From my thread about Microsoft being locked up

**jxdama** · 09-28-2023, 11:43 PM

right now the frst thing is pinned to the taskbar right under wher this pc help forum is

**Malnutrition** · 09-28-2023, 11:44 PM

I am afraid that I can not be anymore clear with the instructions.

**jxdama** · 09-28-2023, 11:45 PM

im doing my best

**Malnutrition** · 09-28-2023, 11:45 PM

Take your time read everything I sent you.

**jxdama** · 09-28-2023, 11:46 PM

when i click wondows d the instructions pop up

**jxdama** · 09-28-2023, 11:47 PM

okay, apparently windows d just brings up the same page im already on. Now its bring up this page

**jxdama** · 09-28-2023, 11:49 PM

i think im getting it. IT WILL TAKE A FEW MINUTES. IM GOING TO HAVE TO WRITE DOWN ALL THE INSTRUCTIONS. sorry for the caps. im going too fast

**Malnutrition** · 09-28-2023, 11:49 PM

Download this folder open it and right click FRST run as admin then click the fix button.

**jxdama** · 09-28-2023, 11:51 PM

ok, it says new folder5 in a list but i dont see frst

**Malnutrition** · 09-28-2023, 11:52 PM

Well it is n there. I will sign off now.

**jxdama** · 09-29-2023, 12:06 AM

i think the fix worked but i dont see a log. what i was doing wrong was i was redoing the scan then trying to hit fix. when i hit run as admin and went right to fix it ran a green bar across then said fix completed and do a restart which i did

**Malnutrition** · 09-29-2023, 05:09 AM

OK, please re run FRST and post new logs.

**jxdama** · 09-29-2023, 07:57 AM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-09-2023
Ran by john (administrator) on DESKTOP-THSFR3B (HP HP Desktop M01-F3xxx) (29-09-2023 03:55:24)
Running from C:\Users\john\Downloads\FRST64(2).exe
Loaded Profiles: john
Platform: Microsoft Windows 11 Home Version 22H2 22621.2283 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE → Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr 4m\radeonsoftware\AMDRSServ.exe
(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE → Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr 4m\radeonsoftware\RadeonSoftware.exe
(C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe ->) (EXPRSVPN LLC → ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpnd\expressvpnd.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr 4m\radeonsoftware\AMDRSServ.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE → Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr 4m\radeonsoftware\AMDRSSrcExt.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr 4m\radeonsoftware\RadeonSoftware.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE → Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr 4m\radeonsoftware\cncmd.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_23231.411.2342.95 97_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation → Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045 .43\msedgewebview2.exe <12>
(DriverStore\FileRepository\u0392596.inf_amd64_6b8 c540dc585ffa4\B392262\atiesrxx.exe ->) (Advanced Micro Devices Inc. → AMD) C:\Windows\System32\DriverStore\FileRepository\u03 92596.inf_amd64_6b8c540dc585ffa4\B392262\atieclxx. exe
(ED346674-0FA1-4272-85CE-3187C9C86E26 → HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1. 3.39.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSys temEventUtilityHost.exe
(ED346674-0FA1-4272-85CE-3187C9C86E26 → HP Inc.) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101. 2309.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\O menCommandCenterBackground.exe
(explorer.exe ->) (Microsoft Corporation → ) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2307 .27.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe
(explorer.exe ->) (Microsoft Corporation → Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <25>
(EXPRSVPN LLC → ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe
(HP Inc. → ) C:\Program Files\HP\Overlay\OMENOverlay.exe
(Mozilla Corporation → Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10>
(SECOMN64.exe ->) (Sound Research Corporation → Sound Research, Corp.) C:\Windows\System32\SECOCL64.exe
(services.exe ->) (Advanced Micro Devices Inc. → AMD) C:\Windows\System32\DriverStore\FileRepository\u03 92596.inf_amd64_6b8c540dc585ffa4\B392262\atiesrxx. exe
(services.exe ->) (EXPRSVPN LLC → ExpressVPN) C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe
(services.exe ->) (HON HAI PRECISION INDUSTRY CO.LTD. → ) C:\Program Files\FanControlApp\FanControlApp.exe
(services.exe ->) (HP Inc. → HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (HP Inc. → HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpa nalyticscomp.inf_amd64_43e3600968234e87\x64\Touchp ointAnalyticsClientService.exe
(services.exe ->) (HP Inc. → HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpc ustomcapcomp.inf_amd64_f1a9bf9a59c52b11\x64\AppHel perCap.exe
(services.exe ->) (HP Inc. → HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpc ustomcapcomp.inf_amd64_f1a9bf9a59c52b11\x64\DiagsC ap.exe
(services.exe ->) (HP Inc. → HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpc ustomcapcomp.inf_amd64_f1a9bf9a59c52b11\x64\Networ kCap.exe
(services.exe ->) (HP Inc. → HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpc ustomcapcomp.inf_amd64_f1a9bf9a59c52b11\x64\SysInf oCap.exe
(services.exe ->) (Microsoft Corporation → Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher → Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher → Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher → Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher → Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. → Realtek Semiconductor Corp.) C:\Windows\RtkWiFiManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. → Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\rea ltekservice.inf_amd64_0c755fff65745edd\RtkAudUServ ice64.exe <2>
(services.exe ->) (Sound Research Corporation → Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(sihost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 → ) C:\Program Files\WindowsApps\AD2F1837.myHP_25.52334.606.0_x64 __v10z8vjag6ke6\win32\DesktopExtension.exe
(sihost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 → HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPEnhance_1.3.5.0_x64__ v10z8vjag6ke6\Win32\HPEnhancedLighting.Bg.exe
(svchost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 → ) C:\Program Files\WindowsApps\AD2F1837.myHP_25.52334.606.0_x64 __v10z8vjag6ke6\HP.myHP.exe
(svchost.exe ->) (HP Inc. → HP Inc.) C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe
(svchost.exe ->) (HP Inc. → HP Inc.) C:\Program Files\HP\Overlay\OverlayHelper.exe
(svchost.exe ->) (Microsoft Corporation → Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.82 3.7272.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation → Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.82 3.7272.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Windows → ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExper ience_423.23500.0.0_x64__cw5n1h2txyewy\Dashboard\W idgetService.exe
(svchost.exe ->) (Microsoft Windows → Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows → Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [380816 2022-08-04] (EXPRSVPN LLC → ExpressVPN)
HKU\S-1-5-21-1867205174-823180755-3576545642-1001...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [538160 2023-09-28] (HP Inc. → HP Inc.)
HKU\S-1-5-21-1867205174-823180755-3576545642-1001...\Run: [MicrosoftEdgeAutoLaunch_45D944CC36A69C479BF3C34860 4E81F2] => “C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe” --no-startup-window --win-session-start /prefetch:5 [4210112 2023-09-25] (Microsoft Corporation → Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {F4FA67D7-5D83-4AAB-B39E-A8BFB942847C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [703536 2023-09-15] (HP Inc. → HP Inc.)
Task: {2BCB33C1-8EAA-47CD-A25F-3B97694B9B47} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2023-09-15] (HP Inc. → HP Inc.)
Task: {E4433F47-91AB-4DFC-BEB8-9DADF24E5724} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChec ker.exe [1161264 2023-09-15] (HP Inc. → HP Inc.)
Task: {3AC03B8B-FC7B-4B62-AEBD-470A57062CD1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChec ker.exe [1161264 2023-09-15] (HP Inc. → HP Inc.)
Task: {14AC54B9-F75B-4EFD-AB67-10C84ED0DECF} - System32\Tasks\HP\Consent Manager Launcher => C:\windows\system32\sc.exe [98304 2022-05-07] (Microsoft Windows → Microsoft Corporation) → start hptouchpointanalyticsservice
Task: {00D4FB00-9FD1-4675-947C-F263C6CDC349} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26913760 2023-09-01] (Microsoft Corporation → Microsoft Corporation)
Task: {069EA780-6129-41B5-B9AF-537B8A98090F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26913760 2023-09-01] (Microsoft Corporation → Microsoft Corporation)
Task: {5503D4E0-7C38-42F6-8BEE-BC0256BA22B5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158664 2023-09-17] (Microsoft Corporation → Microsoft Corporation)
Task: {C0B5A6DB-2936-4BCE-BFD0-90269963DFAA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158664 2023-09-17] (Microsoft Corporation → Microsoft Corporation)
Task: {F66CE3EA-2BB8-44A5-B053-D170C4398BAA} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [167864 2023-08-01] (Microsoft Corporation → Microsoft Corporation)
Task: {74D6A48C-DFF2-4331-B2BA-E3B048420FD3} - System32\Tasks\Microsoft\Windows\AppxDeploymentCli ent\UCPD velocity => C:\windows\system32\UCPDMgr.exe [58880 2023-09-12] (Microsoft Windows → Microsoft Corporation)
Task: {14C2CE4A-1092-4618-871C-289B29B806D0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-31] (Microsoft Windows Publisher → Microsoft Corporation)
Task: {CA3EBC08-3FC6-4CF0-BA75-731510213B14} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-31] (Microsoft Windows Publisher → Microsoft Corporation)
Task: {6B45F2EF-EA3E-488A-AFF2-98C6674D6601} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-31] (Microsoft Windows Publisher → Microsoft Corporation)
Task: {E3063D3E-2308-4359-98BD-5862F4AFBB1A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-31] (Microsoft Windows Publisher → Microsoft Corporation)
Task: {32FD51C1-47BB-4DE2-BCCD-F588395820CC} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-09-28] (Mozilla Corporation → Mozilla Corporation) → --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump :5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundup date.moz_log --backgroundtask backgroundupdate
Task: {6863F2A9-37E1-45ED-A870-22B760EF45F5} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [717728 2023-09-28] (Mozilla Corporation → Mozilla Foundation)
Task: {6DB039E5-946B-4545-9220-957115208A27} - System32\Tasks\OmenInstallMonitor => C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe [58352 2023-09-27] (HP Inc. → HP Inc.)
Task: {B1F212DB-ED62-49FB-AD31-C79F8698932D} - System32\Tasks\OmenOverlay => C:\Program Files\HP\Overlay\OverlayHelper.exe [60400 2023-09-27] (HP Inc. → HP Inc.)
Task: {2F7EBAED-882C-4AB8-B623-226B05736234} - System32\Tasks\RtkAudUService64_BG => C:\windows\System32\DriverStore\FileRepository\rea ltekservice.inf_amd64_0c755fff65745edd\RtkAudUServ ice64.exe [1923384 2023-09-06] (Realtek Semiconductor Corp. → Realtek Semiconductor)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip..\Interfaces{fed75b1f-821c-4c33-a838-025763bcbc5d}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
[HEADING=1]Edge:[/HEADING]
Edge DefaultProfile: Default
Edge Profile: C:\Users\john\AppData\Local\Microsoft\Edge\User Data\Default [2023-09-29]
Edge Notifications: Default → hxxps://pchelpforum.net; hxxps://politicalhotwire.com; hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www.youtube.com
Edge Session Restore: Default → is enabled.
Edge Extension: (Google Docs Offline) - C:\Users\john\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdl olhkhi [2023-08-30]
Edge Extension: (Edge relevant text changes) - C:\Users\john\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkg hcpiha [2023-09-14]
[HEADING=1]FireFox:[/HEADING]
FF DefaultProfile: ujse8sqr.default
FF ProfilePath: C:\Users\john\AppData\Roaming\Mozilla\Firefox\Prof iles\ujse8sqr.default [2023-09-28]
FF ProfilePath: C:\Users\john\AppData\Roaming\Mozilla\Firefox\Prof iles\6sjtp7l0.default-release [2023-09-29]
FF Notifications: Mozilla\Firefox\Profiles\6sjtp7l0.default-release → hxxps://www.instagram.com
FF Plugin: @microsoft.com/SharePoint,version=14.0 → C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-08-01] (Microsoft Corporation → Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 → C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-08-01] (Microsoft Corporation → Microsoft Corporation)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11817040 2023-09-01] (Microsoft Corporation → Microsoft Corporation)
R2 ExpressVPNService; C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe [439696 2022-08-04] (EXPRSVPN LLC → ExpressVPN)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [893984 2022-08-15] (HP Inc. → HP Inc.)
R2 HPAppHelperCap; C:\windows\System32\DriverStore\FileRepository\hpc ustomcapcomp.inf_amd64_f1a9bf9a59c52b11\x64\AppHel perCap.exe [888272 2023-08-29] (HP Inc. → HP Inc.)
R2 HPDiagsCap; C:\windows\System32\DriverStore\FileRepository\hpc ustomcapcomp.inf_amd64_f1a9bf9a59c52b11\x64\DiagsC ap.exe [886736 2023-08-29] (HP Inc. → HP Inc.)
R2 HPNetworkCap; C:\windows\System32\DriverStore\FileRepository\hpc ustomcapcomp.inf_amd64_f1a9bf9a59c52b11\x64\Networ kCap.exe [883152 2023-08-29] (HP Inc. → HP Inc.)
R2 HPSysInfoCap; C:\windows\System32\DriverStore\FileRepository\hpc ustomcapcomp.inf_amd64_f1a9bf9a59c52b11\x64\SysInf oCap.exe [886840 2023-08-29] (HP Inc. → HP Inc.)
R2 HpTouchpointAnalyticsService; C:\windows\System32\DriverStore\FileRepository\hpa nalyticscomp.inf_amd64_43e3600968234e87\x64\Touchp ointAnalyticsClientService.exe [497744 2023-08-02] (HP Inc. → HP Inc.)
R2 ID19 HP Fan Control Service; C:\Program Files\FanControlApp\FanControlApp.exe [283168 2020-04-28] (HON HAI PRECISION INDUSTRY CO.LTD. → )
R2 RtkWiFiManServ; C:\windows\RtkWiFiManServ.exe [821632 2023-06-27] (Realtek Semiconductor Corp. → Realtek Semiconductor Corp.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\NisSrv.exe [3121008 2023-08-31] (Microsoft Windows Publisher → Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe [133688 2023-08-31] (Microsoft Windows Publisher → Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\windows\System32\drivers\amdfendrmgr.sys [25560 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher → Advanced Micro Devices, Inc.)
R3 amdgpio3; C:\windows\System32\drivers\amdgpio3.sys [36928 2022-07-07] (ASMedia Technology Inc. → Advanced Micro Devices, Inc)
R3 amdwddmg; C:\windows\System32\DriverStore\FileRepository\u03 92596.inf_amd64_6b8c540dc585ffa4\B392262\amdkmdag. sys [100372792 2023-06-06] (Advanced Micro Devices Inc. → Advanced Micro Devices, Inc.)
R3 expressvpntun; C:\windows\System32\drivers\expressvpn-tun.sys [56536 2022-08-04] (Express VPN International Ltd. → ExpressVPN)
R0 fse; C:\windows\System32\drivers\fse.sys [218464 2023-05-05] (Microsoft Windows → Microsoft Corporation)
R3 HPCustomCapDriver; C:\windows\System32\DriverStore\FileRepository\hpc ustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcu stomcapdriver.sys [26648 2022-06-23] (HP Inc. → HP Inc.)
R2 HpReadHWData; C:\windows\system32\drivers\HpReadHWData.sys [52176 2023-08-15] (HP Inc. → Windows (R) Win 7 DDK provider)
S3 rtcx21; C:\windows\System32\DriverStore\FileRepository\rtc x21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows → Realtek)
S4 UCPD; C:\windows\System32\drivers\UCPD.sys [29184 2023-09-12] (Microsoft Windows → Microsoft Corporation)
S3 vmbusproxy; C:\windows\system32\drivers\vmbusproxy.sys [94208 2023-05-05] (Microsoft Windows → )
S0 WdBoot; C:\windows\System32\drivers\wd\WdBoot.sys [55872 2023-08-31] (Microsoft Windows Early Launch Anti-malware Publisher → Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows → Microsoft Corporation)
R0 WdFilter; C:\windows\System32\drivers\wd\WdFilter.sys [574872 2023-08-31] (Microsoft Windows → Microsoft Corporation)
R3 WdNisDrv; C:\windows\System32\drivers\wd\WdNisDrv.sys [105864 2023-08-31] (Microsoft Windows → Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-09-28 20:05 - 2023-09-28 20:05 - 000000000 ____D C:\ProgramData\Propagation
2023-09-28 20:05 - 2023-09-28 20:05 - 000000000 ____D C:\ProgramData\AMD
2023-09-28 20:02 - 2023-09-28 20:03 - 000310855 _____ C:\Users\john\Downloads\Fixlog.txt
2023-09-28 19:50 - 2023-09-28 19:50 - 001839652 _____ C:\Users\john\Downloads\New folder (5).zip
2023-09-28 10:01 - 2023-09-28 20:03 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-09-27 20:39 - 2023-09-27 20:39 - 002382848 _____ (Farbar) C:\Users\john\Downloads\FRST64(2).exe
2023-09-27 20:14 - 2023-09-27 20:14 - 000000000 ____D C:\AdwCleaner
2023-09-27 20:13 - 2023-09-27 20:13 - 008791352 _____ (Malwarebytes) C:\Users\john\Downloads\adwcleaner.exe
2023-09-27 14:26 - 2023-09-29 03:55 - 000019828 _____ C:\Users\john\Downloads\FRST.txt
2023-09-27 14:26 - 2023-09-28 19:52 - 000030462 _____ C:\Users\john\Downloads\Addition.txt
2023-09-27 14:25 - 2023-09-29 03:55 - 000000000 ____D C:\FRST
2023-09-27 12:35 - 2023-09-27 12:35 - 002382848 _____ (Farbar) C:\Users\john\Downloads\FRST64(1).exe
2023-09-27 12:32 - 2023-09-27 12:32 - 002382848 _____ (Farbar) C:\Users\john\Downloads\FRST64.exe
2023-09-26 15:36 - 2023-09-06 02:09 - 006527960 _____ (Realtek Semiconductor Corp.) C:\windows\system32\Drivers\RTKVHD64.sys
2023-09-14 08:02 - 2023-09-28 15:43 - 000000000 ____D C:\Users\john\AppData\Local\OGH
2023-09-14 08:02 - 2023-09-27 20:26 - 000003766 _____ C:\windows\system32\Tasks\OmenInstallMonitor
2023-09-14 08:02 - 2023-09-27 20:26 - 000003706 _____ C:\windows\system32\Tasks\OmenOverlay
2023-09-12 17:07 - 2023-09-12 17:08 - 000000000 ___HD C:$WinREAgent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-09-29 03:40 - 2023-05-26 20:19 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-09-29 03:40 - 2023-05-25 07:01 - 000000000 ____D C:\Users\john\AppData\Local\D3DSCache
2023-09-29 03:39 - 2022-05-07 01:24 - 000000000 ____D C:\windows\AppReadiness
2023-09-29 03:38 - 2023-05-25 07:18 - 000000000 ____D C:\Users\john\AppData\Local\HP
2023-09-29 03:38 - 2022-05-07 01:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-09-29 03:38 - 2022-05-07 01:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-09-28 20:14 - 2022-05-07 01:24 - 000000000 ____D C:\windows\SystemTemp
2023-09-28 20:11 - 2022-06-30 21:07 - 000855938 _____ C:\windows\system32\PerfStringBackup.INI
2023-09-28 20:11 - 2022-05-07 01:22 - 000000000 ____D C:\windows\INF
2023-09-28 20:10 - 2023-05-25 07:01 - 000000000 ____D C:\Users\john\AppData\Local\AMD
2023-09-28 20:04 - 2022-06-30 21:01 - 000012288 ___SH C:\DumpStack.log.tmp
2023-09-28 20:04 - 2022-06-30 21:01 - 000000006 ____H C:\windows\Tasks\SA.DAT
2023-09-28 20:03 - 2023-05-26 20:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-09-28 20:03 - 2023-05-05 07:38 - 000002142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon.com.lnk
2023-09-28 20:03 - 2022-05-07 01:17 - 000524288 _____ C:\windows\system32\config\BBI
2023-09-28 19:30 - 2022-06-30 21:01 - 000000000 ____D C:\windows\system32\SleepStudy
2023-09-28 15:44 - 2023-05-26 20:19 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-09-27 20:26 - 2023-05-05 07:05 - 000000000 ____D C:\Program Files\HP
2023-09-27 10:41 - 2023-05-25 06:40 - 000000000 ____D C:\Users\john
2023-09-27 09:57 - 2023-05-05 07:34 - 000000000 ____D C:\Program Files\AMD
2023-09-27 09:57 - 2023-05-05 07:01 - 000001607 _____ C:\windows\system32\config\VSMIDK
2023-09-27 02:42 - 2022-06-30 21:01 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-09-27 02:42 - 2022-06-30 21:01 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-09-26 15:36 - 2023-05-05 07:33 - 000003366 _____ C:\windows\system32\Tasks\RtkAudUService64_BG
2023-09-26 03:35 - 2023-05-25 07:53 - 000003588 _____ C:\windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1867205174-823180755-3576545642-1001
2023-09-26 03:35 - 2023-05-25 07:03 - 000003376 _____ C:\windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1867205174-823180755-3576545642-1001
2023-09-26 03:35 - 2023-05-25 07:03 - 000002383 _____ C:\Users\john\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\OneDrive.lnk
2023-09-25 23:25 - 2023-05-25 06:40 - 000000000 ____D C:\Users\john\AppData\Local\Packages
2023-09-25 23:25 - 2022-06-30 21:02 - 000000000 ____D C:\ProgramData\Packages
2023-09-24 03:39 - 2023-05-25 07:18 - 000000000 ____D C:\windows\system32\Tasks\Hewlett-Packard
2023-09-17 11:12 - 2023-05-05 07:07 - 000000000 ____D C:\Program Files\Microsoft Office
2023-09-16 03:22 - 2022-05-07 01:24 - 000000000 ____D C:\ProgramData\USOPrivate
2023-09-16 03:06 - 2022-06-30 21:01 - 000504272 _____ C:\windows\system32\FNTCACHE.DAT
2023-09-16 03:06 - 2022-05-07 01:24 - 000000000 ___RD C:\windows\ImmersiveControlPanel
2023-09-16 03:06 - 2022-05-07 01:24 - 000000000 ____D C:\windows\UUS
2023-09-16 03:06 - 2022-05-07 01:24 - 000000000 ____D C:\windows\SysWOW64\WinMetadata
2023-09-16 03:06 - 2022-05-07 01:24 - 000000000 ____D C:\windows\SysWOW64\Dism
2023-09-16 03:06 - 2022-05-07 01:24 - 000000000 ____D C:\windows\SystemResources
2023-09-16 03:06 - 2022-05-07 01:24 - 000000000 ____D C:\windows\system32\WinMetadata
2023-09-16 03:06 - 2022-05-07 01:24 - 000000000 ____D C:\windows\system32\oobe
2023-09-16 03:06 - 2022-05-07 01:24 - 000000000 ____D C:\windows\system32\Dism
2023-09-16 03:06 - 2022-05-07 01:24 - 000000000 ____D C:\windows\system32\appraiser
2023-09-16 03:06 - 2022-05-07 01:24 - 000000000 ____D C:\windows\ShellExperiences
2023-09-16 03:06 - 2022-05-07 01:24 - 000000000 ____D C:\windows\ShellComponents
2023-09-16 03:06 - 2022-05-07 01:24 - 000000000 ____D C:\windows\Provisioning
2023-09-16 03:06 - 2022-05-07 01:24 - 000000000 ____D C:\windows\PolicyDefinitions
2023-09-16 03:06 - 2022-05-07 01:24 - 000000000 ____D C:\windows\bcastdvr
2023-09-12 17:21 - 2022-05-07 01:17 - 000000000 ____D C:\windows\CbsTemp
2023-09-12 17:11 - 2022-06-30 21:04 - 003210752 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintConfig.dll
2023-09-12 17:05 - 2023-05-25 03:59 - 000000000 ____D C:\windows\system32\MRT
2023-09-12 17:04 - 2023-05-25 03:59 - 177941912 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2023-08-31 09:37 - 2022-06-30 21:01 - 000000000 ____D C:\windows\system32\Drivers\wd

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

**jxdama** · 09-29-2023, 07:58 AM

[HEADING=1]Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-09-2023
Ran by john (29-09-2023 03:56:10)
Running from C:\Users\john\Downloads
Microsoft Windows 11 Home Version 22H2 22621.2283 (X64) (2023-05-25 08:57:38)
Boot Mode: Normal[/HEADING]
==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1867205174-823180755-3576545642-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1867205174-823180755-3576545642-503 - Limited - Disabled)
Guest (S-1-5-21-1867205174-823180755-3576545642-501 - Limited - Disabled)
john (S-1-5-21-1867205174-823180755-3576545642-1001 - Administrator - Enabled) => C:\Users\john
WDAGUtilityAccount (S-1-5-21-1867205174-823180755-3576545642-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {FE987762-0FB6-6BB6-1BF1-73F8ED8566FA}
FW: McAfee Firewall (Enabled) {C6A3F647-45D9-6AEE-30AE-DACD13562181}

==================== Installed Programs ======================

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ExpressVPN (HKLM-x32...{c921d3a3-4464-48b6-939a-c22ccb904f53}) (Version: 10.28.0.19 - ExpressVPN)
ExpressVPN (HKLM-x32...{E5B9C3E5-889C-4F22-A959-F4B8778D7844}) (Version: 10.28.0.19 - ExpressVPN) Hidden
HP Connection Optimizer (HKLM-x32...{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.19.0 - HP Inc)
HP Documentation (HKLM...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
Microsoft 365 - en-us (HKLM...\O365HomePremRetail - en-us) (Version: 16.0.16731.20234 - Microsoft Corporation)
Microsoft Edge (HKLM-x32...\Microsoft Edge) (Version: 117.0.2045.43 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32...\Microsoft EdgeWebView) (Version: 117.0.2045.43 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1867205174-823180755-3576545642-1001...\OneDriveSetup.exe) (Version: 23.189.0910.0001 - Microsoft Corporation)
Microsoft OneNote - en-us (HKLM...\OneNoteFreeRetail - en-us) (Version: 16.0.16731.20234 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM...{AF47B488-9780-4AB5-A97E-762E28013CA6}) (Version: 5.71.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32...{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32...{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32...{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29325 (HKLM-x32...{d7a6435f-ac9a-4af6-8fdc-ca130d13fac9}) (Version: 14.28.29325.2 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29325 (HKLM-x32...{B40FC85D-2B12-46E0-B950-E5B27E348793}) (Version: 14.28.29325 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29325 (HKLM-x32...{EE2E15BB-54C8-4DB0-B1F3-026E3C166991}) (Version: 14.28.29325 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 en-US) (HKLM...\Mozilla Firefox 118.0.1 (x64 en-US)) (Version: 118.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM...\MozillaMaintenanceService) (Version: 113.0.2 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM...{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16731.20234 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM...{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16731.20234 - Microsoft Corporation) Hidden
Update Installer for WildTangent Games App (HKLM-x32...{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - gamigo, Inc.) Hidden
Vacation Adventures: Park Ranger 11 Collector’s Edition (HKLM-x32...\WTA-85a07164-0f1b-4f3f-ad05-ed5bf20a10dc) (Version: 7.0.0.650 - WildTangent) Hidden
WildTangent Games (HKLM-x32...\WildTangent wildgames Master Uninstall) (Version: 1.1.1.83 - WildTangent)
WildTangent ShortcutProvider (HKLM-x32...{80831F60-19D7-43B3-A60C-5CAF8C478DF6}) (Version: 7.0.0.710 - WildTangent) Hidden
[HEADING=1]Packages:[/HEADING]
AMD Radeon Software → C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr 4m [2023-07-28] (Advanced Micro Devices Inc.) [Startup Task]
Cortana → C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1 005.0_x64__8wekyb3d8bbwe [2023-08-10] (Microsoft Corporation)
Dropbox promotion → C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_23.4.20.0_x6 4__xbfy0k16fey96 [2023-08-31] (Dropbox Inc.)
HP Audio Center → C:\Program Files\WindowsApps\AD2F1837.HPAudioCenter_1.40.284. 0_x64__v10z8vjag6ke6 [2023-09-24] (HP Inc.)
HP Enhanced Lighting → C:\Program Files\WindowsApps\AD2F1837.HPEnhance_1.3.5.0_x64__ v10z8vjag6ke6 [2023-06-07] (HP Inc.)
HP PC Hardware Diagnostics Windows → C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnostics Windows_2.3.2.0_x64__v10z8vjag6ke6 [2023-07-28] (HP Inc.)
HP Privacy Settings → C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.3.7 .0_x64__v10z8vjag6ke6 [2023-08-14] (HP Inc.)
HP QuickDrop → C:\Program Files\WindowsApps\AD2F1837.HPQuickDrop_2.5.10921.0 _x64__v10z8vjag6ke6 [2023-05-25] (HP Inc.)
HP Smart → C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_149.1. 1056.0_x64__v10z8vjag6ke6 [2023-09-11] (HP Inc.)
HP Support Assistant → C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.30 .18.0_x64__v10z8vjag6ke6 [2023-09-22] (HP Inc.)
HP System Event Utility → C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1. 3.39.0_x64__v10z8vjag6ke6 [2023-09-29] (HP Inc.)
Microsoft Family → C:\Program Files\WindowsApps\MicrosoftCorporationII.Microsoft Family_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-25] (Microsoft Corp.)
Microsoft Whiteboard → C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.10510.53 1.0_x64__8wekyb3d8bbwe [2023-06-08] (Microsoft Corporation)
Microsoft.AV1VideoExtension → C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1. 61781.0_x64__8wekyb3d8bbwe [2023-07-20] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS → C:\windows\SystemApps\Microsoft.WindowsAppRuntime. CBS_8wekyb3d8bbwe [2023-09-16] (Microsoft Corporation)
myHP → C:\Program Files\WindowsApps\AD2F1837.myHP_25.52334.606.0_x64 __v10z8vjag6ke6 [2023-09-09] (HP Inc.) [Startup Task]
OMEN Gaming Hub → C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101. 2309.4.0_x64__v10z8vjag6ke6 [2023-09-27] (HP Inc.) [Startup Task]
Solitaire & Casual Games → C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireColl ection_4.17.8180.0_x64__8wekyb3d8bbwe [2023-08-25] (Microsoft Studios) [MS Ad]
Solitaire → C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.3899848 563C1F_1.0.137.0_x64__kx24dqmazqk8j [2023-09-25] (Random Salad Games LLC)
Windows Feature Experience Pack → C:\windows\SystemApps\MicrosoftWindows.Client.File Exp_cw5n1h2txyewy [2023-09-16] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKLM-x32 → DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: HP Network Check Helper → {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} → C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckP luginx64.dll [2023-09-15] (HP Inc. → HP Inc.)
BHO-x32: Skype for Business Browser Helper → {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} → C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-08-01] (Microsoft Corporation → Microsoft Corporation)
BHO-x32: HP Network Check Helper → {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} → C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckP lugin.dll [2023-09-15] (HP Inc. → HP Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-17] (Microsoft Corporation → Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-17] (Microsoft Corporation → Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-17] (Microsoft Corporation → Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-17] (Microsoft Corporation → Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-17] (Microsoft Corporation → Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-17] (Microsoft Corporation → Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-17] (Microsoft Corporation → Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-17] (Microsoft Corporation → Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1867205174-823180755-3576545642-1001...\getscreen.me → hxxp://getscreen.me
IE trusted site: HKU\S-1-5-21-1867205174-823180755-3576545642-1001...\getscreen.me → hxxps://getscreen.me

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-05-07 01:24 - 2023-09-28 20:03 - 000000027 _____ C:\windows\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1867205174-823180755-3576545642-1001\Control Panel\Desktop\Wallpaper → C:\windows\web\wallpaper\HP Backgrounds\backgroundDefault.jpg
DNS Servers: 68.105.28.11 - 68.105.29.11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Host => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{655F518F-8375-4FD6-8A01-0ED1C28C061E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation → Microsoft Corporation)
FirewallRules: [{F5FE29FA-F677-40AA-B1D3-792C75D69FFC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation → Mozilla Corporation)
FirewallRules: [{F9EBFB71-C9CD-42FE-BE2B-B9AF146B5827}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation → Mozilla Corporation)
FirewallRules: [{7061D9E8-052D-4644-B105-536953C8B5AF}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23231.411.2342.95 97_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation → Microsoft Corporation)
FirewallRules: [{C09F4B6C-6906-4FA8-B412-6879B833892B}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23231.411.2342.95 97_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation → Microsoft Corporation)
FirewallRules: [{45B3844B-5FA2-4999-B98A-BDB04D91272E}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101. 2309.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\H P.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 → HP Inc.)
FirewallRules: [{1108FB63-9B2D-42E1-BC12-22253A73D6BF}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101. 2309.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\H P.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 → HP Inc.)
FirewallRules: [{E604324B-FCD4-481B-823D-96B390B9327D}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101. 2309.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\H P.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 → HP Inc.)
FirewallRules: [{62D4C2BE-6C67-409B-9ACF-69A47275121D}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101. 2309.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\H P.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 → HP Inc.)
FirewallRules: [{5CCA5F63-FA71-47C5-BB0D-20A7A91ADE47}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101. 2309.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\H P.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 → HP Inc.)
FirewallRules: [{0ACCD1FD-AB21-475D-982B-7D4AC52E159F}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101. 2309.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\H P.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 → HP Inc.)
FirewallRules: [{DC9202EE-1ACF-40BA-B291-FD0AE573823A}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101. 2309.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\H P.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 → HP Inc.)
FirewallRules: [{AE6E2E31-08E2-49D5-88D9-74ED832ADE14}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101. 2309.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\H P.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 → HP Inc.)
FirewallRules: [{E04948CC-C980-4E94-A07E-3D82E4734501}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101. 2309.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\H P.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 → HP Inc.)
FirewallRules: [{AD3E75B6-5036-44C9-ADAB-4C6FDF5B8FDC}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101. 2309.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\H P.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 → HP Inc.)
FirewallRules: [{092EC0EC-693A-472C-BC02-C92DB3704B5A}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101. 2309.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\H P.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 → HP Inc.)
FirewallRules: [{CFDFBC48-F22F-4DD7-A77B-4E8D69E190D4}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101. 2309.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\H P.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 → HP Inc.)
FirewallRules: [{9CB6BE7F-9637-4054-98C1-CA680EEFBA22}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101. 2309.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\H P.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 → HP Inc.)
FirewallRules: [{31BB9DFC-4079-47E1-83E4-7274EB862586}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101. 2309.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\H P.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 → HP Inc.)
FirewallRules: [{E9D0E3C3-0056-4065-87E9-67571153E176}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101. 2309.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\O menCommandCenterBackground.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 → HP Inc.)
FirewallRules: [{761835B3-B8EC-49B2-A76A-8797BAB01E30}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101. 2309.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\O menCommandCenterBackground.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 → HP Inc.)
FirewallRules: [{F46698EF-DA0E-41DE-BE49-07A989E2DAEF}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045 .43\msedgewebview2.exe (Microsoft Corporation → Microsoft Corporation)
FirewallRules: [{61535DB1-6021-4EB0-ADCE-C33FA55706C6}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23247.1113.2398.2 671_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation → Microsoft Corporation)
FirewallRules: [{A011E681-B377-4BAB-8836-472107268A82}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23247.1113.2398.2 671_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation → Microsoft Corporation)

==================== Restore Points =========================

19-09-2023 21:26:02 Windows Update
24-09-2023 04:11:16 Windows Update
24-09-2023 04:11:17 Windows Update
24-09-2023 04:11:20 Windows Update
27-09-2023 12:24:06 Windows Update
27-09-2023 12:24:12 Windows Update
28-09-2023 20:02:57 Restore Point Created by FRST

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================
[HEADING=1]Application errors:[/HEADING]
Error: (09/29/2023 03:39:33 AM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-THSFR3B)
Description: Faulting application name: msteamsupdate.exe, version: 23231.411.2342.9597, time stamp: 0x64ed3548
Faulting module name: ucrtbase.dll, version: 10.0.22621.608, time stamp: 0xf5fc15a3
Exception code: 0xc0000409
Fault offset: 0x000000000007f61e
Faulting process id: 0x0x1d1c
Faulting application start time: 0x0x1d9f2a814f99d33
Faulting application path: C:\Program Files\WindowsApps\MicrosoftTeams_23231.411.2342.95 97_x64__8wekyb3d8bbwe\msteamsupdate.exe
Faulting module path: C:\windows\System32\ucrtbase.dll
Report Id: 939f2e06-6072-41d5-9198-5d3080cc345d
Faulting package full name: MicrosoftTeams_23231.411.2342.9597_x64__8wekyb3d8b bwe
Faulting package-relative application ID: msteamsupdate

Error: (09/28/2023 08:05:23 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-THSFR3B)
Description: Faulting application name: msteamsupdate.exe, version: 23231.411.2342.9597, time stamp: 0x64ed3548
Faulting module name: ucrtbase.dll, version: 10.0.22621.608, time stamp: 0xf5fc15a3
Exception code: 0xc0000409
Fault offset: 0x000000000007f61e
Faulting process id: 0x0x6e4
Faulting application start time: 0x0x1d9f268a438309b
Faulting application path: C:\Program Files\WindowsApps\MicrosoftTeams_23231.411.2342.95 97_x64__8wekyb3d8bbwe\msteamsupdate.exe
Faulting module path: C:\windows\System32\ucrtbase.dll
Report Id: 6a5105f3-0279-4c93-9cbe-b1865eeedc6b
Faulting package full name: MicrosoftTeams_23231.411.2342.9597_x64__8wekyb3d8b bwe
Faulting package-relative application ID: msteamsupdate

Error: (09/28/2023 08:02:57 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.

Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {9891f386-f0d3-4d71-93f3-b53a2d933c83}

Error: (09/28/2023 03:48:16 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-THSFR3B)
Description: Faulting application name: msteamsupdate.exe, version: 23231.411.2342.9597, time stamp: 0x64ed3548
Faulting module name: ucrtbase.dll, version: 10.0.22621.608, time stamp: 0xf5fc15a3
Exception code: 0xc0000409
Fault offset: 0x000000000007f61e
Faulting process id: 0x0x3aa4
Faulting application start time: 0x0x1d9f244b92c827b
Faulting application path: C:\Program Files\WindowsApps\MicrosoftTeams_23231.411.2342.95 97_x64__8wekyb3d8bbwe\msteamsupdate.exe
Faulting module path: C:\windows\System32\ucrtbase.dll
Report Id: f9f4b1ba-453f-4992-b3f0-115b77c98fc3
Faulting package full name: MicrosoftTeams_23231.411.2342.9597_x64__8wekyb3d8b bwe
Faulting package-relative application ID: msteamsupdate

Error: (09/28/2023 03:44:07 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-THSFR3B)
Description: Faulting application name: msteamsupdate.exe, version: 23231.411.2342.9597, time stamp: 0x64ed3548
Faulting module name: ucrtbase.dll, version: 10.0.22621.608, time stamp: 0xf5fc15a3
Exception code: 0xc0000409
Fault offset: 0x000000000007f61e
Faulting process id: 0x0x1038
Faulting application start time: 0x0x1d9f24424fad9eb
Faulting application path: C:\Program Files\WindowsApps\MicrosoftTeams_23231.411.2342.95 97_x64__8wekyb3d8bbwe\msteamsupdate.exe
Faulting module path: C:\windows\System32\ucrtbase.dll
Report Id: daa620cf-a986-49b8-bf9c-1a9f78646087
Faulting package full name: MicrosoftTeams_23231.411.2342.9597_x64__8wekyb3d8b bwe
Faulting package-relative application ID: msteamsupdate

Error: (09/28/2023 09:53:49 AM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-THSFR3B)
Description: Faulting application name: msteamsupdate.exe, version: 23231.411.2342.9597, time stamp: 0x64ed3548
Faulting module name: ucrtbase.dll, version: 10.0.22621.608, time stamp: 0xf5fc15a3
Exception code: 0xc0000409
Fault offset: 0x000000000007f61e
Faulting process id: 0x0x2904
Faulting application start time: 0x0x1d9f21335407bcd
Faulting application path: C:\Program Files\WindowsApps\MicrosoftTeams_23231.411.2342.95 97_x64__8wekyb3d8bbwe\msteamsupdate.exe
Faulting module path: C:\windows\System32\ucrtbase.dll
Report Id: a25ad91f-a8ff-4c25-bab3-3e3146320a93
Faulting package full name: MicrosoftTeams_23231.411.2342.9597_x64__8wekyb3d8b bwe
Faulting package-relative application ID: msteamsupdate

Error: (09/28/2023 08:42:29 AM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-THSFR3B)
Description: Faulting application name: msteamsupdate.exe, version: 23231.411.2342.9597, time stamp: 0x64ed3548
Faulting module name: ucrtbase.dll, version: 10.0.22621.608, time stamp: 0xf5fc15a3
Exception code: 0xc0000409
Fault offset: 0x000000000007f61e
Faulting process id: 0x0x1160
Faulting application start time: 0x0x1d9f2093e18b148
Faulting application path: C:\Program Files\WindowsApps\MicrosoftTeams_23231.411.2342.95 97_x64__8wekyb3d8bbwe\msteamsupdate.exe
Faulting module path: C:\windows\System32\ucrtbase.dll
Report Id: 43f43466-cd52-4b54-8e87-3e7ba6abf15c
Faulting package full name: MicrosoftTeams_23231.411.2342.9597_x64__8wekyb3d8b bwe
Faulting package-relative application ID: msteamsupdate

Error: (09/28/2023 12:58:31 AM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-THSFR3B)
Description: Faulting application name: msteamsupdate.exe, version: 23231.411.2342.9597, time stamp: 0x64ed3548
Faulting module name: ucrtbase.dll, version: 10.0.22621.608, time stamp: 0xf5fc15a3
Exception code: 0xc0000409
Fault offset: 0x000000000007f61e
Faulting process id: 0x0x1034
Faulting application start time: 0x0x1d9f1c86ccc37a6
Faulting application path: C:\Program Files\WindowsApps\MicrosoftTeams_23231.411.2342.95 97_x64__8wekyb3d8bbwe\msteamsupdate.exe
Faulting module path: C:\windows\System32\ucrtbase.dll
Report Id: 2c65c7c2-39fc-4bea-b3f3-c12347a5a313
Faulting package full name: MicrosoftTeams_23231.411.2342.9597_x64__8wekyb3d8b bwe
Faulting package-relative application ID: msteamsupdate
[HEADING=1]System errors:[/HEADING]
Error: (09/29/2023 03:40:00 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-THSFR3B)
Description: The server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} did not register with DCOM within the required timeout.

Error: (09/28/2023 08:41:48 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9P4W8RFN9M2T-AD2F1837.HPSystemEventUtility.

Error: (09/28/2023 08:05:53 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-THSFR3B)
Description: The server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} did not register with DCOM within the required timeout.

Error: (09/28/2023 08:03:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (09/28/2023 08:03:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Microsoft Office Click-to-Run Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (09/28/2023 08:03:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Realtek Wireless Manager Service service terminated unexpectedly. It has done this 1 time(s).

Error: (09/28/2023 08:03:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Realtek Audio Universal Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (09/28/2023 08:03:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The ID19 HP Fan Control Service service terminated unexpectedly. It has done this 1 time(s).
[HEADING=1]Windows Defender:[/HEADING]
Date: 2023-09-27 09:48:29
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-09-26 09:54:04
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-09-25 11:06:46
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-09-24 11:11:01
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-09-22 10:14:53
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
[HEADING=1]CodeIntegrity:[/HEADING]
Date: 2023-09-28 10:07:45
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Win dows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-08-17 08:21:53
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Win dows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-07-24 17:18:02
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Win dows Defender\Platform\4.18.23050.9-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-07-18 23:31:14
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Win dows Defender\Platform\4.18.23050.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

BIOS: AMI F.11 10/06/2022
Motherboard: HP 8AB6
Processor: AMD Ryzen 5 5600G with Radeon Graphics
Percentage of memory in use: 57%
Total physical RAM: 11615.19 MB
Available physical RAM: 4952.93 MB
Total Virtual: 12383.19 MB
Available Virtual: 3581.28 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:476.05 GB) (Free:415.94 GB) (Model: SAMSUNG MZVL4512HBLU-00BH1) NTFS

\?\Volume{0189727b-5fb9-416f-87e0-cd7069b78390}\ (Windows RE tools) (Fixed) (Total:0.61 GB) (Free:0.06 GB) NTFS
\?\Volume{8cb4b623-db8e-4600-a089-95690f1f30b2}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.18 GB) FAT32

==================== MBR & Partition Table ====================

================================================== ========
Disk: 0 (Size: 476.9 GB) (Disk ID: B551485D)

Partition: GPT.

==================== End of Addition.txt =======================

**jxdama** · 09-29-2023, 08:33 AM

I think i have too many folders now. here is a screenshot

[ATTACH type=“full”]12728[/ATTACH]

From my thread about Microsoft being locked up

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment