 3.0.3999.0 - Dell Products, LP)
Dell Product Registration (HKLM-x32\...\{24F2AD94-CC1B-4294-B184-D4D31A3186A7}) (Version: 2.42.0012 - Aviata Inc.)
Dell SupportAssist (HKLM\...\{4F8A3BC3-641C-4B0D-AF46-EA3354016EA7}) (Version: 3.11.4.29 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{900D0BCD-0B86-4DAA-B639-89BE70449569}) (Version: 5.4.1.14954 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{ec40a028-983b-4213-af2c-77ed6f6fe1d5}) (Version: 5.4.1.14954 - Dell Inc.)
Dell Update (HKLM-x32\...\{5EBBC1DA-975F-44A0-B438-F325BCD45577}) (Version: 3.1.3 - Dell Inc.)
DriverUpdate (HKLM-x32\...\{0088BAD5-E065-4A0F-B4A9-3DB6803D495B}) (Version: 2.7.0 - Slimware Utilities Holdings, Inc.) Hidden <==== ATTENTION
DriverUpdate (HKLM-x32\...\DriverUpdate) (Version: 2.7.0 - Slimware Utilities Holdings, Inc.) <==== ATTENTION
Dropbox 20 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
DW WLAN Card (HKLM\...\DW WLAN Card) (Version: 6.30.223.227 - Dell Inc.)
Elevated Installer (HKLM-x32\...\{486DCE02-1FB0-4962-9CB3-4265F2D49126}) (Version: 6.13.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{A05A8CFE-F458-4731-BD47-01C675E8944C}) (Version: 6.13.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{b347cf7c-d07d-417b-b26a-8d6a851f696d}) (Version: 6.13.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 104.0.5112.102 - Google LLC)
GoPro (HKLM\...\{1E92618C-EB66-4C4C-9F45-93EC6EF53273}) (Version: 0.1.2733 - GoPro, Inc.) Hidden
GoPro for Desktop (HKLM-x32\...\{88734dc7-c200-4ad3-b29f-bb5e436cb30f}) (Version: 1.4.0.2733 - GoPro, Inc.)
GoPro Fusion Studio 1.2 (HKLM\...\Fusion Studio 1.2) (Version: V1.2.1 - GoPro)
GoPro Studio (HKLM-x32\...\{99502BF0-655A-425D-8754-9EEC557D3D73}) (Version: 5.9.2733 - GoPro, Inc.) Hidden
GoPro VR Player 3.0 (HKLM\...\GoPro VR Player 3.0) (Version: V3.0.5 - GoPro)
Intel® Chipset Device Software (HKLM\...\{B7CC660E-F31D-490C-BD2A-2CB2EC5A5E3A}) (Version: 10.0.13 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{e48a2f61-851a-4155-82f9-af1b04db8c3b}) (Version: 10.0.13 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{0FE18988-DE59-46FB-9EE7-D40DA5E98FEA}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1168 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{C2A1F9AE-5E6B-4021-B1BA-72711EC5E558}) (Version: 10.0.0.1168 - Intel Corporation) Hidden
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{93F692D4-0C4D-4EED-9BFE-657C1D5959FE}) (Version: 12.8.0.1016 - Intel Corporation) Hidden
Intel® Update Manager (HKLM-x32\...\{AD6B46F2-FE21-496F-BE90-BE19AABE353C}) (Version: 2.2.12 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{3DE97849-544D-4D68-9255-11DF6F9F10D8}) (Version: 1.35.127.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{9D0D2A8B-7E7B-4D88-8D50-24286ED6A5EB}) (Version: 12.5.5.5 - Apple Inc.)
Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.8 (x64) (HKLM\...\{6950FA03-8B88-4675-B685-FB21CA1762CC}) (Version: 48.35.45462 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.8 (x64) (HKLM\...\{3C3CA326-3F1D-43B7-B0AD-CBC06B2DED5A}) (Version: 48.35.45462 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM-x32\...\{a699b48e-5748-4980-ad92-0b61b1d9d718}) (Version: 5.0.17.31213 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.8 (x64) (HKLM\...\{7CEA3ABF-FE24-42AF-ADE6-B4A3EE346743}) (Version: 48.35.45462 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.8 (x64) (HKLM-x32\...\{df65a075-27e0-4afc-baea-ecaadef7b85c}) (Version: 6.0.8.31513 - Microsoft Corporation)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.15427.20210 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 105.0.1343.27 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 105.0.1343.27 - Microsoft Corporation)
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-4210094547-1222425090-1366728247-1001\...\OneDriveSetup.exe) (Version: 22.166.0807.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual Basic for Applications 7.1 (x64) (HKLM\...\{90120064-0070-0000-0000-4000000FF1CE}) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) English (HKLM\...\{90F60409-7000-11D3-8CFE-0150048383C9}) (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24212 (HKLM\...\{F20396E5-D84E-3505-A7A8-7358F0155F6C}) (Version: 14.0.24212 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24212 (HKLM\...\{FAAD7243-0141-3987-AA2F-E56B20F80E41}) (Version: 14.0.24212 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30135 (HKLM-x32\...\{b7a2b241-3f54-4d7d-94d1-8ce0146e03c7}) (Version: 14.29.30135.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30135 (HKLM-x32\...\{77EB1EA9-8E1B-459D-8CDC-1984D0FF15B6}) (Version: 14.29.30135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30135 (HKLM-x32\...\{36A1E79B-581A-4FE5-843D-84C2D3C9431E}) (Version: 14.29.30135 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
NetScaler Gateway Plug-in (HKLM\...\{DFC1D74E-A39C-4CC6-9ABD-EE3063285416}) (Version: 11.1.63.15 - Citrix Systems, Inc.)
NVIDIA Graphics Driver 471.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 471.41 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.15427.20178 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.15427.20178 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.15427.20148 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.41 - Realtek Semiconductor Corp.)
searcharchiver (HKU\S-1-5-21-4210094547-1222425090-1366728247-1001\...\searcharchiver) (Version: 1.0 - searcharchiver)
TurboTax 2014 (HKLM-x32\...\{0B69B187-4F9F-41C2-B850-735D1A323571}) (Version: 1.00.0000 - Intuit Canada)
TurboTax 2015 (HKLM-x32\...\{2A42456E-B15D-492F-B99A-53C5ABD77EC0}) (Version: 1.00.0000 - Intuit Canada)
TurboTax 2016 (HKLM-x32\...\{22EC35BD-F8F2-45EB-8DCB-1C7FB65D0A71}) (Version: 1.00.0000 - Intuit Canada)
TurboTax 2017 (HKLM-x32\...\{F06C8BF3-97D1-4C3C-B667-29DFB9AC5DAC}) (Version: 1.00.0000 - Intuit Canada)
TurboTax 2018 (HKLM-x32\...\{A44A24D7-CC5A-4C02-A702-F112B47089A9}) (Version: 1.00.0000 - Intuit Canada)
TurboTax 2020 (HKLM-x32\...\{678D19A3-4C38-484F-A389-CB9585E34984}) (Version: 1.00.0000 - Intuit Canada)
TurboTax 2021 (HKLM-x32\...\{A770770F-2313-48A2-A041-57368944D0FC}) (Version: 1.00.0000 - Intuit Canada)
TurboTax 2021 (HKLM-x32\...\{D600ACFE-A46E-48A5-B9B4-52DAE0C55DF0}) (Version: 1.00.0000 - Intuit Canada)
UpdateAdmin (HKLM-x32\...\{57FC95C5-B741-469C-8607-B39CEC423824}) (Version: 2.0.2103 - DownloadAdmin) <==== ATTENTION
UpdateAssistant (HKLM\...\{E1D7CB46-BAE9-4D58-99C4-582332B1755A}) (Version: 1.13.0.0 - Microsoft Corporation) Hidden
VFW_Codec32 (HKLM-x32\...\{4275850F-4E2E-4F60-9E73-8BD8F70891D3}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden
VFW_Codec64 (HKLM\...\{7010885D-3378-4C9B-B330-88271728EDE5}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.9800 - Broadcom Corporation)
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17354 - Microsoft Corporation)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
ZipRarArchiver (HKU\S-1-5-21-4210094547-1222425090-1366728247-1001\...\ZipRarArchiver) (Version: 1.0 - ZipRarArchiver)
Zoom (HKU\S-1-5-21-4210094547-1222425090-1366728247-1001\...\ZoomUMX) (Version: 5.2.1 (44052.0816) - Zoom Video Communications, Inc.)
Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2815.0_x64__343d40qqvtj1t [2020-02-18] (Amazon.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.225.300.0_x64__kgqvnymyfvs32 [2022-08-27] (king.com)
Cut Paste Photo Edit -> C:\Program Files\WindowsApps\22546Cidade.CutPastePhotoEdit_3.0.9.0_x64__cjt5542sbwgmj [2022-08-05] (Cidade)
Dell Shop -> C:\Program Files\WindowsApps\DellInc.DellShop_2.2.1.0_neutral__htrsf667h5kn2 [2016-05-28] (Dell Inc)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.11.20.0_x64__htrsf667h5kn2 [2022-08-11] (Dell Inc)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.14.67.0_x64__rz1tebttyb220 [2022-07-08] (Dolby Laboratories)
Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.1.3.0_neutral__3f5azkryzdbc4 [2017-07-30] (Flipboard)
Font Candy - Typography Photo Editor -> C:\Program Files\WindowsApps\EasyTigerApps.FontCandy_3.0.1.10_x64__dgwy3a3h02hc6 [2017-10-23] (EasyTigerApps) [MS Ad]
GoPro MAX Exporter -> C:\Program Files\WindowsApps\GoPro.GoProMAXExporter_1.9.4.0_x64__1h9vz9xjm6b8c [2020-08-09] (GoPro)
Halo -> C:\Program Files\WindowsApps\Microsoft.Tomp_1.0.4723.0_x64__8wekyb3d8bbwe [2017-05-23] (Microsoft Studios)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_138.2.414.0_x64__v10z8vjag6ke6 [2022-09-07] (HP Inc.)
Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2015-06-22] (AMZN Mobile LLC)
McAfee® Central for Dell -> C:\Program Files\WindowsApps\McAfeeInc.01.McAfeeSecurityAdvisorforDell_5.0.167.1_x64__n49tcsmxt2t2c [2018-03-27] (McAfee Inc)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.7180.0_x64__8wekyb3d8bbwe [2022-07-31] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.19.2201.0_x64__8wekyb3d8bbwe [2022-09-04] (Microsoft Studios)
Movie Edit Touch -> C:\Program Files\WindowsApps\MAGIXSoftwareGmbH.MovieEditTouch2_4.36.71.0_x64__awcgk3qbzve1y [2016-02-29] (MAGIX Software GmbH)
MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
Photo Editor Live -> C:\Program Files\WindowsApps\22546Cidade.PhotoEditorLive_1.1.0.1_x86__cjt5542sbwgmj [2016-01-30] (Cidade) [MS Ad]
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-13] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-17] (Microsoft Corporation)
Recording Studio -> C:\Program Files\WindowsApps\60708Glauco.RecordingStudio_34.5.0.0_x64__7fjyrzpehcxhr [2017-06-12] (Glauco) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.192.647.0_x86__zpdnekdrzrea0 [2022-08-27] (Spotify AB) [Startup Task]
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-12] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.DLL [2014-06-04] (SoftThinks -> )
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.DLL [2014-06-04] (SoftThinks -> )
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-06] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-06] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2021-07-12] (Nvidia Corporation -> NVIDIA Corporation)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.CFHD] => C:\WINDOWS\system32\CFHD.dll [1334784 2016-05-12] (CineForm Inc.) [File not signed]
HKLM\...\Drivers32: [VIDC.CFHD] => C:\Windows\SysWOW64\CFHD.dll [1119744 2016-05-12] (CineForm Inc.) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Andrew\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\Andrew\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\188f5ec9d11ded56\Profile 2 - Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) =============
2017-04-18 05:45 - 2017-04-18 05:45 - 000808960 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.Core.dll
2017-04-18 05:45 - 2017-04-18 05:45 - 001227264 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Garmin\Express\CefSharp.Core.dll
2019-03-19 15:25 - 2019-03-19 15:25 - 000073216 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Garmin\Express\FixBootSector.dll
2017-05-08 10:35 - 2017-05-08 10:35 - 000325632 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Garmin\Express\GpsImgWrapper.dll
2017-04-09 23:49 - 2017-04-09 23:49 - 067109376 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libcef.dll
2017-04-09 23:49 - 2017-04-09 23:49 - 000079360 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libegl.dll
2017-04-09 23:49 - 2017-04-09 23:49 - 002246144 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libglesv2.dll
2022-08-09 15:36 - 2022-08-09 15:36 - 002606592 _____ () [File not signed] C:\Users\Andrew\AppData\Local\Amazon Drive\Electron\ffmpeg.dll
2022-08-09 15:36 - 2022-08-09 15:36 - 000373760 _____ () [File not signed] C:\Users\Andrew\AppData\Local\Amazon Drive\Electron\libegl.dll
2022-08-09 15:36 - 2022-08-09 15:36 - 006282752 _____ () [File not signed] C:\Users\Andrew\AppData\Local\Amazon Drive\Electron\libglesv2.dll
2022-08-09 15:36 - 2022-08-09 15:36 - 004108288 _____ () [File not signed] C:\Users\Andrew\AppData\Local\Amazon Drive\Electron\vk_swiftshader.dll
2022-08-18 12:05 - 2022-08-18 12:05 - 000799744 _____ () [File not signed] C:\Users\Andrew\AppData\Local\Amazon Drive\sqlite3.dll
2021-04-26 13:12 - 2021-04-26 13:12 - 000192000 _____ (Andrew Arnott) [File not signed] [File is in use] C:\Program Files\Dell\SupportAssistAgent\bin\Nerdbank.Streams.dll
2019-03-19 15:25 - 2019-03-19 15:25 - 001976832 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Garmin\Express\XercesLib.dll
2022-06-21 15:40 - 2022-06-21 15:40 - 000129024 _____ (Dell Inc.) [File not signed] [File is in use] C:\Program Files\Dell\SupportAssistAgent\bin\Dell.SupportAssist.Client.DiagsHelper.dll
2022-06-21 15:41 - 2022-06-21 15:41 - 000031744 _____ (Dell Inc.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Dell.SupportAssist.Client.AutoUpdateUtilities.dll
2022-06-21 15:40 - 2022-06-21 15:40 - 000012288 _____ (Dell Inc.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Dell.SupportAssist.Client.DownloadManager.dll
2022-06-21 15:41 - 2022-06-21 15:41 - 000012800 _____ (Dell Inc.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Dell.SupportAssist.Client.DriverProcessor.dll
2022-06-21 15:43 - 2022-06-21 15:43 - 000012288 _____ (Dell Inc.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Dell.SupportAssist.Client.WebServiceInfrastructure.dll
2019-03-19 15:27 - 2019-03-19 15:27 - 000234496 _____ (Dynastream Innovations Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\ANT_WrappedLib.dll
2019-03-19 15:25 - 2019-03-19 15:25 - 002711552 _____ (Garmin International) [File not signed] [File is in use] C:\Program Files (x86)\Garmin\Express\legacyio.dll
2017-05-08 10:35 - 2017-05-08 10:35 - 000343552 _____ (Garmin International, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\IMG_GPSMAP.dll
2019-03-19 15:25 - 2019-03-19 15:25 - 000425472 _____ (Garmin) [File not signed] C:\Program Files (x86)\Garmin\Express\XMLdll.dll
2014-11-17 10:43 - 2014-11-17 10:43 - 000050688 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2014-11-17 10:43 - 2014-11-17 10:43 - 000066048 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2013-08-07 16:24 - 2013-08-07 16:24 - 000286720 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel® Rapid Storage Technology\PsiData.dll
2013-08-07 16:24 - 2013-08-07 16:24 - 000514048 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\ISDI2.dll
2020-04-19 09:34 - 2020-04-19 09:34 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll
2020-04-19 09:34 - 2020-04-19 09:34 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll
2018-03-08 07:18 - 2018-03-08 07:18 - 000015360 _____ (NHibernate community) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Iesi.Collections.dll
2020-11-11 20:57 - 2020-11-11 20:57 - 000537088 _____ (NHibernate.info) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\FluentNHibernate.dll
2022-02-20 06:42 - 2022-02-20 06:42 - 004451328 _____ (NHibernate.info) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\NHibernate.dll
2022-08-18 12:05 - 2022-08-18 12:05 - 000125952 _____ (Robert Vazan) [File not signed] C:\Users\Andrew\AppData\Local\Amazon Drive\crc32c.dll
2018-02-06 17:25 - 2018-02-06 17:25 - 000176640 _____ (rubicon IT GmbH) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Remotion.Linq.dll
2018-03-23 12:10 - 2018-03-23 12:10 - 000028160 _____ (rubicon IT GmbH) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Remotion.Linq.EagerFetching.dll
2019-03-19 15:25 - 2019-03-19 15:25 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\DSI_SiUSBXp_3_1.DLL
2021-02-17 04:19 - 2021-02-17 04:19 - 000124928 _____ (Stateless Contributors) [File not signed] [File is in use] C:\Program Files\Dell\SupportAssistAgent\bin\stateless.dll
2021-12-17 05:45 - 2021-12-17 05:45 - 000258048 _____ (The Apache Software Foundation) [File not signed] [File is in use] C:\Program Files\Dell\SupportAssistAgent\bin\log4net.dll
2017-04-09 23:49 - 2017-04-09 23:49 - 000434176 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\chrome_elf.dll
2016-12-18 08:55 - 2016-12-18 08:55 - 000097280 _____ (Tunnel Vision Laboratories, LLC) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Antlr3.Runtime.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4210094547-1222425090-1366728247-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.ca/
HKU\S-1-5-21-4210094547-1222425090-1366728247-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-4210094547-1222425090-1366728247-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-4210094547-1222425090-1366728247-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKU\S-1-5-21-4210094547-1222425090-1366728247-1001 -> DefaultScope {83907E20-E373-4656-8B43-E566B348F1B3} URL =
SearchScopes: HKU\S-1-5-21-4210094547-1222425090-1366728247-1001 -> {83907E20-E373-4656-8B43-E566B348F1B3} URL =
SearchScopes: HKU\S-1-5-21-4210094547-1222425090-1366728247-500 -> DefaultScope {83907E20-E373-4656-8B43-E566B348F1B3} URL =
SearchScopes: HKU\S-1-5-21-4210094547-1222425090-1366728247-500 -> {83907E20-E373-4656-8B43-E566B348F1B3} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2022-08-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: intu-tt2014 - {97BB39CB-9ABA-4513-81E7-1D6FDA0854B8} - C:\Program Files (x86)\TurboTax 2014\ic2014pp.dll [2014-11-22] (Intuit Canada ULC -> Intuit Canada, a general partnership/une société en nom collectif.)
Handler-x32: intu-tt2015 - {5A676D6A-A3EF-4FAA-8DAC-F55CA235F67C} - C:\Program Files (x86)\TurboTax 2015\ic2015pp.dll [2015-11-23] (Intuit Canada ULC -> Intuit Canada, a general partnership/une société en nom collectif.)
Handler-x32: intu-tt2016 - {D3619A28-0FAE-4AD2-A79F-BAD3CD6E8779} - C:\Program Files (x86)\TurboTax 2016\ic2016pp.dll [2016-11-23] (Intuit Canada ULC -> Intuit Canada, a general partnership/une société en nom collectif.)
Handler-x32: intu-tt2017 - {1215626F-14CA-4AA9-AE16-F7CBD13A3F3F} - C:\Program Files (x86)\TurboTax 2017\ic2017pp.dll [2018-04-13] (Intuit Canada ULC -> Intuit Canada, a general partnership/une société en nom collectif.)
Handler-x32: intu-tt2018 - {c10cb859-8e11-44f1-833b-68a8e1ed7e1d} - C:\Program Files (x86)\TurboTax 2018\ic2018pp.dll [2019-04-13] (Intuit Canada ULC -> Intuit Canada, a general partnership/une société en nom collectif.)
Handler-x32: intu-tt2020 - {BA9B9DDA-C208-4938-90D6-0FAB2903CECE} - C:\Program Files (x86)\TurboTax 2020\ic2020pp.dll [2021-04-01] (Intuit Canada ULC -> Intuit Canada, a general partnership/une société en nom collectif.)
Handler-x32: intu-tt2021 - {B60E21DC-FB86-424A-BAA3-54B06685E3E7} - C:\Program Files (x86)\TurboTax 2021\ic2021pp.dll [2022-05-16] (Intuit Canada ULC -> Intuit Canada, a general partnership/une société en nom collectif.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-11] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 07:25 - 2013-08-22 07:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Dell\DW WLAN Card;;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\
HKU\S-1-5-21-4210094547-1222425090-1366728247-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
HKU\S-1-5-21-4210094547-1222425090-1366728247-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.254 - 75.153.171.116
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: DNE LightWeight Filter -> dni_dne (enabled)
Ethernet: DNE LightWeight Filter -> dni_dne (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{BE473BE8-BE28-48E2-B649-85639625D85A}] => (Allow) C:\Users\Andrew\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{32F077BF-4480-47B1-981D-1599215BE505}] => (Allow) C:\Users\Andrew\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{5E55657C-AC5B-4C23-8F40-E3BA9344D119}] => (Allow) C:\Users\Andrew\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{25D6DE74-6D85-4FC2-9A30-F61869A1CD0C}] => (Allow) C:\Program Files (x86)\PremierOpinion\pmropn.exe => No File
FirewallRules: [{91E15B0D-3C84-4FC7-8147-52A7A048C200}] => (Allow) C:\Program Files (x86)\PremierOpinion\pmropn.exe => No File
FirewallRules: [{E6D7E9DE-4FCD-42EA-9CF8-E6F57173D743}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{6527391A-1693-464A-BE37-1A7AABC333D2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{7699A53E-8783-404A-AA44-FC4481FC2BC6}] => (Allow) C:\Users\Andrew\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4D085B1D-06C6-4FA9-832A-4C89635436D8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EFEA359B-4F71-4F73-A08F-BF89B04100E9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{03D5F354-6B8B-498F-9E6F-C920B2BDECCB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{301A9A66-42E0-4ED6-AEB7-6F72088A3C51}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4BCC9E05-20DA-430F-B2F5-FC63714A5809}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2EE00620-FDBD-4B5C-BB80-B1CC32F7477B}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{B74CC7D1-9BD5-468C-BA94-EA3260971B26}] => (Allow) C:\Program Files\Citrix\Secure Access Client\nsepa.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [TCP Query User{3D91FAA8-BFF0-462D-922F-B39FFA946F34}C:\program files\citrix\secure access client\nsload.exe] => (Allow) C:\program files\citrix\secure access client\nsload.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [UDP Query User{D25DE8BD-11D3-4046-8D27-5C148C75642B}C:\program files\citrix\secure access client\nsload.exe] => (Allow) C:\program files\citrix\secure access client\nsload.exe (Citrix Systems, Inc. -> Citrix Systems, Inc)
FirewallRules: [{B9683B4D-5448-4EC8-BEF0-5ECCE13B76CA}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoPro.exe (GoPro, Inc. -> )
FirewallRules: [{CF54391A-81DF-4380-8C00-CB145BB46E49}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProMsgBus.exe (GoPro, Inc. -> )
FirewallRules: [{B1F4FCAD-48B0-4C05-80CF-8F5B6398BC2C}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe (GoPro, Inc. -> )
FirewallRules: [{B4276212-6FBF-496A-95AC-4850EDC61050}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe (GoPro, Inc. -> )
FirewallRules: [{3F1084B2-8F3A-4C71-95EA-FD018413C275}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DA431227-D6DD-4977-AAE8-F96C31B9E618}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0CD5FC83-15CF-456C-BA26-03E9DA17D3EB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D07E85D6-D3BF-41F8-9BA6-61FE85662F63}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{48919F9B-7774-477A-B49A-E94BD19D1B38}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9F289C9C-B06B-4642-AFF2-36FD16B1C2F9}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{53D76B50-CAED-4E37-8F07-937986F923D1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.192.647.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{07BBFD11-88EF-47FA-A392-58188DDE6BD3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.192.647.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{83AE7935-5622-4C80-9C0B-4ED792012677}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.192.647.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{675EBD3E-E4E5-49E4-B597-8D84B4271F76}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.192.647.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5C25CCB2-C4E2-464B-9A3E-73502D62537F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.192.647.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{90CE9FA7-65B7-4230-9067-EE91AA5901BA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.192.647.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{92446534-E380-4062-8569-34C9D4EFA796}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.192.647.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{95B6A903-7D07-433C-957C-853EA8A2F9C2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.192.647.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{83A5CCF9-4823-4D91-AD33-D3C7CB11F765}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\105.0.1343.27\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
20-08-2022 19:18:01 Scheduled Checkpoint
29-08-2022 11:15:04 Scheduled Checkpoint
07-09-2022 09:39:16 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (09/07/2022 06:08:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program OUTLOOK.EXE version 16.0.15427.20210 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 36d4
Start Time: 01d8c313d082c05f
Termination Time: 17
Application Path: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
Report Id: 98ffd6b4-06eb-483e-af3c-ecbf073a5633
Faulting package full name:
Faulting package-relative application ID:
Hang type: Unknown
Error: (09/07/2022 06:08:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: olcfg.exe, version: 16.0.14931.20008, time stamp: 0x61f906a9
Faulting module name: mso20win32client.dll, version: 0.0.0.0, time stamp: 0x62e04f6f
Exception code: 0xc0000005
Fault offset: 0x00018464
Faulting process id: 0x1f24
Faulting application start time: 0x01d8c31472543d50
Faulting application path: C:\Program Files (x86)\Microsoft Office\root\Office16\olcfg.exe
Faulting module path: C:\Program Files (x86)\Common Files\Microsoft Shared\Office16\mso20win32client.dll
Report Id: f13a98e6-c8cf-4301-aeb4-679fba24953a
Faulting package full name:
Faulting package-relative application ID:
Error: (09/07/2022 04:22:54 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: PC-DOWNSTAIRS)
Description: Windows cannot load the extensible counter DLL "C:\WINDOWS\system32\sysmain.dll" (Win32 error code 126).
Error: (09/07/2022 04:22:53 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: PC-DOWNSTAIRS)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
Error: (09/07/2022 04:18:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname PC-Downstairs.local already in use; will try PC-Downstairs-2.local instead
Error: (09/07/2022 04:18:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 PC-Downstairs.local. Addr 192.168.1.68
Error: (09/07/2022 04:18:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.68:5353 16 PC-Downstairs.local. AAAA 2001:056A:7242:BF00:1D00:D36E:D2EE:EF60
Error: (09/07/2022 04:18:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 PC-Downstairs.local. AAAA FE80:0000:0000:0000:1D00:D36E:D2EE:EF60
System errors:
=============
Error: (09/07/2022 04:40:40 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Dell Data Vault Service API service depends on the Dell Data Vault Collector service which failed to start because of the following error:
The dependency service or group failed to start.
Error: (09/07/2022 04:40:40 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Dell Data Vault Collector service depends on the Dell Data Vault Processor service which failed to start because of the following error:
After starting, the service hung in a start-pending state.
Error: (09/07/2022 04:40:40 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Dell Data Vault Processor service hung on starting.
Error: (09/07/2022 04:39:47 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Dell Data Vault Collector service depends on the Dell Data Vault Processor service which failed to start because of the following error:
After starting, the service hung in a start-pending state.
Error: (09/07/2022 04:39:47 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Dell Data Vault Processor service hung on starting.
Error: (09/07/2022 04:37:47 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The System Guard Runtime Monitor Broker service hung on starting.
Error: (09/07/2022 04:35:38 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel® Management and Security Application Local Management Service service hung on starting.
Error: (09/07/2022 04:29:15 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Dell Client Management Service service hung on starting.
Windows Defender:
================
Date: 2022-09-07 17:35:58
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-08-30 08:43:31
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Wacatac.B!ml
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Andrew\Downloads\FRST (2).exe; webfile:_C:\Users\Andrew\Downloads\FRST (2).exe|https://download.ble...063442101913857
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Security intelligence Version: AV: 1.373.1238.0, AS: 1.373.1238.0, NIS: 1.373.1238.0
Engine Version: AM: 1.1.19500.2, NIS: 1.1.19500.2
Date: 2022-08-30 08:41:34
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Wacatac.B!ml
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Andrew\Downloads\FRST.exe; webfile:_C:\Users\Andrew\Downloads\FRST.exe|https://download.ble...063440927507831
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Security intelligence Version: AV: 1.373.1238.0, AS: 1.373.1238.0, NIS: 1.373.1238.0
Engine Version: AM: 1.1.19500.2, NIS: 1.1.19500.2
Date: 2022-08-30 08:40:51
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Wacatac.B!ml
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Andrew\Downloads\FRST.exe; webfile:_C:\Users\Andrew\Downloads\FRST.exe|https://download.ble...063440469052000
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Security intelligence Version: AV: 1.373.1238.0, AS: 1.373.1238.0, NIS: 1.373.1238.0
Engine Version: AM: 1.1.19500.2, NIS: 1.1.19500.2
Date: 2022-08-29 10:58:14
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:
Date: 2022-08-11 16:46:29
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.371.1607.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19400.3
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2022-08-11 16:40:28
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.371.1607.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19400.3
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2022-08-11 16:40:28
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.371.1607.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19400.3
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2022-06-20 14:31:33
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.367.1604.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19200.6
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2022-05-14 17:27:53
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.363.1710.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19200.5
Error code: 0x80070050
Error description: The file exists.
CodeIntegrity:
===============
Date: 2022-09-07 17:32:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-08-30 08:57:40
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-06-06 20:09:01
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. A09 11/22/2014
Motherboard: Dell Inc. 0KWVT8
Processor: Intel® Core™ i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 65%
Total physical RAM: 8143.21 MB
Available physical RAM: 2847.2 MB
Total Virtual: 9423.21 MB
Available Virtual: 1494.29 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:920.85 GB) (Free:680.08 GB) (Model: ST1000DM003-1ER162) NTFS
Drive e: (NIKON D'0S) (Removable) (Total:14.9 GB) (Free:14.63 GB) FAT32
\\?\Volume{c1624ffc-7223-4f5e-887d-35f6eb2cdb9e}\ (WINRETOOLS) (Fixed) (Total:0.73 GB) (Free:0.45 GB) NTFS
\\?\Volume{08595b09-0334-465b-82d0-fcf8aa0523be}\ () (Fixed) (Total:0.87 GB) (Free:0.4 GB) NTFS
\\?\Volume{1ea10e6a-33f4-460a-9210-a9c519fe755d}\ (PBR Image) (Fixed) (Total:8.4 GB) (Free:0.73 GB) NTFS
\\?\Volume{26a57479-4395-45ec-bda0-b3917a7231b9}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.43 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 5D302944)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 14.9 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
