Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93100 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Just very sluggish and unresponsive

Started by cklenertz , Feb 05 2023 10:55 PM

  • Please log in to reply
No replies to this topic

#1 cklenertz

cklenertz

    Authentic Member

  • Authentic Member
  • PipPip
  • 81 posts

Posted 05 February 2023 - 10:55 PM

EDIT: 1600+ views but no replies. Is something wrong with my post?

Cklenertz

 

Device name    Thunderbolt3
Processor    Intel® Core™ i5-8250U CPU @ 1.60GHz   1.80 GHz
Installed RAM    8.00 GB (7.90 GB usable)
System type    64-bit operating system, x64-based processor

Edition    Windows 10 Pro
Version    22H2
Installed on    ‎6/‎10/‎2020
OS build    19045.2486
Experience    Windows Feature Experience Pack 120.2212.4190.0

Good day,

Thank you in advance.

My laptop seems slow to respond to commands and very sluggish in pulling up web pages. It sometimes takes longer than I expect to start programs and often requires extra clicks (that could be a function of my impatience though).

I've run Malwarebytes and CCleaner.

 

FARBAR

FRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-02-2023
Ran by cklen (administrator) on THUNDERBOLT3 (Dell Inc. Inspiron 5570) (05-02-2023 20:32:19)
Running from C:\Users\cklen\Downloads
Loaded Profiles: cklen
Platform: Microsoft Windows 10 Pro Version 22H2 19045.2486 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe ->) (Avast Software s.r.o. -> Software Security System) C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\Ekag20nt.exe
(C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe ->) (Avast Software s.r.o. -> The CefSharp Authors) C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe <5>
(C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
(C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ai.exe <2>
(C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.UserSessionAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\DCF\Dell.DCF.UA.Bradbury.API.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DataManagerSubAgent\Dell.TechHub.DataManager.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DiagnosticsSubAgent\Dell.TechHub.Diagnostics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe
(C:\Program Files\Google\Drive File Stream\69.0.0.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\69.0.0.0\crashpad_handler.exe <3>
(C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_appbroker.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Microsoft IntelliPoint\ipoint.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe ->) (Rivet Networks LLC) [File not signed] C:\Program Files\Rivet Networks\SmartByte\RAPS.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxEM.exe
(explorer.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\69.0.0.0\GoogleDriveFS.exe <7>
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4478.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Windows -> Microsoft Corporation) C:\Users\cklen\AppData\Local\Temp\40469524-3B00-4A9E-A59E-F4528D4C7584\DismHost.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <36>
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AntiTrackSvc.exe
(services.exe ->) (CyberGhost S.R.L. -> CyberGhost S.R.L.) C:\Program Files\CyberGhost 8\Dashboard.Service.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (Dell Inc -> Dell) C:\Program Files\Dell\TechHub\Dell.TechHub.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9cf4db1a1fd1b22d\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_c34fd594e40bf436\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_c34fd594e40bf436\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel® Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_9c788f1d162b1224\RstMwService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Rivet Networks) [File not signed] [File is in use] C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(services.exe ->) (Rivet Networks) [File not signed] C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe
(services.exe ->) (Rivet Networks, LLC.) [File not signed] C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(services.exe ->) (Windscribe Limited -> Windscribe Limited) C:\Program Files (x86)\Windscribe\WindscribeService.exe
(Shenzhen Jia Xing Investment Co., Ltd. -> AimerSoft) C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
(svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe
(svchost.exe ->) (DELL) [File not signed] C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe
(svchost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4478.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21314.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21314.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2327952 2010-07-21] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11102816 2021-01-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618096 2021-01-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1236688 2020-12-04] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2138272 2016-10-08] (Shenzhen Jia Xing Investment Co., Ltd. -> AimerSoft)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [291080 2022-12-14] (Intel Corporation -> Intel)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\69.0.0.0\GoogleDriveFS.exe [51022104 2023-01-17] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\69.0.0.0\GoogleDriveFS.exe [51022104 2023-01-17] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-100669309-4210918950-839817777-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [114017640 2021-08-10] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-100669309-4210918950-839817777-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38935376 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-100669309-4210918950-839817777-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\69.0.0.0\GoogleDriveFS.exe [51022104 2023-01-17] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-100669309-4210918950-839817777-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 8\Dashboard.exe [1376464 2022-12-20] (CyberGhost S.R.L. -> CyberGhost S.R.L.)
HKU\S-1-5-21-100669309-4210918950-839817777-1001\...\Run: [Microsoft Edge Update] => C:\Users\cklen\AppData\Local\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateCore.exe [263592 2023-01-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-100669309-4210918950-839817777-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [7280080 2023-01-20] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-100669309-4210918950-839817777-1001\...\MountPoints2: {5e05cd51-1f14-11ec-b8ee-34e12d19ee9c} - "F:\OnePlus_setup.exe" /s
HKU\S-1-5-21-100669309-4210918950-839817777-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [581120 2022-08-21] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\69.0.0.0\GoogleDriveFS.exe [51022104 2023-01-17] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\HP 5512 Status Monitor: C:\WINDOWS\system32\hpinksts5512LM.dll [332176 2012-09-12] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP 7112 Status Monitor: C:\WINDOWS\system32\hpinksts7112LM.dll [328704 2014-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Officejet 6500 E710a-f): C:\WINDOWS\system32\HPDiscoPM5512.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.120\Installer\chrmstp.exe [2023-01-26] (Google LLC -> Google LLC)
Startup: C:\Users\cklen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet 6500 E710a-f.lnk [2020-04-06]
ShortcutAndArgument: Monitor Ink Alerts - HP Officejet 6500 E710a-f.lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Officejet 6500 E710a-f\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN19O4343105JZ;CONNECTION=USB;MONITOR=1;
Startup: C:\Users\cklen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2020-01-26]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2BE560BC-879A-4D45-B38E-11708DDFE990} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4713808 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "9ced8640-fc57-4320-b8c3-0d9ba2287a26" --version "6.08.10255" --silent
Task: {3BB8D02A-A4F3-4A2D-9399-5972460A876E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334160 2023-01-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {3C1EBC0D-598B-44AD-A18A-114668E10BF8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-02] (Google Inc -> Google Inc.)
Task: {4003DF42-A275-413C-BEA5-852342ADB006} - System32\Tasks\Mozilla\Firefox Background Update 9DED23DF4360B491 => c:\program files\mozilla firefox\firefox.exe [661408 2023-02-05] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\9DED23DF4360B491\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {4A2FA011-28B0-4275-8F3B-F6409160EF74} - System32\Tasks\CCleanerSkipUAC - cklen => C:\Program Files\CCleaner\CCleaner.exe [32617808 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {57BEB1AC-37D0-4170-865F-EF95C251727A} - System32\Tasks\Avast Software\AvastAntiTrackPremiumStart => C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe [813008 2022-10-16] (Avast Software s.r.o. -> AVAST Software)
Task: {62B80156-68EB-44ED-AF1E-5FCA161E7826} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [710560 2023-02-05] (Mozilla Corporation -> Mozilla Foundation)
Task: {64DC8186-1578-4516-AD76-420C3AE71E4D} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-100669309-4210918950-839817777-1001Core{AB77D1EA-56C9-428B-924B-387D3553FAB3} => C:\Users\cklen\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205768 2022-08-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {67974E80-8E71-4ABF-B9DE-6E1521561C5A} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [661408 2023-02-05] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {6B38A9A0-1B1A-43D6-AAA7-4B910D0990B9} - System32\Tasks\HPCustParticipation HP Officejet 6500 E710a-f => C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {75174E4A-C576-455E-B9CF-5BCEDAAA4B03} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-02] (Google Inc -> Google Inc.)
Task: {7D4F1AC3-D76F-415B-8A5F-B8FFED2DC3FF} - System32\Tasks\Mozilla\Firefox Default Browser Agent 9DED23DF4360B491 => C:\Program Files\mozilla firefox\default-browser-agent.exe [710560 2023-02-05] (Mozilla Corporation -> Mozilla Foundation)
Task: {92E96972-4CF9-4EF0-952A-2B7A62D34503} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114616 2023-01-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {B5E75B0D-DD2B-46C8-A9BB-C21564948B34} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2023-01-11] (Piriform Software Ltd -> Piriform)
Task: {B8AB6F19-267B-479E-BC7A-47CD40322FA4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114616 2023-01-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {B9227219-D468-4D0B-8F36-720060BC770F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {D5F17695-0227-4BE3-B285-9D2BF4F85F65} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [87040 2022-07-28] (DELL) [File not signed]
Task: {DD3FE372-36B2-4288-B278-CE69B07044DD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334160 2023-01-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {EEF81C43-3CB2-4859-97EE-89B8AAB80D48} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\FrameworkAgents\SupportAssistInstaller.exe [664928 2022-11-29] (Dell Inc -> Dell Inc.)
Task: {FDC13F6C-1F5E-4D36-AFB6-5AE9059C56E3} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2327952 2010-07-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {FE68171A-F68A-4F75-A0A7-1635C37450BE} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-100669309-4210918950-839817777-1001UA{513947DF-5022-452C-BFCE-4FB02CEE89F9} => C:\Users\cklen\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205768 2022-08-29] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{447fe6e6-f366-4a04-9827-4e7e8cf5860c}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{78b6acd5-2f52-455f-94b6-dcd2f0f9b4b8}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b4aeaaf4-9354-4321-adda-60ae2197bb9a}: [DhcpNameServer] 192.168.1.254

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> EdgeExtension_HoneyScienceCorporationHoney_cbe4c63gm1mzr => C:\Program Files\WindowsApps\HoneyScienceCorporation.Honey_11.4.2.0_neutral__cbe4c63gm1mzr [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\cklen\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-30]
Edge Extension: (PayPal Honey: Automatic Coupons & Cash Back) - C:\Users\cklen\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\amnbcmdbanbkjhnfoeceemmmdiepnbpp [2022-11-19]
Edge Extension: (FantasyPros: Win your Fantasy League) - C:\Users\cklen\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gfbepnlhpkbgbkcebjnfhgjckibfdfkc [2022-10-28]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: bllf8xka.default
FF ProfilePath: C:\Users\cklen\AppData\Roaming\Mozilla\Firefox\Profiles\c9qnuyvk.default-release [2023-02-05]
FF Homepage: Mozilla\Firefox\Profiles\c9qnuyvk.default-release -> hxxps://www.wwdb.com
FF Extension: (Windscribe - Free Proxy and Ad Blocker) - C:\Users\cklen\AppData\Roaming\Mozilla\Firefox\Profiles\c9qnuyvk.default-release\Extensions\@windscribeff.xpi [2022-11-06]
FF Extension: (Avast AntiTrack Premium) - C:\Users\cklen\AppData\Roaming\Mozilla\Firefox\Profiles\c9qnuyvk.default-release\Extensions\antitrack@avast.com.xpi [2022-11-06]
FF Extension: (Honey) - C:\Users\cklen\AppData\Roaming\Mozilla\Firefox\Profiles\c9qnuyvk.default-release\Extensions\jid1-93CWPmRbVPjRQA@jetpack.xpi [2022-11-06]
FF Extension: (To Google Translate) - C:\Users\cklen\AppData\Roaming\Mozilla\Firefox\Profiles\c9qnuyvk.default-release\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2022-11-06]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\cklen\AppData\Roaming\Mozilla\Firefox\Profiles\c9qnuyvk.default-release\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2022-11-06]
FF Extension: (Firefox Relay) - C:\Users\cklen\AppData\Roaming\Mozilla\Firefox\Profiles\c9qnuyvk.default-release\Extensions\private-relay@firefox.com.xpi [2022-11-14]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\cklen\AppData\Roaming\Mozilla\Firefox\Profiles\c9qnuyvk.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2022-11-06]
FF Extension: (FantasyPros: Win your Fantasy League) - C:\Users\cklen\AppData\Roaming\Mozilla\Firefox\Profiles\c9qnuyvk.default-release\Extensions\{512b44b5-40a9-4593-b9fd-b29e4e1ab7c8}.xpi [2022-11-06]
FF Extension: (Stay secure with CyberGhost VPN Free Proxy) - C:\Users\cklen\AppData\Roaming\Mozilla\Firefox\Profiles\c9qnuyvk.default-release\Extensions\{585280b0-ee78-428a-92c5-3fb3c0b85460}.xpi [2022-11-06]
FF Extension: (Capital One Shopping: Online Coupon Tool) - C:\Users\cklen\AppData\Roaming\Mozilla\Firefox\Profiles\c9qnuyvk.default-release\Extensions\{aff8af88-06a9-4eee-b383-3af08c47b8c8}.xpi [2022-11-17]
FF ProfilePath: C:\Users\cklen\AppData\Roaming\Mozilla\Firefox\Profiles\bllf8xka.default [2023-02-05]
FF Homepage: Mozilla\Firefox\Profiles\bllf8xka.default -> hxxps://www.wwdb.com
FF NetworkProxy: Mozilla\Firefox\Profiles\bllf8xka.default -> type", 4
FF Extension: (Windscribe - Free Proxy and Ad Blocker) - C:\Users\cklen\AppData\Roaming\Mozilla\Firefox\Profiles\bllf8xka.default\Extensions\@windscribeff.xpi [2022-10-28]
FF Extension: (Avast AntiTrack Premium) - C:\Users\cklen\AppData\Roaming\Mozilla\Firefox\Profiles\bllf8xka.default\Extensions\antitrack@avast.com.xpi [2020-05-11] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/antitrack/update.json]
FF Extension: (CNET Shopping) - C:\Users\cklen\AppData\Roaming\Mozilla\Firefox\Profiles\bllf8xka.default\Extensions\canitbecheaper@trafficbroker.co.uk.xpi [2023-02-05]
FF Extension: (Honey) - C:\Users\cklen\AppData\Roaming\Mozilla\Firefox\Profiles\bllf8xka.default\Extensions\jid1-93CWPmRbVPjRQA@jetpack.xpi [2021-06-24]
FF Extension: (To Google Translate) - C:\Users\cklen\AppData\Roaming\Mozilla\Firefox\Profiles\bllf8xka.default\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2021-08-29]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\cklen\AppData\Roaming\Mozilla\Firefox\Profiles\bllf8xka.default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2023-01-18]
FF Extension: (Firefox Relay) - C:\Users\cklen\AppData\Roaming\Mozilla\Firefox\Profiles\bllf8xka.default\Extensions\private-relay@firefox.com.xpi [2022-12-11]
FF Extension: (Avast Online Security & Privacy) - C:\Users\cklen\AppData\Roaming\Mozilla\Firefox\Profiles\bllf8xka.default\Extensions\wrc@avast.com.xpi [2022-12-03]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\cklen\AppData\Roaming\Mozilla\Firefox\Profiles\bllf8xka.default\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2022-12-17]
FF Extension: (FantasyPros: Win your Fantasy League) - C:\Users\cklen\AppData\Roaming\Mozilla\Firefox\Profiles\bllf8xka.default\Extensions\{512b44b5-40a9-4593-b9fd-b29e4e1ab7c8}.xpi [2022-12-17]
FF Extension: (Stay secure with CyberGhost VPN Free Proxy) - C:\Users\cklen\AppData\Roaming\Mozilla\Firefox\Profiles\bllf8xka.default\Extensions\{585280b0-ee78-428a-92c5-3fb3c0b85460}.xpi [2022-02-13]
FF Extension: (Capital One Shopping: Online Coupon Tool) - C:\Users\cklen\AppData\Roaming\Mozilla\Firefox\Profiles\bllf8xka.default\Extensions\{aff8af88-06a9-4eee-b383-3af08c47b8c8}.xpi [2022-12-05]
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-01-20] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-11-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-05] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\cklen\AppData\Local\Google\Chrome\User Data\Default [2022-12-17]
CHR Extension: (Honey: Automatic Coupons & Rewards) - C:\Users\cklen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2022-12-11]
CHR Extension: (Tampermonkey) - C:\Users\cklen\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2022-12-11]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\cklen\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2019-09-05]
CHR Extension: (Adobe Acrobat) - C:\Users\cklen\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-09-27]
CHR Extension: (FantasyPros: Win your Fantasy League) - C:\Users\cklen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfbepnlhpkbgbkcebjnfhgjckibfdfkc [2022-12-11]
CHR Extension: (Google Docs Offline) - C:\Users\cklen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-11]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\cklen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-12-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\cklen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-29]
CHR Extension: (Avast AntiTrack Premium) - C:\Users\cklen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppdidpcihajhihmghhhkfnpklgdehold [2022-12-11]
CHR HKU\S-1-5-21-100669309-4210918950-839817777-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
CHR HKU\S-1-5-21-100669309-4210918950-839817777-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 AvastAntiTrackSvc; C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AntiTrackSvc.exe [5779160 2022-10-16] (Avast Software s.r.o. -> AVAST Software)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1003344 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12553648 2023-01-31] (Microsoft Corporation -> Microsoft Corporation)
R2 CyberGhost8Service; C:\Program Files\CyberGhost 8\Dashboard.Service.exe [69328 2022-12-20] (CyberGhost S.R.L. -> CyberGhost S.R.L.)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [317352 2022-06-20] (Dell Inc -> Dell Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [458960 2022-09-22] (Dell Inc -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [161488 2022-09-22] (Dell Inc -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [484560 2022-09-22] (Dell Inc -> Dell Technologies Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [22224 2022-10-26] (Dell Inc -> Dell INC.)
S3 Dell.CommandPowerManager.Service; C:\WINDOWS\system32\dllhost.exe /Processid:{7FB01EEE-9E19-47EE-8302-F7A11DBBBCCA} [21312 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [47320 2022-11-18] (Dell Inc -> )
R2 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [156064 2022-08-15] (Dell Inc -> Dell)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [42248 2022-12-14] (Intel Corporation -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [207624 2022-12-14] (Intel Corporation -> Intel)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8966256 2023-02-05] (Malwarebytes Inc. -> Malwarebytes)
R2 OptionsPlusUpdaterService; C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe [17595136 2023-01-30] (Logitech Inc -> Logitech, Inc.)
R2 RAPSService; C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe [56832 2022-07-28] (Rivet Networks, LLC.) [File not signed]
S3 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [56832 2022-07-28] (Rivet Networks, LLC.) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2022-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SmartByte Analytics Service; C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe [1623552 2022-07-28] (Rivet Networks) [File not signed]
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2381824 2022-07-28] (Rivet Networks) [File not signed]
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [160096 2022-11-29] (Dell Inc -> Dell Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [1337216 2022-03-09] (Windscribe Limited -> Windscribe Limited)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [43400 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies)
R3 DellInstrumentation; C:\WINDOWS\System32\drivers\DellInstrumentation.sys [37808 2022-05-19] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2017-12-14] (Techporch Incorporated -> Dell Computer Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2022-06-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [226984 2018-05-02] (McAfee, Inc. -> McAfee, Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-02-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-05-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198088 2023-02-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [76216 2023-02-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181816 2023-02-05] (Malwarebytes Inc. -> Malwarebytes)
R1 netfilter2; C:\WINDOWS\System32\drivers\netfilter2.sys [124952 2022-10-16] (Avast Software s.r.o. -> Windows ® Win 7 DDK provider)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2018-12-07] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 ScrHIDDriver3; C:\WINDOWS\System32\drivers\ScrHIDDriver3.sys [63296 2021-10-01] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [167080 2022-07-28] (Intel Corporation -> Rivet Networks, LLC.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [57768 2022-03-09] (Windscribe Limited -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49568 2022-12-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [25704 2020-09-10] (WDKTestCert user,132375440089837053 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [473376 2022-12-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-11] (Microsoft Windows -> Microsoft Corporation)
S3 WindscribeSplitTunnel; C:\WINDOWS\system32\DRIVERS\WindscribeSplitTunnel.sys [35752 2022-03-09] (Windscribe Limited -> )
R3 windtun420; C:\WINDOWS\System32\drivers\windtun420.sys [47544 2022-03-09] (Windscribe Limited -> WireGuard LLC)
S3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29680 2022-12-26] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S4 DBUtilDrv2; \SystemRoot\System32\drivers\DBUtilDrv2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-02-05 20:35 - 2023-02-05 20:35 - 000000000 ____D C:\Users\cklen\AppData\LocalLow\IGDump
2023-02-05 20:32 - 2023-02-05 20:35 - 000040645 _____ C:\Users\cklen\Downloads\FRST.txt
2023-02-05 20:31 - 2023-02-05 20:33 - 000000000 ____D C:\FRST
2023-02-05 20:30 - 2023-02-05 20:30 - 002376704 _____ (Farbar) C:\Users\cklen\Downloads\FRST64.exe
2023-02-05 16:00 - 2023-02-05 16:00 - 000001493 _____ C:\Users\Public\Desktop\iTube Studio.lnk
2023-02-05 16:00 - 2023-02-05 16:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTube Studio
2023-02-05 16:00 - 2023-02-05 16:00 - 000000000 ____D C:\Program Files (x86)\Aimersoft
2023-02-05 15:45 - 2023-02-05 15:45 - 001003640 _____ C:\Users\cklen\Downloads\itube-studio_setup_full1169.exe
2023-02-05 14:43 - 2023-02-05 14:43 - 000181816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2023-02-05 13:35 - 2023-02-05 13:35 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-100669309-4210918950-839817777-1001
2023-02-05 13:35 - 2023-02-05 13:35 - 000002381 _____ C:\Users\cklen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-01-30 21:49 - 2023-01-30 21:49 - 000000859 _____ C:\Users\Public\Desktop\Logi Options+.lnk
2023-01-30 21:49 - 2023-01-30 21:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2023-01-30 21:49 - 2023-01-30 21:49 - 000000000 ____D C:\Program Files\LogiOptionsPlus
2023-01-24 20:17 - 2023-01-24 20:17 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-01-24 20:17 - 2023-01-24 20:17 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-01-24 20:17 - 2023-01-24 20:17 - 000002065 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-01-18 21:03 - 2023-01-19 00:51 - 000290780 _____ C:\Users\cklen\Downloads\SAS VA Data.xlsx
2023-01-18 20:50 - 2023-01-19 00:52 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-01-18 20:50 - 2023-01-18 20:50 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-01-18 20:50 - 2023-01-18 20:50 - 000003472 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-01-18 20:43 - 2023-01-18 20:43 - 000000000 ___HD C:\$WinREAgent
2023-01-17 23:41 - 2021-07-09 20:37 - 000257096 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\libmfxhw32.dll
2023-01-17 23:41 - 2021-07-09 20:36 - 000173096 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2023-01-17 23:41 - 2021-07-09 20:36 - 000148384 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2023-01-14 18:23 - 2023-01-14 18:23 - 000002236 _____ C:\Users\guest_7d4yiua\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox Private Browsing.lnk
2023-01-14 18:23 - 2023-01-14 18:23 - 000000000 ____D C:\Users\guest_7d4yiua\AppData\Roaming\Mozilla
2023-01-14 18:23 - 2023-01-14 18:23 - 000000000 ____D C:\Users\guest_7d4yiua\AppData\LocalLow\Mozilla
2023-01-14 18:23 - 2023-01-14 18:23 - 000000000 ____D C:\Users\guest_7d4yiua\AppData\Local\Mozilla
2023-01-14 18:23 - 2023-01-14 18:23 - 000000000 ____D C:\Users\guest_7d4yiua\AppData\Local\Aimersoft
2023-01-14 18:22 - 2023-01-14 18:23 - 000000000 ____D C:\Users\guest_7d4yiua\AppData\Local\Packages
2023-01-14 18:22 - 2023-01-14 18:23 - 000000000 ____D C:\Users\guest_7d4yiua\AppData\Local\LogiOptionsPlus
2023-01-14 18:22 - 2023-01-14 18:22 - 000000000 __SHD C:\Users\guest_7d4yiua\IntelGraphicsProfiles
2023-01-14 18:22 - 2023-01-14 18:22 - 000000000 ___RD C:\Users\guest_7d4yiua\3D Objects
2023-01-14 18:22 - 2023-01-14 18:22 - 000000000 ____D C:\Users\guest_7d4yiua\AppData\Roaming\Intel
2023-01-14 18:22 - 2023-01-14 18:22 - 000000000 ____D C:\Users\guest_7d4yiua\AppData\Roaming\Adobe
2023-01-14 18:22 - 2023-01-14 18:22 - 000000000 ____D C:\Users\guest_7d4yiua\AppData\LocalLow\Intel
2023-01-14 18:22 - 2023-01-14 18:22 - 000000000 ____D C:\Users\guest_7d4yiua\AppData\Local\VirtualStore
2023-01-14 18:22 - 2023-01-14 18:22 - 000000000 ____D C:\Users\guest_7d4yiua\AppData\Local\Publishers
2023-01-14 18:22 - 2023-01-14 18:22 - 000000000 ____D C:\Users\guest_7d4yiua\AppData\Local\Google
2023-01-14 18:22 - 2023-01-14 18:22 - 000000000 ____D C:\Users\guest_7d4yiua\AppData\Local\ConnectedDevicesPlatform
2023-01-14 18:22 - 2023-01-14 18:22 - 000000000 ____D C:\Users\guest_7d4yiua\AppData\Local\Comms
2023-01-14 18:21 - 2023-01-17 19:31 - 000001909 _____ C:\Users\guest_7d4yiua\Desktop\Google Slides.lnk
2023-01-14 18:21 - 2023-01-17 19:31 - 000001909 _____ C:\Users\guest_7d4yiua\Desktop\Google Sheets.lnk
2023-01-14 18:21 - 2023-01-17 19:31 - 000001897 _____ C:\Users\guest_7d4yiua\Desktop\Google Docs.lnk
2023-01-14 18:21 - 2023-01-14 18:22 - 000000000 ____D C:\Users\guest_7d4yiua
2023-01-14 18:21 - 2023-01-14 18:21 - 000000020 ___SH C:\Users\guest_7d4yiua\ntuser.ini
2023-01-14 18:21 - 2022-03-19 19:28 - 000000000 ____D C:\Users\guest_7d4yiua\AppData\Local\Dell
2023-01-14 18:21 - 2019-02-26 22:16 - 000000000 ____D C:\Users\guest_7d4yiua\AppData\Roaming\Waves Audio
2023-01-14 18:21 - 2019-01-27 22:20 - 000000000 ____D C:\Users\guest_7d4yiua\AppData\Local\D3DSCache
2023-01-14 18:21 - 2018-11-27 00:17 - 000000000 ____D C:\Users\guest_7d4yiua\AppData\Roaming\Intel Corporation
2023-01-14 18:07 - 2023-01-14 18:07 - 000682016 _____ (Dell Inc.) C:\Users\cklen\Downloads\SupportAssistLauncher.exe
2023-01-14 18:03 - 2023-01-14 18:03 - 063511848 _____ (Dell Inc.) C:\Users\cklen\Downloads\intel-3165-and-7265-wi-fi-driver_236gy_win_21.110.2.1_a12_03.exe
2023-01-14 17:56 - 2022-12-20 18:26 - 001432320 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2023-01-14 17:56 - 2022-12-20 18:26 - 001432320 _____ C:\WINDOWS\system32\vulkan-1.dll
2023-01-14 17:56 - 2022-12-20 18:26 - 001145600 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2023-01-14 17:56 - 2022-12-20 18:26 - 001145600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2023-01-10 18:14 - 2023-01-10 18:14 - 000000000 ____D C:\Users\cklen\AppData\LocalLow\BitTorrent.WebView2
2023-01-10 18:13 - 2023-01-11 00:15 - 000000000 ____D C:\Users\cklen\AppData\Roaming\bittorrent
2023-01-10 18:13 - 2023-01-10 18:13 - 000000922 _____ C:\Users\cklen\Desktop\BitTorrent.lnk
2023-01-10 18:13 - 2023-01-10 18:13 - 000000902 _____ C:\Users\cklen\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2023-01-10 18:11 - 2023-01-10 18:11 - 020775640 _____ (Rainberry, Inc.) C:\Users\cklen\Downloads\bittorrent_installer.exe
2023-01-10 18:11 - 2023-01-10 18:11 - 000000000 ____D C:\Users\cklen\AppData\Local\Adaware
2023-01-10 11:25 - 2023-01-10 11:25 - 002748595 _____ C:\Users\cklen\Downloads\10093355.pdf
2023-01-10 11:25 - 2023-01-10 11:25 - 001682553 ____R C:\Users\cklen\Downloads\07871141.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-02-05 20:34 - 2019-12-07 01:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-02-05 20:34 - 2018-12-02 18:52 - 000000000 ____D C:\Program Files (x86)\Google
2023-02-05 20:31 - 2021-12-18 15:09 - 000000000 ____D C:\Users\cklen\AppData\Roaming\CyberGhost
2023-02-05 20:23 - 2018-11-28 21:07 - 000000000 ____D C:\Users\cklen\AppData\LocalLow\Mozilla
2023-02-05 19:36 - 2022-12-04 11:16 - 000000000 ____D C:\Users\cklen\AppData\Local\LogiOptionsPlus
2023-02-05 19:35 - 2020-06-10 20:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-02-05 18:32 - 2019-12-07 01:13 - 000000000 ____D C:\WINDOWS\INF
2023-02-05 17:34 - 2018-12-02 20:13 - 000000000 ___RD C:\Users\cklen\Google Drive
2023-02-05 16:57 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-02-05 16:55 - 2019-12-07 01:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-02-05 16:47 - 2022-10-31 16:01 - 000000000 ____D C:\ProgramData\iTube Studio
2023-02-05 16:26 - 2023-01-03 22:31 - 000000000 ____D C:\iTube Studio Recorded
2023-02-05 16:09 - 2022-12-31 14:30 - 000000000 ____D C:\iTube Studio Downloaded
2023-02-05 16:02 - 2022-10-31 16:03 - 000000000 ____D C:\Users\cklen\AppData\Roaming\iTube Studio
2023-02-05 16:00 - 2022-10-31 16:01 - 000000000 ____D C:\Users\Public\Documents\Aimersoft
2023-02-05 14:52 - 2020-07-27 11:47 - 000000000 ____D C:\Users\cklen\AppData\Local\Spotify
2023-02-05 14:52 - 2020-07-27 11:46 - 000000000 ____D C:\Users\cklen\AppData\Roaming\Spotify
2023-02-05 13:47 - 2018-11-26 17:44 - 000000000 ____D C:\Users\cklen\AppData\Local\Packages
2023-02-05 13:36 - 2022-02-13 12:32 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-02-05 13:36 - 2020-07-03 21:36 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-02-05 13:36 - 2020-07-03 21:36 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-02-05 13:35 - 2021-12-12 14:36 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-100669309-4210918950-839817777-1001
2023-02-05 13:35 - 2020-06-10 20:51 - 000842418 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-02-05 13:34 - 2019-03-20 16:20 - 000000000 ____D C:\Program Files\CCleaner
2023-02-05 13:33 - 2022-12-03 20:59 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-02-05 13:33 - 2022-10-28 11:46 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-02-05 13:33 - 2018-11-28 21:07 - 000001013 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-02-05 13:33 - 2018-11-28 21:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-02-05 13:32 - 2019-12-21 00:33 - 000000000 ____D C:\Users\cklen\AppData\Local\AvastAntiTrackPremium
2023-02-05 13:31 - 2020-06-10 20:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-02-05 13:31 - 2020-06-10 20:46 - 000008192 ___SH C:\DumpStack.log.tmp
2023-02-05 13:31 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-02-05 13:31 - 2018-11-26 17:44 - 000000000 __SHD C:\Users\cklen\IntelGraphicsProfiles
2023-02-05 13:31 - 2018-07-29 15:18 - 000000000 ____D C:\Intel
2023-01-31 23:00 - 2019-12-07 01:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2023-01-31 22:59 - 2020-06-10 19:04 - 000000000 ____D C:\Users\cklen
2023-01-31 22:57 - 2019-12-07 01:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-01-31 22:45 - 2019-09-14 13:56 - 000000000 ____D C:\Users\cklen\AppData\Roaming\vlc
2023-01-31 21:39 - 2018-11-26 23:58 - 000000000 ____D C:\Users\cklen\AppData\Local\CrashDumps
2023-01-31 18:50 - 2018-11-30 13:52 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-01-30 21:49 - 2022-12-04 11:14 - 000000000 ____D C:\ProgramData\LogiOptionsPlus
2023-01-30 21:48 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\Registration
2023-01-30 12:48 - 2018-12-04 19:50 - 000000000 ____D C:\Users\cklen\AppData\Local\D3DSCache
2023-01-26 22:06 - 2021-02-20 23:19 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-01-26 21:38 - 2018-11-26 17:46 - 000000000 ____D C:\Users\cklen\AppData\Local\PlaceholderTileLogoFolder
2023-01-26 21:19 - 2019-03-20 19:48 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-01-26 21:19 - 2019-03-20 19:48 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-01-19 00:52 - 2020-06-28 13:16 - 000450840 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-01-19 00:51 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-01-19 00:51 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-01-19 00:51 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-01-19 00:51 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-01-18 20:49 - 2020-06-10 20:48 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-01-17 23:41 - 2018-07-29 15:16 - 000000000 ____D C:\ProgramData\Package Cache
2023-01-17 23:40 - 2022-04-03 17:24 - 000000000 ____D C:\Program Files\dotnet
2023-01-17 22:10 - 2018-11-26 23:53 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-01-17 22:07 - 2018-11-26 23:53 - 150199536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-01-17 19:35 - 2018-12-02 23:06 - 000000000 ____D C:\Users\cklen\AppData\LocalLow\Temp
2023-01-17 19:31 - 2021-09-08 07:49 - 000002071 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2023-01-17 19:31 - 2021-09-08 07:49 - 000001909 _____ C:\Users\Default\Desktop\Google Slides.lnk
2023-01-17 19:31 - 2021-09-08 07:49 - 000001909 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2023-01-17 19:31 - 2021-09-08 07:49 - 000001897 _____ C:\Users\Default\Desktop\Google Docs.lnk
2023-01-17 19:31 - 2018-12-02 20:13 - 000001873 _____ C:\Users\cklen\Desktop\Google Drive.lnk
2023-01-14 18:22 - 2019-12-07 01:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-01-14 18:22 - 2018-07-29 15:41 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-01-11 00:19 - 2021-01-25 10:21 - 000000000 ____D C:\Users\cklen\AppData\Local\CyberGhost
2023-01-11 00:15 - 2022-02-14 21:51 - 000000000 ____D C:\Users\cklen\AppData\Roaming\uTorrent
2023-01-09 15:44 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-01-07 17:46 - 2019-09-12 19:40 - 000000000 ____D C:\Users\cklen\AppData\Roaming\IrfanView
2023-01-07 17:27 - 2019-12-07 01:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-01-07 16:41 - 2020-07-03 21:36 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-01-07 16:41 - 2020-07-03 21:36 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== Files in the root of some directories ========

2020-03-31 21:45 - 2020-12-06 20:36 - 000010752 _____ () C:\Users\cklen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

 

ADDITION.txt

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-02-2023
Ran by cklen (05-02-2023 20:36:40)
Running from C:\Users\cklen\Downloads
Microsoft Windows 10 Pro Version 22H2 19045.2486 (X64) (2020-06-11 04:51:28)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-100669309-4210918950-839817777-500 - Administrator - Disabled)
cklen (S-1-5-21-100669309-4210918950-839817777-1001 - Administrator - Enabled) => C:\Users\cklen
DefaultAccount (S-1-5-21-100669309-4210918950-839817777-503 - Limited - Disabled)
Guest (S-1-5-21-100669309-4210918950-839817777-501 - Limited - Disabled)
guest_7d4yiua (S-1-5-21-100669309-4210918950-839817777-1003 - Limited - Enabled) => C:\Users\guest_7d4yiua
piama (S-1-5-21-100669309-4210918950-839817777-1002 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-100669309-4210918950-839817777-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-100669309-4210918950-839817777-1001\...\uTorrent) (Version: 3.6.0.46590 - BitTorrent Inc.)
4K Video Downloader (HKLM\...\{9A0CB9F2-12E4-4490-B052-116E9BDC6877}) (Version: 4.23.0.5200 - Open Media LLC) Hidden
4K Video Downloader (HKLM-x32\...\{d55ed44a-3c07-4e21-a240-403760631582}) (Version: 4.21.0.4940 - Open Media LLC)
64DriverInstall (HKLM-x32\...\{9E8EC8C1-B470-4AA5-BC7F-B2C63C2967E1}) (Version: 1.00.0000 - CMS Products)
7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 22.003.20314 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Aimersoft Helper Compact 2.5.2 (HKLM-x32\...\{405147F7-FCC5-499B-A27E-EA6BD4A80435}_is1) (Version: 2.5.2 - Aimersoft)
Audacity 3.1.3 (HKLM\...\Audacity_is1) (Version: 3.1.3 - Audacity Team)
Avast AntiTrack Premium (HKLM-x32\...\AvastAntiTrackPremium) (Version: 3.3.983.1074 - Avast Software)
BitTorrent (HKU\S-1-5-21-100669309-4210918950-839817777-1001\...\BitTorrent) (Version: 7.11.0.46591 - BitTorrent Inc.)
By Click Downloader (HKLM-x32\...\{7E517166-86A0-4B35-9386-8562BDBADAA6}) (Version: 2.3.32 - ByClick) Hidden
By Click Downloader (HKLM-x32\...\By Click Downloader 2.3.32) (Version: 2.3.32 - ByClick)
CCleaner (HKLM\...\CCleaner) (Version: 6.08 - Piriform)
CyberGhost 8 (HKLM\...\CyberGhost 8) (Version: 8.3.1.8249 - CyberGhost S.A.)
CyberGhost TUN (HKLM\...\{677232D6-72D6-4821-8CB5-47969B15D4DF}) (Version: 1.0 - CyberGhost S.R.L.) Hidden
Dell Mobile Connect Driver (HKLM\...\{6F9CB82D-BC34-4FC1-B90D-AFFAC5C85E7B}) (Version: 4.1.7498 - Screenovate Technologies Ltd.)
Dell Power Manager Service (HKLM\...\{17556F90-3FF4-41B6-925D-F23DFDB3D4FC}) (Version: 3.11.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\{B5DCDCBD-BBB3-4A09-A496-E2FB05EC56CE}) (Version: 3.13.0.236 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{5B678BC6-D551-458B-893D-B442B21ECD21}) (Version: 5.5.4.16189 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{dc44ee3f-d6c1-444d-a660-b0f1ac90b51d}) (Version: 5.5.4.16189 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{BCAEB4A4-3805-4C05-A63F-98F7891EE533}) (Version: 5.5.5.16206 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{605c9341-3a21-429f-87f0-bfa9c26f885e}) (Version: 5.5.5.16206 - Dell Inc.)
Dell Update for Windows Universal (HKLM\...\{E5C8AC27-6F8A-4D9C-A239-8673A6CA9570}) (Version: 4.7.1 - Dell Inc.)
Documentation Manager (HKLM\...\{30EDBBE7-D455-4B19-B6EC-EF0F4934ABFE}) (Version: 22.180.0.4 - Intel Corporation) Hidden
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 2.0.6875.402 - PC-Doctor, Inc.) Hidden
Goodix Fingerprint Driver (HKLM\...\{60FAB781-18F2-4D2B-A8E7-B3AADD327955}_is1) (Version: 1.0.33.800 - Goodix, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 109.0.5414.120 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 69.0.0.0 - Google LLC)
HP Officejet 6500 E710a-f Basic Device Software (HKLM\...\{22FCD3B0-CAA7-444A-84AC-75716545EAB9}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710a-f Help (HKLM-x32\...\{037CD593-D760-4A00-B030-7BBAFA1123FE}) (Version: 140.0.2.2 - Hewlett Packard)
HP Officejet 6500 E710a-f Product Improvement Study (HKLM\...\{8F3591D0-074B-4F7B-A269-39FE61C9CB5C}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel Driver && Support Assistant (HKLM-x32\...\{E4EC6B50-5A65-41DD-AC35-E1839BF685E8}) (Version: 22.8.50.7 - Intel) Hidden
Intel® Chipset Device Software (HKLM\...\{C844CC39-BC28-46CA-8239-3F37D8FE2A59}) (Version: 10.1.17541.8066 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10209.6897 - Intel Corporation)
Intel® Graphics Driver Software (HKLM-x32\...\{b67002e1-a877-4be9-af96-6f8867bc5b12}) (Version: 3.11.1.0 - Intel) Hidden
Intel® Graphics Driver Software (HKLM-x32\...\{d8ebe554-4504-4ade-ada9-8617c4525581}) (Version: 3.11.1.0 - Intel) Hidden
Intel® Management Engine Components (HKLM\...\{1A9FE6B4-801A-4AF0-AEDB-EA49BD80C9F2}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2205.15.0.2623 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{B7F27296-F1AE-46BB-8BD7-5E0EED0EA1AC}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Driver (HKLM\...\{9EB5F95A-335A-414D-BECE-BA2CE114A856}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel® Wireless Bluetooth® (HKLM-x32\...\{00000180-0220-1033-84C8-B8D95FA3C8C3}) (Version: 22.180.0.2 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{ff7ef6db-5d66-4ebe-827f-09d6cea8ee1e}) (Version: 22.8.50.7 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{8909c7f7-2f31-4786-b020-18218d3cabf3}) (Version: 21.40.1 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{68A981A0-ED59-41E0-B45E-7A78F643120D}) (Version: 21.40.1.3406 - Intel Corporation) Hidden
Intel® Software Installer (HKLM-x32\...\{5815d801-d03c-4911-a46b-75a331ad7265}) (Version: 22.180.0.4 - Intel Corporation) Hidden
Intel® Software Installer (HKLM-x32\...\{bbc40478-54e7-4914-965f-de8043a2ed0e}) (Version: 22.100.0.3 - Intel Corporation) Hidden
IrfanView 4.58 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.58 - Irfan Skiljan)
IrfanView 4.60 (64-bit) (HKLM\...\IrfanView64) (Version: 4.60 - Irfan Skiljan)
iTube Studio(Build 7.4.10.1) (HKLM-x32\...\iTube Studio_is1) (Version: 7.4.10.1 - iTube Studio)
Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 14.6.0.1 - EditShare)
Logi Options+ (HKLM\...\{850cdc16-85df-4052-b06e-4e3e9e83c5c6}) (Version: 1.32.363144 - Logitech)
Malwarebytes version 4.5.21.231 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.21.231 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.13058.0 - Waves Audio Ltd.) Hidden
Microsoft .NET Core Host - 3.1.32 (x64) (HKLM\...\{8A8E3A04-83BC-4CDE-9259-893B666C1AB1}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.32 (x64) (HKLM\...\{ABC6B3C2-1A8D-4C5E-AC16-C2AE44F02743}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM\...\{A741B803-3F0E-4684-81EF-FC128D15A92C}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM-x32\...\{784973c8-d618-4ac8-97ed-1fd52c5bdf2f}) (Version: 3.1.32.31915 - Microsoft Corporation)
Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.13 (x64) (HKLM\...\{9511601E-12FF-4972-BF9C-2992F2CA5A32}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.13 (x64) (HKLM\...\{8CDACE3C-0064-4A17-A02C-49F831D5F73A}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM-x32\...\{a699b48e-5748-4980-ad92-0b61b1d9d718}) (Version: 5.0.17.31213 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.13 (x64) (HKLM\...\{5F0DB006-2AE3-4D36-8077-65247FD687D4}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.13 (x64) (HKLM-x32\...\{ac916c06-1c22-495e-ae7e-b4e24fbbed14}) (Version: 6.0.13.31930 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 109.0.1518.78 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 109.0.1518.78 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.16026.20146 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-100669309-4210918950-839817777-1001\...\OneDriveSetup.exe) (Version: 23.007.0109.0004 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{6ACED991-1E65-4D16-8F6A-1AA1A0B97596}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{7465FCB9-1918-4438-9337-47BAF1902684}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 109.0.1 (x64 en-US)) (Version: 109.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 84.0.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.16026.20146 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
OpenShot Video Editor version 2.5.1 (HKLM\...\{4BB0DCDC-BC24-49EC-8937-72956C33A470}_is1) (Version: 2.5.1 - OpenShot Studios, LLC)
OptaneDowngradeGuard (HKLM\...\{86B0E6C1-32E0-42CC-BC4F-BF3C0730CECB}) (Version: 18.0.0.0 - Intel Corporation) Hidden
Pulse Secure Setup Client (HKU\S-1-5-21-100669309-4210918950-839817777-1001\...\Pulse_Setup_Client) (Version: 9.0.6.1971 - Pulse Secure, LLC)
Pulse Secure Setup Client 64-bit Activex Control (HKLM\...\Pulse_Setup_Client Activex Control) (Version: 2.1.1.1 - Pulse Secure, LLC)
Pulse Secure Terminal Services Client (HKU\S-1-5-21-100669309-4210918950-839817777-1001\...\Pulse_Term_Services) (Version: 9.0.6.64143 - Pulse Secure, LLC)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9107.1 - Realtek Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.18362.31252 - Realtek Semiconductor Corp.)
RstDowngradeGuard (HKLM\...\{13C2A26E-7AD4-4D82-BB4F-DEA6E871B958}) (Version: 18.0.0.0 - Intel Corporation) Hidden
SFV Checker (HKLM-x32\...\{C9736F27-3CFC-4AF9-B2A7-5B1A54B1A84F}) (Version:  - )
Skype version 8.75 (HKLM-x32\...\Skype_is1) (Version: 8.75 - Skype Technologies S.A.)
SmartByte Drivers and Services (HKLM\...\{19A754FE-0343-4311-835F-33EAB7ADEA7B}) (Version: 3.1122.728.7 - Rivet Networks)
Spotify (HKU\S-1-5-21-100669309-4210918950-839817777-1001\...\Spotify) (Version: 1.1.38.558.g4b100958 - Spotify AB)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
Video Download Capture version 6.4.6 (HKLM-x32\...\{b3336f66-e079-4ff6-abdb-51e2fab781d5}_is1) (Version: 6.4.6 - APOWERSOFT LIMITED)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Windows Driver Package - CMS Products, Inc. (CaptainEncrypto) DiskDrive  (03/18/2010 ) (HKLM\...\08FAE3B8D16FD45FB8C652AADB07686DCC87C225) (Version: 03/18/2010  - CMS Products, Inc.)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Windscribe (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 2.3 Build 16 - Windscribe Limited)
Zoom (HKU\S-1-5-21-100669309-4210918950-839817777-1001\...\ZoomUMX) (Version: 5.9.3 (3169) - Zoom Video Communications, Inc.)

Packages:
=========
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.4.1.0_x64__htrsf667h5kn2 [2023-02-05] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_5.0.64.0_x64__htrsf667h5kn2 [2022-12-03] (Dell Inc)
Dell Help & Support -> C:\Program Files\WindowsApps\DellInc.DellHelpSupport_3.3.5.0_x64__htrsf667h5kn2 [2018-07-29] (Dell Inc)
Dell Power Manager -> C:\Program Files\WindowsApps\DellInc.DellPowerManager_3.11.30.0_x64__htrsf667h5kn2 [2022-12-17] (Dell Inc)
Dell Product Registration -> C:\Program Files\WindowsApps\DellInc.DellProductRegistration_3.5.4.0_x64__htrsf667h5kn2 [2018-07-29] (Dell Inc)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.13.5.0_x64__htrsf667h5kn2 [2022-12-11] (Dell Inc)
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_4.7.5.0_x86__htrsf667h5kn2 [2022-12-17] (Dell Inc)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.16.345.0_x64__rz1tebttyb220 [2023-01-26] (Dolby Laboratories)
DTS Sound Unbound -> C:\Program Files\WindowsApps\DTSInc.DTSSoundUnbound_2022.4.2.0_x64__t5j2fzbtdg37r [2022-12-19] (DTS, Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_142.3.139.0_x64__v10z8vjag6ke6 [2023-01-26] (HP Inc.)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4478.0_x64__8j3eq9eme6ctt [2023-02-05] (INTEL CORP) [Startup Task]
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1037.0_x64__8j3eq9eme6ctt [2023-02-05] (INTEL CORP)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2023-02-05] (LinkedIn)
Media Suite Essentials for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.MediaSuiteEssentialsforDell_2.6.4028.0_x86__mcezb6ze687jp [2020-03-28] (CYBERLINK CORPORATION.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-05-08] (Microsoft Corporation)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-24] (Netflix, Inc.)
Pandora -> C:\Program Files\WindowsApps\PandoraMediaInc.29680B314EFC2_15.0.3.0_x64__n619g4d5j0fnw [2019-11-21] (Pandora Media Inc) [Startup Task]
Power Media Player for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerMediaPlayerforDell_14.2.4925.0_x86__mcezb6ze687jp [2022-08-21] (CYBERLINK CORPORATION.)
Power2Go for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.Power2GoforDell_11.0.3920.0_x86__mcezb6ze687jp [2020-08-12] (CYBERLINK CORPORATION.) [Startup Task]
PowerDirector for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerDirectorforDell_15.0.4409.0_x64__mcezb6ze687jp [2018-11-30] (CYBERLINK CORPORATION.)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2022-01-29] (Adobe Systems Incorporated)
SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_3.1.1001.0_x64__rh07ty8m5nkag [2022-12-17] (Rivet Networks LLC)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2023-02-05] (Microsoft Studios) [MS Ad]
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2023-02-05] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-100669309-4210918950-839817777-1001_Classes\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372}\InprocServer32 -> C:\Users\cklen\AppData\Local\Microsoft\EdgeUpdate\1.3.171.39\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-100669309-4210918950-839817777-1001_Classes\CLSID\{81093D63-7825-417B-BFC8-ADC63FA4E53D}\InprocServer32 -> C:\Users\cklen\AppData\Local\Microsoft\EdgeUpdate\1.3.171.39\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-100669309-4210918950-839817777-1001_Classes\CLSID\{997809F3-33FD-4FD6-A2ED-CEF50F3263B1}\InprocServer32 -> C:\Users\cklen\AppData\Local\Microsoft\EdgeUpdate\1.3.169.31\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-100669309-4210918950-839817777-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
CustomCLSID: HKU\S-1-5-21-100669309-4210918950-839817777-1001_Classes\CLSID\{ABF66F82-B04C-4FE4-8272-661539463FE1}\InprocServer32 -> C:\Users\cklen\AppData\Local\Microsoft\EdgeUpdate\1.3.171.37\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-100669309-4210918950-839817777-1001_Classes\CLSID\{B29F5F83-90DF-479A-BDE7-8A9F4412E394}\InprocServer32 -> C:\Users\cklen\AppData\Local\Microsoft\EdgeUpdate\1.3.171.39\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\69.0.0.0\drivefsext.dll [2023-01-17] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\69.0.0.0\drivefsext.dll [2023-01-17] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\69.0.0.0\drivefsext.dll [2023-01-17] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\69.0.0.0\drivefsext.dll [2023-01-17] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_b31ddd6f2a24807e\OptaneShellExt.dll [2021-02-09] (Intel® Rapid Storage Technology -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\69.0.0.0\drivefsext.dll [2023-01-17] (Google LLC -> Google, Inc.)
ContextMenuHandlers1-x32: [SFVChecker] -> {51131DA7-1D24-40e5-AE07-5E3750F5DE3C} => C:\Program Files (x86)\Traction Software\SFV Checker\SFVContextMenuExt.dll [2009-07-14] () [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-10] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_b31ddd6f2a24807e\OptaneShellExt.dll [2021-02-09] (Intel® Rapid Storage Technology -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\69.0.0.0\drivefsext.dll [2023-01-17] (Google LLC -> Google, Inc.)
ContextMenuHandlers4-x32: [SFVChecker] -> {51131DA7-1D24-40e5-AE07-5E3750F5DE3C} => C:\Program Files (x86)\Traction Software\SFV Checker\SFVContextMenuExt.dll [2009-07-14] () [File not signed]
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\69.0.0.0\drivefsext.dll [2023-01-17] (Google LLC -> Google, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-10] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6-x32: [SFVChecker] -> {51131DA7-1D24-40e5-AE07-5E3750F5DE3C} => C:\Program Files (x86)\Traction Software\SFV Checker\SFVContextMenuExt.dll [2009-07-14] () [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\cklen\Desktop\Google Drive.lnk -> C:\Program Files\Google\Drive File Stream\launch.bat ()

==================== Loaded Modules (Whitelisted) =============

2022-10-31 16:02 - 2016-07-21 09:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\CBSCreateVC.dll
2022-10-31 16:02 - 2016-10-08 16:03 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\DAQExp.dll
2022-06-28 13:26 - 2022-06-28 13:26 - 005998080 _____ () [File not signed] C:\Program Files (x86)\Intel\Driver and Support Assistant\irmfuu_module_win32.dll
2022-11-14 22:02 - 2022-07-15 06:00 - 000094720 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2023-01-14 17:58 - 2023-01-14 17:58 - 041745408 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4478.0_x64__8j3eq9eme6ctt\IGCC.dll
2018-11-30 13:56 - 2018-11-30 13:56 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\root\Client\AppVIsvSubsystems32.dll
2020-04-18 16:59 - 2020-04-18 16:59 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll
2018-11-30 15:36 - 2018-11-30 15:36 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files (x86)\Microsoft Office\root\Client\AppVIsvSubsystems64.dll
2018-11-30 13:56 - 2018-11-30 13:56 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\root\Client\C2R32.dll
2020-04-18 16:59 - 2020-04-18 16:59 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll
2018-11-30 15:36 - 2018-11-30 15:36 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files (x86)\Microsoft Office\root\Client\C2R64.dll
2018-11-30 15:32 - 2018-11-30 15:32 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\c2r64.dll
2018-03-08 06:18 - 2018-03-08 06:18 - 000015360 _____ (NHibernate community) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Iesi.Collections.dll
2020-11-11 19:57 - 2020-11-11 19:57 - 000537088 _____ (NHibernate.info) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\FluentNHibernate.dll
2018-02-06 16:25 - 2018-02-06 16:25 - 000176640 _____ (rubicon IT GmbH) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Remotion.Linq.dll
2018-03-23 11:10 - 2018-03-23 11:10 - 000028160 _____ (rubicon IT GmbH) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Remotion.Linq.EagerFetching.dll
2021-06-07 19:12 - 2021-06-07 19:12 - 000180224 _____ (Software Security System) [File not signed] C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\Ekc3220.dll
2021-02-17 03:19 - 2021-02-17 03:19 - 000124928 _____ (Stateless Contributors) [File not signed] [File is in use] C:\Program Files\Dell\SupportAssistAgent\bin\stateless.dll
2021-12-17 04:45 - 2021-12-17 04:45 - 000258048 _____ (The Apache Software Foundation) [File not signed] [File is in use] C:\Program Files\Dell\SupportAssistAgent\bin\log4net.dll
2016-12-18 07:55 - 2016-12-18 07:55 - 000097280 _____ (Tunnel Vision Laboratories, LLC) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Antlr3.Runtime.dll
2022-10-31 16:02 - 2016-10-08 16:04 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-100669309-4210918950-839817777-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-100669309-4210918950-839817777-1001 -> DefaultScope {02D0CA29-56ED-4380-858F-B255DE8C74A4} URL =
SearchScopes: HKU\S-1-5-21-100669309-4210918950-839817777-1001 -> {02D0CA29-56ED-4380-858F-B255DE8C74A4} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-01-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2022-11-05] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM-x32 - No Name - {7A21A046-B886-4A62-9D69-EF2059B0A27B} -  No File
DPF: HKLM {583C990C-2D38-410c-9A4A-0932D66A754F} hxxps://pulsesecure.net/dana-cached/sc/PulseSetupClient64.cab
DPF: HKLM-x32 {8E375A63-C616-46F1-AC77-59DF78F3A826} hxxps://vpn.ocgov.com/dana-cached/sc/PulseSetupClient.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-31] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-100669309-4210918950-839817777-1001\...\sharepoint.com -> hxxps://ocgov-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-09-18 18:46 - 2022-09-18 18:46 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts

2021-11-01 11:56 - 2021-11-01 12:02 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-100669309-4210918950-839817777-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\cklen\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-100669309-4210918950-839817777-1003\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "Avast SecureLine VPN.lnk"
HKLM\...\StartupApproved\Run32: => "Virtual Account Numbers"
HKU\S-1-5-21-100669309-4210918950-839817777-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-100669309-4210918950-839817777-1001\...\StartupApproved\StartupFolder: => "Monitor Ink Alerts - HP Officejet 6500 E710a-f.lnk"
HKU\S-1-5-21-100669309-4210918950-839817777-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-100669309-4210918950-839817777-1001\...\StartupApproved\Run: => "CyberGhost"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{46182530-358A-4518-A2D3-4C0E71557405}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{66BAEA1A-D8DD-4B38-9398-CAC7F4E887A3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F2988C7F-5537-4829-B7AF-C36893239AC7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D71757F5-BD5E-4951-9BA3-FE2AB24A3A7D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C21D12EB-A12C-4F6E-92C0-48195954BC1C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4AFCBFB8-08A3-474A-94D0-D09A7CA13661}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0896B96A-40FD-4C34-86E8-2416AA999BCB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{C8CF55DB-955A-4041-95BA-845FD350E9E7}C:\users\cklen\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\cklen\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{34B2B5E0-A29C-43EE-A1C0-96F67F67669C}C:\users\cklen\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\cklen\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{BB2AB78C-A631-4C5E-B069-E6ECF39E9B18}C:\users\cklen\appdata\roaming\utorrent\updates\3.5.5_46348.exe] => (Block) C:\users\cklen\appdata\roaming\utorrent\updates\3.5.5_46348.exe => No File
FirewallRules: [UDP Query User{449EBBBC-EDC8-41C5-BF04-1624D0D99EE6}C:\users\cklen\appdata\roaming\utorrent\updates\3.5.5_46348.exe] => (Block) C:\users\cklen\appdata\roaming\utorrent\updates\3.5.5_46348.exe => No File
FirewallRules: [{913B53A9-1571-4A8D-8A98-C0018D450595}] => (Allow) C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe (Avast Software s.r.o. -> The CefSharp Authors)
FirewallRules: [{14BD8B47-447E-4F1F-8413-EC55AF48C2C1}] => (Allow) C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe (Avast Software s.r.o. -> The CefSharp Authors)
FirewallRules: [{7A2BDD4A-1EE5-479E-B3EA-4DA78B420641}] => (Allow) C:\Users\cklen\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{D4C41EB7-6D9D-4D49-8944-9B7F15B34959}] => (Allow) C:\Users\cklen\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{A8226CC3-F6E8-4619-8813-CE9DFC284609}C:\program files (x86)\apowersoft\video download capture 6\rtmpsrv.exe] => (Allow) C:\program files (x86)\apowersoft\video download capture 6\rtmpsrv.exe (Apowersoft Ltd -> )
FirewallRules: [UDP Query User{B6DE9948-9C72-4A5B-9F80-33A17427FFC9}C:\program files (x86)\apowersoft\video download capture 6\rtmpsrv.exe] => (Allow) C:\program files (x86)\apowersoft\video download capture 6\rtmpsrv.exe (Apowersoft Ltd -> )
FirewallRules: [TCP Query User{462775A4-6608-4383-86DC-CD3709372026}C:\users\cklen\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\cklen\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{62DF8418-6FF7-4D0E-B2CC-5E4F3BF75A87}C:\users\cklen\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\cklen\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{888F8294-8A46-4118-8588-C3B334902BA7}] => (Allow) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{DDB9A7EB-55C2-4052-A471-46F732304763}C:\users\cklen\downloads\bitmessage_x86_0.6.3.2.exe] => (Allow) C:\users\cklen\downloads\bitmessage_x86_0.6.3.2.exe (Open Source Developer, Peter Šurda -> )
FirewallRules: [UDP Query User{365CF5B3-5849-4E69-AAAC-54DBFAF54D74}C:\users\cklen\downloads\bitmessage_x86_0.6.3.2.exe] => (Allow) C:\users\cklen\downloads\bitmessage_x86_0.6.3.2.exe (Open Source Developer, Peter Šurda -> )
FirewallRules: [{5294C116-3E77-40C0-9CEA-89FA40320300}] => (Block) C:\users\cklen\downloads\bitmessage_x86_0.6.3.2.exe (Open Source Developer, Peter Šurda -> )
FirewallRules: [{B672F665-2380-4E35-8C72-F0043F04A775}] => (Block) C:\users\cklen\downloads\bitmessage_x86_0.6.3.2.exe (Open Source Developer, Peter Šurda -> )
FirewallRules: [{D19AB24A-200E-4F78-ACFA-FF47A469F9D4}] => (Allow) C:\Users\cklen\AppData\Local\Temp\bittorrent\bittorrent.exe => No File
FirewallRules: [{FF53E23D-6FEB-46BD-BF44-C3782ECBF37F}] => (Allow) C:\Users\cklen\AppData\Local\Temp\bittorrent\bittorrent.exe => No File
FirewallRules: [{2BB20A97-72E6-47E1-AD91-505E9806C0B7}] => (Allow) C:\Users\cklen\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{7CEF249E-FC62-42A8-A6F5-09C6E9E73493}] => (Allow) C:\Users\cklen\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{FB985011-6753-452A-84EA-11F500C5E331}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{581A71D7-5721-4563-A48D-104EAA4C24C0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AFA940DC-A721-47DB-9825-865C07FF31B5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{32E33388-DFF3-44DC-BA35-3E1FB23020C0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3BB64171-0AAF-4C57-8CFA-C044BB532B07}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D6D15B8E-C0E1-40DC-BBC6-59C7C5701DD7}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.) [File not signed]
FirewallRules: [{1FEB1AD6-E331-43AF-866D-0CDD27D5E10A}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.) [File not signed]
FirewallRules: [{A962D572-690E-4BE0-8FD0-69ACCBB8DBB6}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.78\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{C9E38305-649E-46EC-A41D-41070B2EFB47}C:\users\cklen\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\cklen\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{C98198E4-B0EB-4F7D-886C-434B2FFDAA0B}C:\users\cklen\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\cklen\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4D4A1E69-0784-467D-BC0B-74C75A32AAAB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.16026.20146.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

31-01-2023 22:57:31 Windows Modules Installer

==================== Faulty Device Manager Devices ============

Name: TAP-Windows Adapter V9
Description: TAP-Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (02/05/2023 08:09:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LockApp.exe version 10.0.19041.2193 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 61ec

Start Time: 01d939c02aff83d4

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe

Report Id: 82a2d11a-e799-4a79-b008-b7024e3e1d29

Faulting package full name: Microsoft.LockApp_10.0.19041.1023_neutral__cw5n1h2txyewy

Faulting package-relative application ID: WindowsDefaultLockScreen

Hang type: Cross-process

Error: (02/05/2023 06:32:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FirmwareTPM.exe, version: 1.1.1.1, time stamp: 0x63bbb77c
Faulting module name: VCRUNTIME140.dll, version: 14.32.31332.0, time stamp: 0x4fbfc837
Exception code: 0xc0000005
Fault offset: 0x0000341e
Faulting process id: 0x615c
Faulting application start time: 0x01d939d33ec6033f
Faulting application path: C:\WINDOWS\TEMP\invE97_tmp\FirmwareTPM\FirmwareTPM.exe
Faulting module path: C:\WINDOWS\SYSTEM32\VCRUNTIME140.dll
Report Id: 04bcdc06-63b6-418d-8e7e-84b85c8851e0
Faulting package full name:
Faulting package-relative application ID:

Error: (02/05/2023 03:53:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program explorer.exe version 10.0.19041.2486 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2334

Start Time: 01d939a92f425bea

Termination Time: 16724

Application Path: C:\Windows\explorer.exe

Report Id: bbac1da0-c1b7-4d18-8f7d-4b7c543b57fe

Faulting package full name:

Faulting package-relative application ID:

Hang type: Unknown

Error: (02/05/2023 02:40:53 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {74f36f1e-ba39-4cb2-aed2-d2d6f3b0d553}

Error: (02/05/2023 02:38:00 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {74f36f1e-ba39-4cb2-aed2-d2d6f3b0d553}

Error: (02/05/2023 02:32:14 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on HD1d-.3 (F:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (02/05/2023 02:14:55 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on HD1d-.3 (F:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (01/31/2023 11:00:19 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]


System errors:
=============
Error: (02/05/2023 08:04:00 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk5\DR5.

Error: (02/05/2023 08:04:00 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk4\DR4.

Error: (02/05/2023 08:04:00 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk3\DR3.

Error: (02/05/2023 07:55:29 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (02/05/2023 07:55:29 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk4\DR4.

Error: (02/05/2023 07:55:29 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk4\DR4.

Error: (02/05/2023 07:55:29 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (02/05/2023 07:55:29 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk4\DR4.


Windows Defender:
================
Date: 2023-01-03 21:00:28
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-01-02 14:05:07
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-01-01 14:05:06
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-12-26 23:21:07
Description:
Controlled Folder Access blocked C:\Program Files\CCleaner\CCleanerBugReport.exe from making changes to memory.
Detection time: 2022-12-27T07:21:07.490Z
Path: \Device\Harddisk0\DR0
Process Name: C:\Program Files\CCleaner\CCleanerBugReport.exe
Security intelligence Version: 1.381.1145.0
Engine Version: 1.1.19900.2
Product Version: 4.18.2211.5

Date: 2022-12-20 23:21:07
Description:
Controlled Folder Access blocked C:\Program Files\CCleaner\CCleanerBugReport.exe from making changes to memory.
Detection time: 2022-12-21T07:21:07.300Z
Path: \Device\Harddisk0\DR0
Process Name: C:\Program Files\CCleaner\CCleanerBugReport.exe
Security intelligence Version: 1.381.801.0
Engine Version: 1.1.19900.2
Product Version: 4.18.2211.5
Event[0]:

Date: 2023-01-31 22:58:45
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.381.2404.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19900.2
Error code: 0x8007045b
Error description: A system shutdown is in progress.

Date: 2023-01-17 23:54:02
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.381.2018.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19900.2
Error code: 0x8007045b
Error description: A system shutdown is in progress.

Date: 2023-01-14 12:02:48
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.381.2018.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19900.2
Error code: 0x80072ee2
Error description: The operation timed out

Date: 2023-01-14 12:02:48
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.381.2018.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19900.2
Error code: 0x80072ee2
Error description: The operation timed out

Date: 2023-01-14 12:02:48
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.381.2018.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19900.2
Error code: 0x80072ee2
Error description: The operation timed out

CodeIntegrity:
===============
Date: 2023-02-05 14:43:42
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2023-02-05 14:43:28
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_c34fd594e40bf436\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-01-30 22:51:35
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume23\Windows\winsxs\x86_microsoft-windows-rpc-remote_31bf3856ad364e35_6.1.7600.16385_none_c06f896894749e3f\RpcRtRemote.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: Dell Inc. 1.12.0 11/15/2022
Motherboard: Dell Inc. 09YTN7
Processor: Intel® Core™ i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 83%
Total physical RAM: 8089.29 MB
Available physical RAM: 1322.18 MB
Total Virtual: 29593.29 MB
Available Virtual: 14854.81 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:224.53 GB) (Free:60.41 GB) (Model: Micron 1100 SATA 256GB) (Protected) NTFS
Drive e: () (Fixed) (Total: ? GB) (Free: ? GB) (Model: WD My Passport 259D USB Device) (Protected) (Locked)
Drive f: (HD1d-.3) (Fixed) (Total:0.29 GB) (Free:0.12 GB) (Model: JMicron Generic DISK00 USB Device) NTFS
Drive g: (Google Drive) (Fixed) (Total:100 GB) (Free:28.28 GB) (Model: Micron 1100 SATA 256GB) FAT32
Drive h: () (Fixed) (Total: ? GB) (Free: ? GB) (Model: JMicron Generic DISK00 USB Device) (Protected) (Locked)
Drive i: (HD1b-20) (Fixed) (Total:20.4 GB) (Free:20.35 GB) (Model: JMicron Generic DISK00 USB Device) NTFS
Drive j: (HD1C-2) (Fixed) (Total:1.99 GB) (Free:1.99 GB) (Model: JMicron Generic DISK00 USB Device) FAT32
Drive k: (HD2-237) (Fixed) (Total:237.08 GB) (Free:167.12 GB) (Model: JMicron Generic DISK01 USB Device) NTFS
Drive l: (HD3-918) (Fixed) (Total:918.31 GB) (Free:760.79 GB) (Model: JMicron Generic DISK02 USB Device) NTFS
Drive m: (HD4a-10) (Fixed) (Total:9.77 GB) (Free:9.73 GB) (Model: JMicron Generic DISK03 USB Device) NTFS
Drive n: (HD4b-136) (Fixed) (Total:136.74 GB) (Free:66.3 GB) (Model: JMicron Generic DISK03 USB Device) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{8245d518-dd79-4323-8bc4-4da24f2937b1}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.46 GB) NTFS
\\?\Volume{c09c5f84-a3e1-44a0-815c-3d12b5c8c5fb}\ (Image) (Fixed) (Total:11.12 GB) (Free:0.2 GB) NTFS
\\?\Volume{d90d869e-66a2-4c44-8fac-214a04f25ef1}\ (DELLSUPPORT) (Fixed) (Total:1.09 GB) (Free:0.26 GB) NTFS
\\?\Volume{48db92b1-edf1-4f12-8c37-9a23534d92dc}\ () (Fixed) (Total:0.78 GB) (Free:0.31 GB) NTFS
\\?\Volume{35da74a0-0296-4270-9f20-f671a366f31b}\ (WINRETOOLS) (Fixed) (Total:0.83 GB) (Free:0.43 GB) NTFS
\\?\Volume{ef689c34-0c62-49a0-8095-1be89bf61a82}\ (Image) (Fixed) (Total:11.76 GB) (Free:0.42 GB) NTFS
\\?\Volume{1b426d8c-f559-41e0-812e-83f567796c35}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.57 GB) FAT32
\\?\Volume{350ef420-dbc2-4174-a1b9-7b87bcc204ca}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.45 GB) FAT32
\\?\Volume{eed5ed01-ffe7-4c66-9155-aa6a18e1e63f}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.45 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 45D8E1E9)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 121059127.2 GB) (Disk ID: E201C75A)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=675.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=20.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=FAT32)

==========================================================
Disk: 3 (Size: 121059127.2 GB) (Disk ID: B46209B4)

Partition: GPT.

==========================================================
Disk: 4 (Size: 121059127.2 GB) (Disk ID: 658A1F1F)

Partition: GPT.

==========================================================
Disk: 5 (MBR Code: Windows 7/8/10) (Size: 121059127.2 GB) (Disk ID: 00000080)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=9.8 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=136.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2.5 GB) - (Type=0F Extended)

==================== End of Addition.txt =======================


Edited by cklenertz, 15 February 2023 - 10:48 PM.

    Advertisements

Register to Remove

Related Topics

Back to Virus, Spyware & Malware Removal · Next Unread Topic →

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. What the Tech
  2. Spyware / Malware / Virus Removal
  3. Virus, Spyware & Malware Removal
  4. Privacy Policy
  5. Terms of Use ·