Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 
Need help removing an annoying pop up that appeared last saturday. It is CONSTANTLY popping up. Here is my FRST.txt file contents:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18.03.2024
Ran by sarab (administrator) on DESKTOP-QHBL498 (Dell Inc. XPS 13 9310) (18-03-2024 18:16:27)
Running from C:\Users\sarab\Downloads\FRST64.exe
Loaded Profiles: sarab
Platform: Microsoft Windows 11 Home Version 22H2 22621.3296 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastUI.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16\avp.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16\avpui.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.16\ksde.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.16\ksdeui.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.UserProcess.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\DCF\Dell.DCF.UA.Bradbury.API.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DiagnosticsSubAgent\Dell.TechHub.Diagnostics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\TechHub\Dell.CoreServices.Client.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\AnalyticsSubAgent\Dell.TechHub.Analytics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\DataManagerSubAgent\Dell.TechHub.DataManager.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\Microsoft OneDrive\OneDrive.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.040.0225.0003\Microsoft.SharePoint.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_24047.202.2704.38_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe <12>
(cmd.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe
(drivers\RivetNetworks\Killer\KAPSService.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KAPS.exe
(drivers\RivetNetworks\Killer\KNDBWMService.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWM.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_6673c5322430fc8a\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_6673c5322430fc8a\igfxEMN.exe
(DriverStore\FileRepository\dptf_cpu.inf_amd64_1da48d5885266bb7\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_1da48d5885266bb7\dptf_helper.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <17>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_e99a314c3593d5e7\WavesSvc64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.363\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.363\GoogleCrashHandler64.exe
(services.exe ->) (Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\Fusion\FusionService.exe
(services.exe ->) (Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\TechHub\Dell.TechHub.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_6673c5322430fc8a\igfxCUIServiceN.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_1da48d5885266bb7\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorvd.inf_amd64_15c9ea6001a5206d\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a687edda40db3316\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_972605d1f505d0d6\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_ab7d4ea1d12c01d4\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_90ff6c7fe29f9dcf\Intel_PIE_Service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\TbtP2pShortcutService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_6fc3ec898a809be1\AS\IAS\IntelAudioService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KAPSService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe
(services.exe ->) (Intuit ESD Test Certificate -> Intuit Inc.) [File not signed] C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16\avp.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.16\ksde.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_b55ed36a9a78cc75\RtkAudUService64.exe <3>
(services.exe ->) (Shenzhen Goodix Technology Co., Ltd. -> Goodix) C:\Windows\System32\drivers\SessionService.exe
(services.exe ->) (Texas Instruments Inc. -> Texas Instuments) C:\Windows\System32\TISmartAmpService.exe <2>
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_e99a314c3593d5e7\WavesSysSvc64.exe
(svchost.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 24.0\kpm_tray.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.040.0225.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.310.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Windows.Media.BackgroundPlayback.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_b55ed36a9a78cc75\RtkAudUService64.exe [3505456 2022-08-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_e99a314c3593d5e7\WavesSvc64.exe [4175056 2021-06-19] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [423320 2024-03-16] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3124464183-4127185697-753744446-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [3306416 2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3124464183-4127185697-753744446-1001\...\Run: [MicrosoftEdgeAutoLaunch_B4A44FBA4A2C2CB466657739C227ED82] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4060712 2024-03-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3124464183-4127185697-753744446-1001\...\Run: [AvastBrowserAutoLaunch_359F03C99232A120F4CB8799328501D5] => C:\Program Files\Avast Software\Browser\Application\AvastBrowser.exe [3117856 2024-02-16] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Windows x64\Print Processors\Canon MG2500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBX.DLL [30208 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG2500 series: C:\WINDOWS\system32\CNMLMBX.DLL [391168 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\122.0.6261.129\Installer\chrmstp.exe [2024-03-14] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files\AVAST Software\Browser\Application\121.0.23992.186\Installer\chrmstp.exe [2024-03-16] (Avast Software s.r.o. -> AVAST Software)
Startup: C:\Users\sarab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2022-04-03]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {719A65AB-929D-495F-9EF2-38DF2072E66B} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5167512 2024-03-16] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {ECA194D3-8BDB-46BA-90A9-94D16BE2A6ED} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [3117856 2024-02-16] (Avast Software s.r.o. -> AVAST Software)
Task: {A3701A10-B8C1-4948-81AE-6C6EB4987663} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [3117856 2024-02-16] (Avast Software s.r.o. -> AVAST Software)
Task: {9AA2DC96-DDA7-4DB7-981D-CBF3DBFC02A4} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1425816 2024-03-16] (Avast Software s.r.o. -> AVAST Software)
Task: {E425948D-2EBB-4E8C-B45E-BA7DB4358A7E} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [4845464 2024-03-16] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\A (the data entry has 70 more characters).
Task: {99BD7E5D-9038-4F2D-9F4C-07DB19E40CA3} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [7319448 2023-11-20] (Avast Software s.r.o. -> Avast Software)
Task: {F0DE6702-DE19-42A5-8176-60E742A0333A} - System32\Tasks\Avast Software\Avast Driver Updater BugReport => C:\Program Files\Avast Software\Driver Updater\AvBugReport.exe [4845464 2024-03-16] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 148 --programpath "C:\Program Files\Avast Software\Driver Updater\Setup\.." --configpath "C:\Program Files\Avast Software\Driver Updater\Setup" --path "C:\ProgramData\Avast Software\Driver Updater\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --log (the data entry has 99 more characters).
Task: {1F11FDF1-5B7D-449A-9CF0-05972A1182C0} - System32\Tasks\Avast Software\Avast Driver Updater Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-du\icarus.exe [7319448 2023-11-20] (Avast Software s.r.o. -> Avast Software)
Task: {0751BAFA-13A3-465F-AF5F-C2712734CC59} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4920728 2024-03-16] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramDat (the data entry has 80 more characters).
Task: {3D8BF228-1FDD-4955-8F1A-FE5FEEE5D60B} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [7498648 2024-01-23] (Avast Software s.r.o. -> Avast Software)
Task: {30D63429-74F0-4CF6-988A-8386547195C9} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2348952 2024-03-16] (Avast Software s.r.o. -> Avast Software)
Task: {44B0876A-C7A5-497F-87A5-FD3F4B7D1197} - System32\Tasks\AvastBrowserProtectS-1-5-21-3124464183-4127185697-753744446-1001 => C:\Program Files\AVAST Software\Browser\Application\AvastBrowserProtect.exe [1682328 2024-02-15] (Avast Software s.r.o. -> Avast Software)
Task: {C70BA570-38E7-4EE3-BAA5-1C6757A73523} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2024-03-16] (Avast Software s.r.o. -> AVAST Software)
Task: {E4B0B281-70E6-471D-920F-EF746FD9CC00} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2024-03-16] (Avast Software s.r.o. -> AVAST Software)
Task: {58EEF2D7-546E-48AB-8EE9-888C21F5DECE} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\FrameworkAgents\SupportAssistInstaller.exe [964448 2024-01-17] (Dell Inc -> Dell Inc.)
Task: {CD7DB956-385C-4F30-888C-E8AB95E8359E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-12-06] (Google LLC -> Google LLC)
Task: {B42099F9-2C1A-40C4-B7A4-E036AB6AEBFF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-12-06] (Google LLC -> Google LLC)
Task: {17C7EFF3-A91D-4F37-B652-2C0DE7BC5D68} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky\upgrade_launcher.exe [726952 2024-03-16] (AO Kaspersky Lab -> AO Kaspersky Lab)
Task: {5F5FD075-583F-476F-B117-E4E16301006F} - System32\Tasks\kpm_tray.exe => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 24.0\kpm_tray.exe [525224 2024-01-16] (AO Kaspersky Lab -> AO Kaspersky Lab)
Task: {855EF719-2D01-4F10-8E53-CBB43C5DCE8B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28491856 2024-03-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {324401F5-0672-4601-A15F-6102576D1DC9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28491856 2024-03-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {F0D8BB31-5D92-4416-AB33-3263D5DE1870} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309320 2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {03A55D54-81C4-4610-B94E-76A195B47980} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309320 2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {B3868B09-371F-4604-A4A0-0E3B1AFAC165} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170024 2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {EBAB1B77-DC08-41FE-914E-D3D27F14EF35} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4205984 2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {57DA7273-FCA0-4308-A628-CDBEF09E9607} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3124464183-4127185697-753744446-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4205984 2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{49c28466-6cdb-4ef4-a17e-eb46cda3f576}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{49c28466-6cdb-4ef4-a17e-eb46cda3f576}: [DhcpDomain] attlocal.net
Tcpip\..\Interfaces\{49c28466-6cdb-4ef4-a17e-eb46cda3f576}\144545437323: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{49c28466-6cdb-4ef4-a17e-eb46cda3f576}\144545437323: [DhcpDomain] attlocal.net
Tcpip\..\Interfaces\{49c28466-6cdb-4ef4-a17e-eb46cda3f576}\1484357457563747: [DhcpNameServer] 208.67.222.222 208.67.220.220
Tcpip\..\Interfaces\{49c28466-6cdb-4ef4-a17e-eb46cda3f576}\1484357457563747: [DhcpDomain] ahss.guest
Tcpip\..\Interfaces\{49c28466-6cdb-4ef4-a17e-eb46cda3f576}\24F62602A456666656273702960586F6E656: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{49c28466-6cdb-4ef4-a17e-eb46cda3f576}\3485E4B40303939363931464: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{49c28466-6cdb-4ef4-a17e-eb46cda3f576}\3485E4B40303939363931464: [DhcpDomain] Home
Tcpip\..\Interfaces\{49c28466-6cdb-4ef4-a17e-eb46cda3f576}\449393D27455543545: [DhcpNameServer] 18.206.0.166 3.226.219.211
Tcpip\..\Interfaces\{49c28466-6cdb-4ef4-a17e-eb46cda3f576}\449393D27455543545: [DhcpDomain] guest.csd99.org
Tcpip\..\Interfaces\{49c28466-6cdb-4ef4-a17e-eb46cda3f576}\960586F6E65602824392: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{49c28466-6cdb-4ef4-a17e-eb46cda3f576}\960586F6E65602825392: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{49c28466-6cdb-4ef4-a17e-eb46cda3f576}\B4F4143416D607562737: [DhcpNameServer] 192.168.100.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\sarab\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-18]
Edge Notifications: Default -> hxxps://calendar.google.com; hxxps://mail.google.com; hxxps://secuweb.co.in; hxxps://www.cbssports.com; hxxps://www.instagram.com
Edge HomePage: Default -> hxxp://www.msn.com/?pc=DCTE
Edge Session Restore: Default -> is enabled.
Edge Extension: (McAfee® WebAdvisor) - C:\Users\sarab\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdhgeoginicibhagdmblfikbgbkahibd [2024-03-16]
Edge Extension: (Google Docs Offline) - C:\Users\sarab\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-04]
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\sarab\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2024-03-06]
Edge Extension: (Edge relevant text changes) - C:\Users\sarab\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-29]
Edge Extension: (Capital One Shopping: Save Now) - C:\Users\sarab\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kiiaghlmeikbpmeabhilfphikfcefljn [2024-02-23]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1653.5\npAvastBrowserUpdate3.dll [2024-03-16] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1653.5\npAvastBrowserUpdate3.dll [2024-03-16] (Avast Software s.r.o. -> AVAST Software)
Chrome:
=======
CHR Profile: C:\Users\sarab\AppData\Local\Google\Chrome\User Data\Default [2024-03-18]
CHR Notifications: Default -> hxxps://twitter.com; hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www.instantcheckmate.com
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee&type=E210US662G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR DefaultSuggestURL: Default -> hxxps://us.search.yahoo.com/sugg/gossip/gossip-us-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms}
CHR Session Restore: Default -> is enabled.
CHR Extension: (McAfee® WebAdvisor) - C:\Users\sarab\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-02-13]
CHR Extension: (Google Docs Offline) - C:\Users\sarab\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\sarab\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-06]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeActiveFileMonitor9.0; C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [169408 2010-09-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [9138072 2024-03-16] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2024-03-16] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [765848 2024-03-16] (Avast Software s.r.o. -> Gen Digital Inc.)
S3 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2243480 2024-03-16] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [1180568 2024-03-16] (Avast Software s.r.o. -> Gen Digital Inc.)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2024-03-16] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files\AVAST Software\Browser\Application\121.0.23992.186\elevation_service.exe [1832224 2024-02-16] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2024-03-16] (Avast Software s.r.o. -> AVAST Software)
R2 AVP21.16; C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16\avp.exe [32008 2024-01-12] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [18267032 2024-03-16] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14097992 2024-03-04] (Microsoft Corporation -> Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [458128 2023-12-07] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [159632 2023-12-07] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [481680 2023-12-07] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [57760 2023-12-20] (Dell Inc -> )
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [22224 2023-12-13] (Dell Inc -> Dell INC.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [50392 2024-01-27] (Dell Inc -> )
R2 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [159664 2023-12-22] (Dell Technologies Inc. -> Dell)
R2 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [10210712 2024-03-16] (Avast Software s.r.o. -> AVAST Software)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.040.0225.0003\FileSyncHelper.exe [3516832 2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
R2 FusionService; C:\Program Files\Dell\Fusion\FusionService.exe [19096 2021-10-13] (Dell Inc -> Dell Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [234968 2024-03-08] (HP Inc. -> HP Inc.)
R2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_6fc3ec898a809be1\AS\IAS\IntelAudioService.exe [539816 2021-07-09] (Intel Corporation -> Intel)
R2 IntuitUpdateServiceV4; C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [19840 2022-08-24] (Intuit ESD Test Certificate -> Intuit Inc.) [File not signed]
R3 KAPSService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KAPSService.exe [78088 2023-07-13] (Intel Corporation -> Intel® Corporation)
R2 Killer Analytics Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [2480944 2023-07-13] (Intel Corporation -> Intel)
R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2981168 2023-07-13] (Intel Corporation -> Intel)
S3 klvssbridge64_21.16; C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16\x64\vssbridge64.exe [551848 2024-01-12] (AO Kaspersky Lab -> AO Kaspersky Lab)
R3 KNDBWM; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [78128 2023-07-13] (Intel Corporation -> Intel® Corporation)
S3 kpm_service_24.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 24.0\kpm_service.exe [525224 2024-01-16] (AO Kaspersky Lab -> AO Kaspersky Lab)
R2 KSDE5.16; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.16\ksde.exe [32008 2024-01-12] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9423680 2024-03-16] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-03-16] (Malwarebytes Inc. -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [889400 2024-03-14] (McAfee, LLC -> McAfee, LLC)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.040.0225.0003\OneDriveUpdaterService.exe [3856400 2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [11913112 2024-03-16] (Avast Software s.r.o. -> AVAST Software)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [159072 2024-01-17] (Dell Inc -> Dell Inc.)
R2 TbtP2pShortcutService; C:\WINDOWS\TbtP2pShortcutService.exe [256608 2022-06-29] (Intel Corporation -> Intel Corporation)
R2 TISmartAmpService; C:\WINDOWS\System32\TISmartAmpService.exe [536320 2021-06-28] (Texas Instruments Inc. -> Texas Instuments)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-02-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-02-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [20424 2024-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [230968 2024-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [379960 2024-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [292920 2024-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [84536 2024-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [27760 2024-03-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
S3 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [28728 2024-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [264760 2024-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [548920 2024-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [93752 2024-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [69176 2024-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [935480 2024-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [694728 2024-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [201680 2024-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [306120 2024-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [78632 2024-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Avast Software)
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [184320 2023-03-31] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [245200 2024-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 DellInstrumentation; C:\WINDOWS\System32\drivers\DellInstrumentation.sys [46640 2023-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2024-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 iaLPSS2_GPIO2_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_c330c09d72f3e083\iaLPSS2_GPIO2_TGL.sys [128664 2021-01-27] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_tgl.inf_amd64_312c3014729186bd\iaLPSS2_I2C_TGL.sys [201376 2021-01-27] (Intel Corporation -> Intel Corporation)
R0 iaStorVD; C:\WINDOWS\System32\drivers\iaStorVD.sys [1548488 2022-10-27] (Intel Corporation -> Intel Corporation)
R3 IntcUSB; C:\WINDOWS\System32\DriverStore\FileRepository\intcusb.inf_amd64_f26fd66fe78eae9f\IntcUSB.sys [1672272 2021-07-09] (Intel Corporation -> Intel® Corporation)
R3 IntelGNA; C:\WINDOWS\System32\DriverStore\FileRepository\gna.inf_amd64_689d3d5fefeef458\gna.sys [84880 2020-11-06] (Gaussian Mixture Models and Neural Networks Accelerator -> Intel Corporation)
R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo11X64.sys [209200 2023-07-13] (Intel Corporation -> Rivet Networks, LLC.)
R1 klbackupdisk.K4W-21-16; C:\WINDOWS\system32\DRIVERS\K4W-21-16\klbackupdisk.sys [90544 2024-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klbackupflt.K4W-21-16; C:\WINDOWS\System32\DRIVERS\K4W-21-16\klbackupflt.sys [235456 2024-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kldisk.K4W-21-16; C:\WINDOWS\system32\DRIVERS\K4W-21-16\kldisk.sys [108576 2024-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [53576 2024-01-12] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt.K4W-21-16; C:\WINDOWS\system32\DRIVERS\K4W-21-16\klflt.sys [646688 2024-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klgse.K4W-21-16; C:\WINDOWS\System32\DRIVERS\K4W-21-16\klgse.sys [824528 2024-03-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klhk.K4W-21-16; C:\WINDOWS\system32\DRIVERS\K4W-21-16\klhk.sys [1999568 2024-03-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids.K4W-21-16; C:\ProgramData\Kaspersky Lab\AVP21.16\Bases\klids.sys [235704 2024-03-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF.K4W-21-16; C:\WINDOWS\System32\DRIVERS\K4W-21-16\klif.sys [1365024 2024-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [88096 2024-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klkbdflt.K4W-21-16; C:\WINDOWS\system32\DRIVERS\K4W-21-16\klkbdflt.sys [96280 2024-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klmouflt.K4W-21-16; C:\WINDOWS\system32\DRIVERS\K4W-21-16\klmouflt.sys [91168 2024-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpd.K4W-21-16; C:\WINDOWS\System32\DRIVERS\K4W-21-16\klpd.sys [58400 2024-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpnpflt.K4W-21-16; C:\WINDOWS\system32\DRIVERS\K4W-21-16\klpnpflt.sys [84400 2024-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 kltun; C:\WINDOWS\system32\DRIVERS\kltun.sys [90032 2024-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_K4W-21-16_arkmon; C:\WINDOWS\System32\Drivers\klupd_K4W-21-16_arkmon.sys [384656 2024-03-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_K4W-21-16_klark; C:\WINDOWS\System32\Drivers\klupd_K4W-21-16_klark.sys [354640 2024-03-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_K4W-21-16_klbg; C:\WINDOWS\System32\Drivers\klupd_K4W-21-16_klbg.sys [183120 2024-03-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_K4W-21-16_mark; C:\WINDOWS\System32\Drivers\klupd_K4W-21-16_mark.sys [262712 2024-03-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwtp.K4W-21-16; C:\WINDOWS\system32\DRIVERS\K4W-21-16\klwtp.sys [515096 2024-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kneps.K4W-21-16; C:\WINDOWS\system32\DRIVERS\K4W-21-16\kneps.sys [337840 2024-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223296 2024-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-03-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt11.sys [233704 2024-03-18] (Malwarebytes Inc. -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78400 2024-03-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [188784 2024-03-18] (Malwarebytes Inc. -> Malwarebytes)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [51192 2024-01-15] (OpenVPN Inc. -> The OpenVPN Project)
S3 usbscan; C:\WINDOWS\system32\DRIVERS\usbscan.sys [81920 2023-03-31] (Microsoft Corporation) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49576 2023-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [473336 2023-02-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99576 2023-02-19] (Microsoft Windows -> Microsoft Corporation)
R3 WiManH; C:\WINDOWS\System32\DriverStore\FileRepository\wiman.inf_amd64_fd307d9242e9056e\WiManH\WiManH.sys [182864 2023-11-09] (Intel Corporation -> Intel Corporation)
S3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29680 2024-03-16] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
U3 aswbdisk; no ImagePath
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-03-18 18:16 - 2024-03-18 18:16 - 000043591 _____ C:\Users\sarab\Downloads\FRST.txt
2024-03-18 18:12 - 2024-03-18 18:12 - 000000000 ___HD C:\OneDriveTemp
2024-03-18 18:11 - 2024-03-18 18:11 - 000233704 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt11.sys
2024-03-18 18:11 - 2024-03-18 18:11 - 000188784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2024-03-18 18:11 - 2024-03-18 18:11 - 000004028 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update
2024-03-18 18:11 - 2024-03-18 18:11 - 000000000 ____D C:\Users\sarab\AppData\LocalLow\IGDump
2024-03-18 18:04 - 2024-03-18 18:16 - 000000000 ____D C:\FRST
2024-03-18 18:02 - 2024-03-18 18:02 - 002390528 _____ (Farbar) C:\Users\sarab\Downloads\Unconfirmed 942466.crdownload
2024-03-18 18:01 - 2024-03-18 18:03 - 002390528 _____ (Farbar) C:\Users\sarab\Downloads\FRST64.exe
2024-03-17 15:29 - 2024-03-18 18:13 - 001153632 _____ C:\WINDOWS\SysWOW64\AppRulesStorage-wal
2024-03-17 15:29 - 2024-03-18 18:11 - 000032768 _____ C:\WINDOWS\SysWOW64\DnsStorage-shm
2024-03-17 15:29 - 2024-03-18 18:11 - 000032768 _____ C:\WINDOWS\SysWOW64\AppRulesStorage-shm
2024-03-17 15:29 - 2024-03-17 15:29 - 000000000 _____ C:\WINDOWS\SysWOW64\DnsStorage-wal
2024-03-16 21:43 - 2024-03-16 21:43 - 000002530 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2024-03-16 21:38 - 2024-03-17 15:29 - 000002548 _____ C:\Users\sarab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2024-03-16 21:38 - 2024-03-17 15:29 - 000002501 _____ C:\Users\sarab\OneDrive\Desktop\Avast Secure Browser.lnk
2024-03-16 21:38 - 2024-03-16 21:38 - 000003844 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2024-03-16 21:38 - 2024-03-16 21:38 - 000003810 _____ C:\WINDOWS\system32\Tasks\AvastBrowserProtectS-1-5-21-3124464183-4127185697-753744446-1001
2024-03-16 21:38 - 2024-03-16 21:38 - 000003260 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2024-03-16 21:37 - 2024-03-16 21:38 - 000000000 ____D C:\Users\sarab\AppData\Local\Avast Software
2024-03-16 21:37 - 2024-03-16 21:37 - 000003456 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineUA
2024-03-16 21:37 - 2024-03-16 21:37 - 000003332 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineCore
2024-03-16 21:37 - 2024-03-16 21:37 - 000002158 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast One.lnk
2024-03-16 21:37 - 2024-03-16 21:37 - 000000000 ____D C:\Users\sarab\AppData\Roaming\Avast Software
2024-03-16 21:37 - 2024-03-16 21:37 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2024-03-16 21:36 - 2024-03-18 14:48 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2024-03-16 21:36 - 2024-03-16 21:36 - 000050048 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe
2024-03-16 21:36 - 2024-03-16 21:36 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2024-03-16 21:35 - 2024-03-16 21:36 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2024-03-16 21:35 - 2024-03-16 21:35 - 000314264 _____ (Gen Digital Inc.) C:\WINDOWS\system32\aswBoot.exe
2024-03-16 21:34 - 2024-03-16 21:38 - 000000000 ____D C:\Program Files\Avast Software
2024-03-16 21:29 - 2024-03-16 21:29 - 000272280 _____ (AVAST Software) C:\Users\sarab\Downloads\avast_one_free_antivirus.exe
2024-03-16 21:02 - 2024-03-18 18:17 - 000000000 ____D C:\Users\sarab\AppData\Local\Malwarebytes
2024-03-16 21:02 - 2024-03-16 21:02 - 000002107 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-03-16 21:02 - 2024-03-16 21:02 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-03-16 21:02 - 2024-03-16 21:02 - 000000000 ____D C:\Program Files\Malwarebytes
2024-03-16 21:01 - 2024-03-16 21:01 - 002585496 _____ (Malwarebytes) C:\Users\sarab\Downloads\MBSetup.exe
2024-03-16 20:03 - 2024-03-17 15:29 - 000012288 _____ C:\WINDOWS\SysWOW64\AppRulesStorage
2024-03-16 20:03 - 2024-03-16 20:03 - 000012288 _____ C:\WINDOWS\SysWOW64\DnsStorage
2024-03-16 20:03 - 2024-03-16 20:03 - 000003190 _____ C:\WINDOWS\system32\Tasks\kpm_tray.exe
2024-03-16 20:03 - 2024-03-16 20:03 - 000001400 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager.lnk
2024-03-16 20:03 - 2024-03-16 20:03 - 000000000 ____D C:\Users\sarab\AppData\Local\Kaspersky Lab
2024-03-16 20:03 - 2024-03-16 20:03 - 000000000 ____D C:\Users\Default\AppData\Local\Kaspersky Lab
2024-03-16 20:03 - 2024-03-16 20:03 - 000000000 ____D C:\Program Files (x86)\dotnet
2024-03-16 20:02 - 2024-03-16 20:03 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2024-03-16 20:02 - 2024-03-16 20:03 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2024-03-16 20:02 - 2024-03-16 20:02 - 000003384 _____ C:\WINDOWS\system32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2024-03-16 20:02 - 2024-03-16 20:02 - 000002431 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky.lnk
2024-03-16 20:02 - 2024-03-16 20:02 - 000002246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN.lnk
2024-03-16 20:02 - 2024-03-16 20:02 - 000000000 ____D C:\WINDOWS\system32\Drivers\K4W-21-16
2024-03-16 20:02 - 2024-03-16 20:02 - 000000000 ____D C:\Program Files\Common Files\AV
2024-03-16 19:43 - 2024-03-16 19:43 - 004535160 _____ (Kaspersky) C:\Users\sarab\Downloads\startup (1).exe
2024-03-16 18:35 - 2024-03-16 19:59 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2024-03-16 18:35 - 2024-03-16 18:35 - 004535160 _____ (Kaspersky) C:\Users\sarab\Downloads\startup.exe
2024-03-16 16:52 - 2024-03-16 16:52 - 004529000 _____ (McAfee, LLC) C:\Users\sarab\Downloads\McAfee_Installer_serial_frO8l1B2dkmok8P_TvIUCg2_key_affid_662_akey.exe
2024-03-12 14:16 - 2024-03-12 14:16 - 000020023 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-03-12 14:16 - 2024-03-12 14:16 - 000020023 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-03-12 14:10 - 2024-03-12 14:14 - 000000000 ___HD C:\$WinREAgent
2024-03-12 01:23 - 2024-03-12 01:23 - 000000000 ____D C:\Program Files (x86)\DummyDir
2024-03-11 21:52 - 2024-03-11 21:52 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-03-11 21:52 - 2024-03-11 21:52 - 000002144 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-03-07 23:35 - 2024-03-07 23:35 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-03-04 18:38 - 2024-03-04 18:38 - 000380231 _____ C:\Users\sarab\Downloads\Board Summary Chapter Annual Checkup 2023 (1).pdf
2024-03-04 18:33 - 2024-03-04 18:33 - 000052748 _____ C:\Users\sarab\Downloads\Treasurer's Report 4 March 2024.pdf
2024-03-04 01:45 - 2024-03-04 01:45 - 000380231 _____ C:\Users\sarab\Downloads\Chapter Annual Checkup 2023 (1).pdf
2024-03-02 00:16 - 2024-03-02 00:16 - 004880779 _____ C:\Users\sarab\Downloads\aurora_cabin_shawl.pdf
2024-03-01 22:53 - 2024-03-01 22:53 - 000243014 _____ C:\Users\sarab\Downloads\Pickup Judge Information.pdf
2024-03-01 22:52 - 2024-03-01 22:52 - 000050600 _____ C:\Users\sarab\Downloads\Avenue Christian Church.pdf
2024-03-01 00:35 - 2024-03-01 00:35 - 000388360 _____ C:\Users\sarab\Downloads\2023-11-03 District IV Minutes for Distribution.pdf
2024-02-27 01:08 - 2024-02-27 01:08 - 004555342 _____ C:\Users\sarab\Downloads\American Heritage power point National.pptx
2024-02-26 20:47 - 2024-02-26 20:47 - 000084600 _____ C:\Users\sarab\Downloads\2024-03-21-Chicago Colony New England Women Meeting.pdf
2024-02-26 20:40 - 2024-02-26 20:40 - 006009900 _____ C:\Users\sarab\Downloads\2024 03 March (2).pdf
2024-02-26 03:55 - 2024-02-26 03:55 - 000000000 ____D C:\WINDOWS\{AA32861C-2C06-4CAE-BD98-45566E2627EC}
2024-02-21 22:49 - 2024-02-21 22:49 - 000274625 _____ C:\Users\sarab\Downloads\American Heritage 2024-25 Theme.pdf
2024-02-21 21:39 - 2024-02-21 21:39 - 000237391 _____ C:\Users\sarab\Downloads\ANOVA_Seamed_Version (2).pdf
2024-02-17 00:17 - 2024-02-17 00:17 - 000118617 _____ C:\Users\sarab\Downloads\Conservation Notes Feb3.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-03-18 18:16 - 2023-03-31 01:28 - 000804924 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-03-18 18:16 - 2022-05-07 00:22 - 000000000 ____D C:\WINDOWS\INF
2024-03-18 18:16 - 2021-10-02 19:20 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2024-03-18 18:13 - 2022-05-07 00:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-03-18 18:13 - 2022-05-07 00:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-03-18 18:13 - 2022-05-07 00:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-03-18 18:13 - 2021-12-06 16:41 - 000000000 ____D C:\Program Files (x86)\Google
2024-03-18 18:12 - 2022-05-07 00:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-03-18 18:12 - 2021-12-02 18:41 - 000000000 ___RD C:\Users\sarab\OneDrive
2024-03-18 18:11 - 2023-03-31 01:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-03-18 18:11 - 2022-11-22 23:18 - 000012288 ___SH C:\DumpStack.log.tmp
2024-03-18 18:11 - 2022-05-07 00:24 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2024-03-18 18:11 - 2022-05-07 00:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-03-18 18:11 - 2022-03-30 14:26 - 000000000 ____D C:\ProgramData\Avast Software
2024-03-18 18:11 - 2021-12-02 18:39 - 000000000 __SHD C:\Users\sarab\IntelGraphicsProfiles
2024-03-18 18:11 - 2021-10-02 19:18 - 000000000 ____D C:\ProgramData\Goodix
2024-03-18 18:11 - 2021-10-02 19:18 - 000000000 ____D C:\Intel
2024-03-18 18:06 - 2023-03-31 01:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-03-18 18:06 - 2022-05-07 00:17 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2024-03-18 14:51 - 2021-12-02 18:39 - 000000000 ____D C:\Users\sarab\AppData\Local\D3DSCache
2024-03-16 21:46 - 2022-04-17 14:33 - 000000000 ____D C:\Users\sarab\AppData\Local\CrashDumps
2024-03-16 21:35 - 2022-05-07 00:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-03-16 20:03 - 2021-10-02 19:30 - 000000000 ____D C:\ProgramData\Package Cache
2024-03-16 20:02 - 2022-05-07 00:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-03-16 20:02 - 2021-12-02 18:39 - 000000000 ____D C:\Users\sarab\AppData\Local\Packages
2024-03-16 20:02 - 2021-10-02 16:46 - 000000000 ____D C:\ProgramData\Packages
2024-03-16 19:54 - 2023-01-02 02:24 - 000918944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2024-03-16 18:45 - 2021-10-02 19:21 - 000000000 ____D C:\ProgramData\McAfee
2024-03-16 18:45 - 2021-10-02 19:21 - 000000000 ____D C:\Program Files\McAfee
2024-03-16 15:50 - 2021-10-02 16:44 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-15 14:16 - 2022-02-01 01:21 - 000000000 ____D C:\Users\sarab\AppData\Roaming\Microsoft\PowerPoint
2024-03-15 13:59 - 2021-12-06 15:36 - 000000000 ____D C:\Users\sarab\AppData\Roaming\Microsoft\Word
2024-03-15 13:59 - 2021-12-06 15:36 - 000000000 ____D C:\Users\sarab\AppData\Roaming\Microsoft\Office
2024-03-15 03:22 - 2021-12-06 16:25 - 000000000 ____D C:\Users\sarab\AppData\Roaming\Microsoft\UProof
2024-03-15 00:21 - 2022-01-08 01:40 - 000000000 ____D C:\Users\sarab\AppData\Roaming\Microsoft\Excel
2024-03-14 16:39 - 2021-12-06 16:46 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-03-13 09:31 - 2022-05-07 00:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-03-13 08:43 - 2023-03-31 01:23 - 000483368 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-03-13 08:42 - 2023-10-10 22:35 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-03-13 08:42 - 2022-05-07 00:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-03-13 08:42 - 2022-05-07 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-03-13 08:42 - 2022-05-07 00:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-03-13 08:42 - 2022-05-07 00:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-03-13 08:42 - 2022-05-07 00:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-03-13 08:42 - 2022-05-07 00:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-03-13 08:42 - 2022-05-07 00:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-03-13 08:42 - 2022-05-07 00:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-03-13 08:42 - 2022-05-07 00:17 - 000000000 ____D C:\WINDOWS\servicing
2024-03-13 08:42 - 2021-12-10 12:53 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-03-12 14:18 - 2022-05-07 00:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-03-12 14:16 - 2023-03-31 01:23 - 003213824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-03-12 14:10 - 2021-12-02 20:58 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-03-12 13:57 - 2021-12-02 20:58 - 190470136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-03-11 21:52 - 2023-03-31 01:30 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3124464183-4127185697-753744446-1001
2024-03-08 16:00 - 2022-04-04 16:54 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2024-03-08 15:17 - 2023-03-31 01:30 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2024-03-07 23:33 - 2021-10-02 16:47 - 000000000 ____D C:\Program Files\Microsoft Office
2024-03-06 02:31 - 2023-03-31 01:30 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-03-06 02:31 - 2023-03-31 01:30 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-02-26 03:57 - 2021-10-02 19:20 - 000000000 ____D C:\Program Files (x86)\Dell
2024-02-26 03:56 - 2021-10-02 19:20 - 000000000 ____D C:\Program Files\Dell
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Here is my Adition.txt content:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18.03.2024
Ran by sarab (18-03-2024 18:21:04)
Running from C:\Users\sarab\Downloads
Microsoft Windows 11 Home Version 22H2 22621.3296 (X64) (2023-04-01 04:08:32)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3124464183-4127185697-753744446-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3124464183-4127185697-753744446-503 - Limited - Disabled)
Guest (S-1-5-21-3124464183-4127185697-753744446-501 - Limited - Disabled)
sarab (S-1-5-21-3124464183-4127185697-753744446-1001 - Administrator - Enabled) => C:\Users\sarab
WDAGUtilityAccount (S-1-5-21-3124464183-4127185697-753744446-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AV: Avast Antivirus (Disabled - Out of date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Kaspersky (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58}
FW: McAfee (Enabled) {2FDD6819-222E-5E9F-F5E7-E13A2241D502}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
Avast One (HKLM\...\Avast Antivirus) (Version: 24.2.6105 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 121.0.23992.186 - AVAST Software)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG2500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2500_series) (Version: 1.02 - Canon Inc.)
CleanUp! (HKLM-x32\...\CleanUp!) (Version: - )
Dell Digital Delivery Services (HKLM-x32\...\{16AE9E0C-0E0C-4AD6-82B4-D0F8AB94082F}) (Version: 5.0.86.0 - Dell Inc.)
Dell Mobile Connect Driver (HKLM\...\{EF42F5D9-A5B3-4255-916F-EA411B906750}) (Version: 4.0.6072 - Screenovate Technologies Ltd.)
Dell SupportAssist (HKLM\...\{1E5C3247-B6FF-47F2-AEE9-A921B21E914F}) (Version: 4.0.0.51819 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{39BF0E71-7A16-4A80-BBCE-FBDD2D1CC2D5}) (Version: 5.5.9.18923 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{f6a4df94-48f2-459a-8d40-16b1fbed13c5}) (Version: 5.5.9.18923 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{398E49A0-84CA-43B5-A926-42EF68619E91}) (Version: 5.5.10.19019 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{3563aa3a-c8ae-48d8-ab19-b1f359265295}) (Version: 5.5.10.19019 - Dell Inc.)
Dell Update for Windows Universal (HKLM\...\{183DEF89-F000-4745-81FD-3B43101D5B9F}) (Version: 5.2.0 - Dell Inc.)
Dynamic Application Loader Host Interface Service (HKLM\...\{10BAD5DD-9DA8-4620-9146-334A071A2665}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Elements 9 Organizer (HKLM-x32\...\{433EACD8-4747-4A6A-826A-FFA9F39B0D40}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (HKLM-x32\...\{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Fusion Service (HKLM\...\{599709E7-DD10-4FF5-96D5-7C6F6B5F62C0}) (Version: 1.92.22.0 - Dell.Inc) Hidden
Fusion Service (HKLM-x32\...\{81ce0187-37c1-4c23-8387-44454e1796ad}) (Version: 1.92.22.0 - Dell.Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 122.0.6261.129 - Google LLC)
Intel® LMS (HKLM\...\{51F1A74C-6447-4B19-BE55-90D80578C8F0}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{09FBB991-5EBC-46E7-A83C-8EAE31E53A83}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2118.15.0.2277 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{47D128D9-994B-4427-AF01-176823EDE7CA}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Driver (HKLM\...\{3057FE70-17D5-4288-A926-35565A687CB5}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Kaspersky (HKLM-x32\...\{3DE3615C-3799-3403-92E4-E0BE05A531B5}) (Version: 21.16.6.467 - Kaspersky) Hidden
Kaspersky (HKLM-x32\...\InstallWIX_{3DE3615C-3799-3403-92E4-E0BE05A531B5}) (Version: 21.16.6.467 - Kaspersky)
Kaspersky Password Manager (HKLM-x32\...\{5D66829D-D194-42F8-A27B-BB99BE9CD1F4}) (Version: 24.0.0.427 - Kaspersky) Hidden
Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{5D66829D-D194-42F8-A27B-BB99BE9CD1F4}) (Version: 24.0.0.427 - Kaspersky)
Kaspersky VPN (HKLM-x32\...\{69513344-0E15-3C30-9BDC-04C3706E6CE9}) (Version: 21.16.6.467 - Kaspersky) Hidden
Kaspersky VPN (HKLM-x32\...\InstallWIX_{69513344-0E15-3C30-9BDC-04C3706E6CE9}) (Version: 21.16.6.467 - Kaspersky)
Malwarebytes version 5.1.0.102 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.1.0.102 - Malwarebytes)
Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.26 (x64) (HKLM\...\{87EBA554-A002-4EF4-A612-4FFD06092B5B}) (Version: 48.104.7000 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.26 (x86) (HKLM-x32\...\{C912D2DF-06E9-49D2-9CBB-96AB945AC2DC}) (Version: 48.104.7000 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.20 (x64) (HKLM\...\{76FA02FF-603F-48BB-9E3F-17ED5DB861E8}) (Version: 48.83.63169 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.26 (x64) (HKLM\...\{D81A418F-966D-4069-B3E8-5EE4843CA862}) (Version: 48.104.7000 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.26 (x86) (HKLM-x32\...\{B69C5B6E-E6D4-4DF8-B71D-8BC56D025D9A}) (Version: 48.104.7000 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM-x32\...\{a699b48e-5748-4980-ad92-0b61b1d9d718}) (Version: 5.0.17.31213 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.20 (x64) (HKLM\...\{6CE8AD8C-E6D5-4BF7-91C3-7F8106A5CD93}) (Version: 48.83.63169 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.20 (x64) (HKLM-x32\...\{403b0cfe-5969-462d-8eb2-aafde344360e}) (Version: 6.0.20.32620 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.26 (x64) (HKLM\...\{1A02C1B1-05BB-49F7-9DFF-99A66C6877FC}) (Version: 48.104.7000 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.26 (x86) (HKLM-x32\...\{0E018729-7EC9-4539-BA27-7F010E3D4FDC}) (Version: 48.104.7000 - Microsoft Corporation) Hidden
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.17328.20162 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 122.0.2365.92 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 122.0.2365.92 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.040.0225.0003 - Microsoft Corporation)
Microsoft OneNote - en-us (HKLM\...\OneNoteFreeRetail - en-us) (Version: 16.0.17328.20162 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.25.28508 (HKLM\...\{7D0B74C2-C3F8-4AF1-940F-CD79AB4B2DCE}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.25.28508 (HKLM\...\{EEA66967-97E2-4561-A999-5C22E3CDE428}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.26 (x64) (HKLM\...\{1F0EB53C-BE30-436A-BC54-FA364227A870}) (Version: 48.104.6996 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.26 (x64) (HKLM-x32\...\{b2476903-b8da-4dcc-903f-378730bb4c48}) (Version: 6.0.26.33205 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.26 (x86) (HKLM-x32\...\{185963d2-4c1e-4ef1-a6a4-5219e12fb512}) (Version: 6.0.26.33205 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.26 (x86) (HKLM-x32\...\{1F64DDDC-3D6E-40FC-A0B2-FC5FD649ACD9}) (Version: 48.104.6996 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (HKLM-x32\...\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (HKLM-x32\...\{D1A19B02-817E-4296-A45B-07853FD74D57}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (HKLM-x32\...\{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{08D2E121-7F6A-43EB-97FD-629B44903403}) (Version: 1.00.0000 - Adobe) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17328.20142 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17328.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14026.20302 - Microsoft Corporation) Hidden
Signal 5.34.0 (HKU\S-1-5-21-3124464183-4127185697-753744446-1001\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 5.34.0 - Open Whisper Systems)
TurboTax 2021 (HKLM-x32\...\{19F2745D-A94D-40AB-A983-E9D0A57B1E50}) (Version: 021.000.0794 - Intuit Inc.)
TurboTax 2022 (HKLM-x32\...\{E02EC8E6-200F-4BF9-AF32-572FEA31F457}) (Version: 022.000.0599 - Intuit Inc.)
WebAdvisor by McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.871 - McAfee, LLC)
wiliperStateIS (HKLM-x32\...\{B16FF7E6-621F-4E4D-8CE7-CCE834F599C8}) (Version: 022.000.0107 - Intuit Inc.) Hidden
wiliperStateIS (HKLM-x32\...\{DC69B8AD-131F-4EA8-8257-9A363AE22528}) (Version: 021.000.0113 - Intuit Inc.) Hidden
Windows Driver Package - Hewlett-Packard USB (09/08/2015 1.0.0.1) (HKLM\...\C9EDF507DA1B23454B1BF10495C79A1C34ADD79F) (Version: 09/08/2015 1.0.0.1 - Hewlett-Packard)
Zoom (HKU\S-1-5-21-3124464183-4127185697-753744446-1001\...\ZoomUMX) (Version: 5.16.10 (26186) - Zoom Video Communications, Inc.)
Packages:
=========
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5390.0_x64__8j3eq9eme6ctt [2024-03-13] (INTEL CORP) [Startup Task]
AppUp.ThunderboltControlCenter -> C:\Program Files\WindowsApps\AppUp.ThunderboltControlCenter_1.0.37.0_x64__8j3eq9eme6ctt [2023-10-15] (INTEL CORP)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2022-08-20] (Canon Inc.)
Dell CinemaColor -> C:\Program Files\WindowsApps\PortraitDisplays.DellCinemaColor_2.4.78.0_x64__2dgmkzkw4h30c [2022-08-16] (Portrait Displays)
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.4.9.0_x64__htrsf667h5kn2 [2024-03-13] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_5.0.86.0_x64__htrsf667h5kn2 [2024-03-13] (Dell Inc)
Dell Mobile Connect -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnectPlus_4.1.8330.0_x64__0vhbc3ng4wbp0 [2021-12-29] (Screenovate Technologies)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_4.0.9.0_x64__htrsf667h5kn2 [2024-03-16] (Dell Inc)
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_5.2.64.0_x86__htrsf667h5kn2 [2024-02-26] (Dell Inc)
Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1100.416.0_x64__8wekyb3d8bbwe [2024-03-13] (Microsoft Corporation)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_2023.11.13.0_neutral__6rarf9sa4v8jt [2024-03-16] (Disney)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.20.3368.0_x64__rz1tebttyb220 [2024-02-23] (Dolby Laboratories)
Dolby Vision Extensions -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyVisionAccess_2.20301.388.0_x64__rz1tebttyb220 [2023-11-11] (Dolby Laboratories)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_152.1.1099.0_x64__v10z8vjag6ke6 [2024-03-08] (HP Inc.)
Ink.Handwriting.en-US.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.en-US.1.0_0.237.110.0_x64__8wekyb3d8bbwe [2024-01-31] (Microsoft Corporation)
Ink.Handwriting.en-US.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.en-US.1.0_0.237.110.0_x86__8wekyb3d8bbwe [2024-01-31] (Microsoft Corporation)
Ink.Handwriting.Main.en-US.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.Main.en-US.1.0.1_0.237.110.0_x64__8wekyb3d8bbwe [2024-01-31] (Microsoft Corporation)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1041.0_x64__8j3eq9eme6ctt [2024-03-13] (INTEL CORP)
Killer Intelligence Center -> C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_3.1423.712.0_x64__rh07ty8m5nkag [2023-12-27] (INTEL CORP) [Startup Task]
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2402.13002.0_x64__8wekyb3d8bbwe [2024-02-28] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-15] (Microsoft Corp.)
Microsoft.MPEG2VideoExtension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-08-22] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\WINDOWS\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-03-13] (Microsoft Corporation)
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24012.117.0_x64__cw5n1h2txyewy [2024-03-14] (Microsoft Windows) [Startup Task]
My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_2.2.6.0_x64__htrsf667h5kn2 [2024-03-13] (Dell Inc)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-12-30] (Microsoft Corporation)
ShellEx Package -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16\x64 [2024-03-17] (ShellEx Package)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-02-02] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0 [2024-03-13] (Spotify AB) [Startup Task]
Waves MaxxAudio Pro for Dell 2020 -> C:\Program Files\WindowsApps\WavesAudio.MaxxAudioProforDell2020_3.0.98.0_x64__fh4rh281wavaa [2024-03-13] (Waves Audio)
WinAppRuntime.Main.1.2 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.2_2000.802.31.0_x64__8wekyb3d8bbwe [2023-07-20] (Microsoft Corp.)
WinAppRuntime.Main.1.3 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.3_3000.934.1904.0_x64__8wekyb3d8bbwe [2023-08-14] (Microsoft Corp.)
WinAppRuntime.Main.1.4 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.4_4000.1136.2333.0_x64__8wekyb3d8bbwe [2024-02-16] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_5001.70.1338.0_x64__8wekyb3d8bbwe [2024-03-13] (Microsoft Corp.)
Windows App Runtime DDLM 2000.802.31.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.2000.802.31.0-x6_2000.802.31.0_x64__8wekyb3d8bbwe [2023-07-20] (Microsoft Corporation)
Windows App Runtime DDLM 2000.802.31.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.2000.802.31.0-x8_2000.802.31.0_x86__8wekyb3d8bbwe [2023-07-20] (Microsoft Corporation)
Windows App Runtime DDLM 3000.882.2207.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.3000.882.2207.0-x6_3000.882.2207.0_x64__8wekyb3d8bbwe [2023-09-18] (Microsoft Corporation)
Windows App Runtime DDLM 3000.882.2207.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.3000.882.2207.0-x8_3000.882.2207.0_x86__8wekyb3d8bbwe [2023-09-18] (Microsoft Corporation)
Windows App Runtime DDLM 4000.964.11.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.964.11.0-x6_4000.964.11.0_x64__8wekyb3d8bbwe [2024-01-15] (Microsoft Corporation)
Windows App Runtime DDLM 4000.964.11.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.964.11.0-x8_4000.964.11.0_x86__8wekyb3d8bbwe [2024-01-15] (Microsoft Corporation)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-03-13] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.040.0225.0003\FileSyncShell64.dll [2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.040.0225.0003\FileSyncShell64.dll [2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.040.0225.0003\FileSyncShell64.dll [2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.040.0225.0003\FileSyncShell64.dll [2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.040.0225.0003\FileSyncShell64.dll [2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.040.0225.0003\FileSyncShell64.dll [2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.040.0225.0003\FileSyncShell64.dll [2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_d51acc8493d6b911\OptaneShellExt.dll [2022-10-27] (Intel Corporation -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-03-16] (Avast Software s.r.o. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.040.0225.0003\FileSyncShell64.dll [2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.040.0225.0003\FileSyncShell64.dll [2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.040.0225.0003\FileSyncShell64.dll [2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.040.0225.0003\FileSyncShell64.dll [2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.040.0225.0003\FileSyncShell64.dll [2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.040.0225.0003\FileSyncShell64.dll [2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.040.0225.0003\FileSyncShell64.dll [2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-03-16] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.040.0225.0003\FileSyncShell64.dll [2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-03-16] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers1: [Kaspersky Premium 21.16] -> {AE776072-9FCA-48AF-941C-5759266BB644} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16\x64\shellex.dll [2024-03-16] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers2: [Kaspersky Premium 21.16] -> {AE776072-9FCA-48AF-941C-5759266BB644} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16\x64\shellex.dll [2024-03-16] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-03-16] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-03-16] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_d51acc8493d6b911\OptaneShellExt.dll [2022-10-27] (Intel Corporation -> )
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.040.0225.0003\FileSyncShell64.dll [2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [Kaspersky Premium 21.16] -> {AE776072-9FCA-48AF-941C-5759266BB644} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16\x64\shellex.dll [2024-03-16] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.040.0225.0003\FileSyncShell64.dll [2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-03-16] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers6: [Kaspersky Premium 21.16] -> {AE776072-9FCA-48AF-941C-5759266BB644} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16\x64\shellex.dll [2024-03-16] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-03-16] (Malwarebytes Inc. -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2023-01-10 21:13 - 2023-01-10 21:13 - 001635328 _____ () [File not signed] C:\Program Files\Dell\Plugins\Public Secure Storage\e_sqlite3.DLL
2021-10-02 16:47 - 2021-10-02 16:47 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2021-10-02 16:47 - 2021-10-02 16:47 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2018-03-08 07:18 - 2018-03-08 07:18 - 000015360 _____ (NHibernate community) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Iesi.Collections.dll
2018-02-06 17:25 - 2018-02-06 17:25 - 000176640 _____ (rubicon IT GmbH) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Remotion.Linq.dll
2018-03-23 12:10 - 2018-03-23 12:10 - 000028160 _____ (rubicon IT GmbH) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Remotion.Linq.EagerFetching.dll
2023-01-10 21:21 - 2023-01-10 21:21 - 000005120 _____ (SourceGear) [File not signed] C:\Program Files\Dell\Plugins\Public Secure Storage\SQLitePCLRaw.batteries_v2.dll
2023-01-10 21:18 - 2023-01-10 21:18 - 000050688 _____ (SourceGear) [File not signed] C:\Program Files\Dell\Plugins\Public Secure Storage\SQLitePCLRaw.core.dll
2023-01-10 21:18 - 2023-01-10 21:18 - 000035840 _____ (SourceGear) [File not signed] C:\Program Files\Dell\Plugins\Public Secure Storage\SQLitePCLRaw.provider.e_sqlite3.dll
2021-02-17 04:19 - 2021-02-17 04:19 - 000124928 _____ (Stateless Contributors) [File not signed] [File is in use] C:\Program Files\Dell\SupportAssistAgent\bin\stateless.dll
2021-12-17 05:45 - 2021-12-17 05:45 - 000258048 _____ (The Apache Software Foundation) [File not signed] [File is in use] C:\Program Files\Dell\SupportAssistAgent\bin\log4net.dll
2016-12-18 08:55 - 2016-12-18 08:55 - 000097280 _____ (Tunnel Vision Laboratories, LLC) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Antlr3.Runtime.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\sarab\Downloads\avast_one_free_antivirus.exe:MBAM.Zone.Identifier [266]
AlternateDataStreams: C:\Users\sarab\Downloads\FRST64.exe:MBAM.Zone.Identifier [240]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2022-07-20] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2022-07-20] (McAfee, LLC -> McAfee, LLC)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2021-06-05 07:08 - 2024-03-16 18:40 - 000000822 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3124464183-4127185697-753744446-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\sarab\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalCache\Microsoft\IrisService\16961110113903633054\133552757595932587.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{7695E3CA-8C46-4CA0-9FDE-5B6B11C765A3}] => (Allow) C:\Program Files (x86)\TurboTax\Individual 2021\32bit\CefSharp.BrowserSubprocess.exe (INTUIT INC. -> The CefSharp Authors)
FirewallRules: [{E3ABFCB4-AD57-47CF-9F65-438C5EBD7F10}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnectPlus_4.1.8330.0_x64__0vhbc3ng4wbp0\DellMobileConnect.exe (6B081F61-C764-4F21-995F-B463D0640577 -> Screenovate Technologies Ltd.)
FirewallRules: [{0547E7D7-8DF1-43E7-9203-0E2AF79AC163}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnectPlus_4.1.8330.0_x64__0vhbc3ng4wbp0\DellMobileConnect.exe (6B081F61-C764-4F21-995F-B463D0640577 -> Screenovate Technologies Ltd.)
FirewallRules: [{C1315D0D-BAB7-482A-BFA2-A7CD9310C917}] => (Allow) C:\Users\sarab\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{C2BB7AB1-5152-436A-A26B-2EB0EB7A4AE7}] => (Allow) C:\Users\sarab\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{8C47731E-A767-4500-9F0E-4E26CB69B2E5}] => (Allow) C:\Users\sarab\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{C4C0D488-DDBB-4C0A-98DE-5986C3B9F059}] => (Allow) C:\Program Files (x86)\TurboTax\Individual 2022\32bit\CefSharp.BrowserSubprocess.exe (INTUIT INC. -> The CefSharp Authors)
FirewallRules: [{CC82CA22-99E5-4C5D-A96A-2A26507E0FF9}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe (Intuit ESD Test Certificate -> Intuit Inc.) [File not signed]
FirewallRules: [{F20DB216-CEC5-4666-BD71-03B4DCFB31E2}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit ESD Test Certificate -> Intuit Inc.) [File not signed]
FirewallRules: [{F4F60908-0071-44A5-AAEE-12334FDD1B26}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit ESD Test Certificate -> Intuit Inc.) [File not signed]
FirewallRules: [{BFEADCEB-B40E-44BC-B8CC-F7851943936F}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit ESD Test Certificate -> Intuit Inc.) [File not signed]
FirewallRules: [{5C02DFA4-5A9F-4C79-8493-219EAF15863D}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit ESD Test Certificate -> Intuit Inc.) [File not signed]
FirewallRules: [{E50CE525-FC6F-4C13-8382-0ED4003E43CE}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit ESD Test Certificate -> Intuit Inc.) [File not signed]
FirewallRules: [{327AABC7-861A-4492-9439-7F2F1E59F1A7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5839B6DD-83B0-49D8-BC06-95A9CD48B239}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7916504D-2C1D-4238-9553-B95097220BD5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4EE0B46E-7FBC-4B24-BFBE-D2310C6025F1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B74F49B4-F012-405C-B9D1-66FDC02AA1BA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{341438EA-CE0A-43FD-A262-C98B2DA25F6F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BE661BFD-E5A5-4A32-8274-41A85CE9E2A4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3F8AF840-61D1-460C-A4A6-C1D00DAF5307}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{94371AE4-8A64-4CC1-9238-F36DB2201488}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{87FB03F7-4855-4133-8791-5215AE141159}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E8E3BC7D-EE1B-4DBE-AB57-BBAAAD519D3D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{FBB3A98D-C564-42D2-8304-A08182663F83}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D4AA74D1-736E-4667-A10D-F9CF3EAB94CA}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24047.202.2704.38_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{237A74C0-1BB8-46B0-8489-BAFCF303D9EC}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24047.202.2704.38_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{55B8AA63-725B-49F8-A10C-BD906105FDB8}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{564A92E1-5433-4729-B3A9-8E132D8FA8F4}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{E3FA5B6A-D680-43DA-A684-4C1B59A30661}] => (Allow) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9D49CA35-2A7C-490A-8F7D-62E91E61FB6F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
15-03-2024 19:48:36 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/18/2024 06:06:46 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.]
Error: (03/18/2024 06:06:46 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress..
Error: (03/18/2024 06:06:46 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.]
Error: (03/18/2024 05:53:59 PM) (Source: MsiInstaller) (EventID: 11406) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1406. Could not write value MsiStubRun to key \SOFTWARE\AVAST Software\Browser\Update. System error . Verify that you have sufficient access to that key, or contact your support personnel.
Error: (03/18/2024 02:48:35 PM) (Source: MsiInstaller) (EventID: 11406) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1406. Could not write value MsiStubRun to key \SOFTWARE\AVAST Software\Browser\Update. System error . Verify that you have sufficient access to that key, or contact your support personnel.
Error: (03/18/2024 01:42:50 AM) (Source: MsiInstaller) (EventID: 11406) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1406. Could not write value MsiStubRun to key \SOFTWARE\AVAST Software\Browser\Update. System error . Verify that you have sufficient access to that key, or contact your support personnel.
Error: (03/18/2024 12:42:50 AM) (Source: MsiInstaller) (EventID: 11406) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1406. Could not write value MsiStubRun to key \SOFTWARE\AVAST Software\Browser\Update. System error . Verify that you have sufficient access to that key, or contact your support personnel.
Error: (03/18/2024 12:02:21 AM) (Source: MsiInstaller) (EventID: 11406) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1406. Could not write value MsiStubRun to key \SOFTWARE\AVAST Software\Browser\Update. System error . Verify that you have sufficient access to that key, or contact your support personnel.
System errors:
=============
Error: (03/18/2024 05:51:51 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-QHBL498)
Description: The server {021E4F06-9DCC-49AD-88CF-ECC2DA314C8A} did not register with DCOM within the required timeout.
Error: (03/18/2024 03:41:36 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.
Error: (03/18/2024 03:13:22 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9WZDNCRFHVQM-MICROSOFT.WINDOWSCOMMUNICATIONSAPPS.
Error: (03/18/2024 03:11:36 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.
Error: (03/18/2024 02:48:18 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Miniport Microsoft Wi-Fi Direct Virtual Adapter #4, {d4ebc38a-15d7-41c5-8e3a-b33a64a04269}, had event 74
Error: (03/18/2024 12:04:21 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-QHBL498)
Description: The server {628ACE20-B77A-456F-A88D-547DB6CEEDD5} did not register with DCOM within the required timeout.
Error: (03/18/2024 12:04:21 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-QHBL498)
Description: The server {A28430CA-1EBF-48DD-AA17-9221B6F86A6C} did not register with DCOM within the required timeout.
Error: (03/18/2024 12:04:21 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-QHBL498)
Description: The server {08949FF9-54D2-47CB-9B3F-82E9ACC93DF1} did not register with DCOM within the required timeout.
Windows Defender:
================
Date: 2024-03-16 19:57:42
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
CodeIntegrity:
===============
Date: 2024-03-18 18:18:54
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2024-03-18 18:18:54
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16\x64\com_antivirus.dll that did not meet the Windows signing level requirements.
Date: 2024-03-18 18:14:25
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2024-03-18 18:14:25
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16\x64\com_antivirus.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. 3.20.0 12/19/2023
Motherboard: Dell Inc. 0TPHC1
Processor: 11th Gen Intel® Core™ i7-1195G7 @ 2.90GHz
Percentage of memory in use: 32%
Total physical RAM: 32474.79 MB
Available physical RAM: 21983.52 MB
Total Virtual: 37338.79 MB
Available Virtual: 26651.07 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:936.22 GB) (Free:819.05 GB) (Model: NVMe PM9A1 NVMe Samsung 1024GB) (Protected) NTFS
Drive d: (Seagate Basic) (Fixed) (Total:4657.4 GB) (Free:4271.75 GB) (Model: Seagate Basic SCSI Disk Device) NTFS
Drive e: (USB20FD) (Removable) (Total:3.77 GB) (Free:3.6 GB) FAT32
\\?\Volume{a89cd7c8-e94b-4afd-94de-2eacbc3a8962}\ () (Fixed) (Total:1.1 GB) (Free:0.1 GB) NTFS
\\?\Volume{7960f439-dafe-43fa-9118-b8ac2264245c}\ (Image) (Fixed) (Total:14.87 GB) (Free:0.15 GB) NTFS
\\?\Volume{1aed8fe9-80f6-44bc-b8d1-fdd9d1861824}\ (DELLSUPPORT) (Fixed) (Total:1.37 GB) (Free:0.34 GB) NTFS
\\?\Volume{d868e8a1-1815-4f5b-9a10-479de1ce8a57}\ (ESP) (Fixed) (Total:0.18 GB) (Free:0.09 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 953.9 GB) (Disk ID: 60DE8FB3)
Partition: GPT.
==========================================================
Disk: 1 (Size: 4657.5 GB) (Disk ID: 51D645AD)
Partition: GPT.
==========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 3.8 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=3.8 GB) - (Type=FAT32)
==================== End of Addition.txt =======================
Well, now that I'm at the bottom of this page, I see that maybe I was supposed to just attach the files. Y'all will be sure to tell me what I did wrong!
Thanks for any help you can give me, These popups are SO annoying!
Attached Files
-
Addition.txt 43.77KB
396 downloads
-
FRST.txt 56.36KB
370 downloads
