Sometimes, after I come back online after the sleep function, I notice my curser moving around by itself and I can't get control of it for up to a minute or so. Am I being hacked.
thx,
dOc
Below are my FRST.txt and ADDITION.txt, in that order.
thx,
dOc
Below are my FRST.txt and ADDITION.txt, in that order.
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-12-2022
Ran by justc (administrator) on DESKTOP-BA7INRJ (Dell Inc. Inspiron 24-3455) (01-01-2023 14:47:53)
Running from C:\Users\justc\Downloads
Loaded Profiles: justc
Platform: Microsoft Windows 10 Home Version 22H2 19045.2364 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
(C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPUF.exe
(C:\Program Files\Bitdefender Agent\ProductAgentService.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\26.0.1.233\DiscoverySrv.exe
(C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.UserSessionAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\DCF\Dell.DCF.UA.Bradbury.API.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DataManagerSubAgent\Dell.TechHub.DataManager.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DiagnosticsSubAgent\Dell.TechHub.Diagnostics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <19>
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <4>
(C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy.exe
(C:\Users\justc\AppData\Local\Programs\Messenger\Messenger.exe ->) (Facebook, Inc. -> ) C:\Users\justc\AppData\Local\Programs\Messenger\CrashpadHandlerWindows.exe
(cmd.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudPasswordsExtensionHelper.exe
(cmd.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
(DriverStore\FileRepository\c0382934.inf_amd64_2ed1b7932d1f78d4\B381983\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0382934.inf_amd64_2ed1b7932d1f78d4\B381983\atieclxx.exe
(explorer.exe ->) (Facebook, Inc. -> Meta Platforms, Inc.) C:\Users\justc\AppData\Local\Programs\Messenger\Messenger.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0382934.inf_amd64_2ed1b7932d1f78d4\B381983\atiesrxx.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (Dell Inc -> Dell) C:\Program Files\Dell\TechHub\Dell.TechHub.exe
(services.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Remote Desktop\108.0.5359.16\remoting_host.exe <2>
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\DriverStore\FileRepository\bluetoothmousethemenotificationdriver.inf_amd64_2e0b64a02f0c9539\BluetoothMouseThemeNotificationService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(svchost.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\secd.exe
(svchost.exe ->) (Ivan Chupin) [File not signed] C:\Program Files (x86)\SMARTHDD\SMARTHDD.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.11281.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.11281.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9226752 2017-05-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-05-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-05-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [723928 2017-01-26] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [206240 2010-08-23] (Canon Inc. -> CANON INC.)
HKLM-x32\...\RunOnce: [ccleaner_update_helper] => C:\Program Files\CCleaner\ccleaner_update_helper.exe [711504 2022-12-22] (PIRIFORM SOFTWARE LIMITED -> Piriform)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-620754403-3632115308-3318375796-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2626448 2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-620754403-3632115308-3318375796-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38916432 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-620754403-3632115308-3318375796-1001\...\Run: [BingWallpaperApp] => C:\Users\justc\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe [13998496 2022-06-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-620754403-3632115308-3318375796-1001\...\MountPoints2: {f4333b36-6ee7-11ec-8e3d-b083feb8df2f} - "D:\VZW_Software_upgrade_assistant.exe"
HKU\S-1-5-21-620754403-3632115308-3318375796-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [809472 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MX340 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDA5.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MX340 series: C:\Windows\system32\CNMLMA5.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [359936 2012-06-14] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\Canon MP FAX Language Monitor MX340 series: C:\Windows\system32\CNCF2Lk.DLL [343552 2009-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Canon Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\108.0.5359.125\Installer\chrmstp.exe [2022-12-16] (Google LLC -> Google LLC)
Startup: C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2022-08-15]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A36F00F-364A-4E37-BB7D-544E03ED2E29} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\FrameworkAgents\SupportAssistInstaller.exe [664928 2022-11-29] (Dell Inc -> Dell Inc.)
Task: {0B9C387E-3A01-4DB8-B2A9-C6F7351A1E10} - System32\Tasks\AMDInstallUEP => C:\Program Files\AMD\InstallUEP\AMDInstallUEP.exe [2356736 2022-07-15] () [File not signed]
Task: {0E28F604-DEFF-41D7-BCA0-65A5E8845127} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2434424 2020-09-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {14A5FAE3-1F89-4320-8353-6F600B169A67} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1708512 2022-08-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {19400D27-39FC-4818-A998-1B8B9C108AA0} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1708512 2022-08-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {2FCB3D62-A3D1-40EF-97E7-DB51C6CA653F} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [57312 2022-08-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {378353B2-5422-44FB-A685-DCE282F8290C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26308584 2022-12-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {37F548AC-2049-48A6-9117-86FC96FCF838} - System32\Tasks\CCleanerSkipUAC - justc => C:\Program Files\CCleaner\CCleaner.exe [32602448 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {3FA25305-CBC7-4BF5-83BA-51DBF9D20DE4} - System32\Tasks\Apple Diagnostics => C:\Users\justc\AppData\Local\Microsoft\WindowsApps\eReporter-AppX.exe [0 2022-12-14] () [simlink -> ]
Task: {569051FA-09D8-4618-BBCA-DBD04B26DFE8} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1910136 2020-09-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {62D46A31-4C44-47E1-A1EC-35341F5DCF4F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144344 2022-12-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {74996FA3-37D0-4FCC-83C8-F6E8BAC7FDA7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-12-29] (Google LLC -> Google LLC)
Task: {76EC075C-1ED9-4EC0-92A7-7C19606F01B8} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [57312 2022-08-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {80D62C29-1659-4604-915A-6D19277CA511} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [146816 2022-12-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {8264CA3B-37D3-4735-9ACB-27C556FE4270} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2311528 2020-09-28] (Microsoft Corporation -> Microsoft)
Task: {86C89E62-171A-41CA-890F-2DB23E0F9E63} - System32\Tasks\EdgeRover\justc_EdgeRoverDASHelper => C:\Program Files\EdgeRover\resources\app.asar.unpacked\resources\EdgeRoverDASHelper.exe (No File)
Task: {95D136A8-C410-4B8C-8DC7-175A0045EB58} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "6e8a91e0-bbde-4008-93f3-4725c6261b2f" --version "6.07.10191" --silent
Task: {977B65AE-59B9-4296-8AC2-E5B2A66C94F0} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {A7C67B71-13E9-4439-BAC5-86AA65BF4399} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1910136 2020-09-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {A8EE9FBA-B731-42D0-A484-6AB4657462A0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-12-29] (Google LLC -> Google LLC)
Task: {AAE2544C-8EB8-43C7-BF9F-CAA76CBB46C0} - System32\Tasks\Meta\Messenger-SL-Helper-S-1-5-21-620754403-3632115308-3318375796-1001 => C:\Users\justc\AppData\Local\Programs\Messenger\MessengerHelper.exe [2149112 2022-12-19] (Facebook, Inc. -> Meta Platforms, Inc.)
Task: {ACA4DB21-E812-4B21-8583-F12E97B0E7A7} - System32\Tasks\Microsoft\Windows\PLA\RPT2C74.tmp => {FF679DA1-8FF2-4474-9C9E-52BBD409B557} C:\Windows\system32\pla.dll [1493504 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {ADFCB2AC-F96A-44C4-AB70-7CFC0C8D1809} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144344 2022-12-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {AF8B8EC9-7512-415B-9848-E30C90070F0D} - System32\Tasks\EdgeRover\justc_EdgeRoverService => C:\Program Files\EdgeRover\resources\app.asar.unpacked\resources\service\EdgeRoverService.exe (No File)
Task: {B67B9C2E-FC33-4B60-818A-8D3671A03EA7} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2434424 2020-09-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {C16D848C-CC07-499F-AF01-1AFDC71F7C4E} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [32624 2020-09-28] (Microsoft Corporation -> Microsoft)
Task: {C33038FF-ED76-4262-B4E0-64D7BD40A6B2} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1708512 2022-08-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {CB90D3C6-17C2-41C6-8D88-3072C2BCFEF1} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\26.0.1.233\WatchDog.exe [1053264 2022-07-25] (Bitdefender SRL -> Bitdefender)
Task: {D800C41A-999E-4A4F-A493-EB7E3D7AAC32} - System32\Tasks\SMARTHDD => C:\Program Files (x86)\SMARTHDD\SMARTHDD.exe [255488 2022-08-21] (Ivan Chupin) [File not signed]
Task: {E049A253-E39A-47C3-9399-6CFA0FD24B6C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-12-09] (Piriform Software Ltd -> Piriform)
Task: {E684ABC8-969B-42B6-AF17-54FF38F8AD11} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-620754403-3632115308-3318375796-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {F297A496-B815-48B3-A2C7-E87DDFCA431E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26308584 2022-12-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {F7E1E5C1-9460-49D1-A753-BAF3814DAC16} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\RadeonInstaller.exe [36000736 ] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {FDC1D03B-9A3F-461E-8D72-72D818D9E46F} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [263136 2022-08-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 206.225.75.225 206.225.75.226
Tcpip\..\Interfaces\{5f2dcd83-1228-47c9-9397-0c46375e6e80}: [DhcpNameServer] 206.225.75.225 206.225.75.226
Tcpip\..\Interfaces\{cdf983bd-e84a-4b67-84b6-7ae8058e3ee0}: [DhcpNameServer] 206.225.75.225 206.225.75.226
HKLM\System\...\Parameters\PersistentRoutes: [169.254.0.0,255.255.0.0,192.168.1.125,1]
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-01]
Edge Notifications: Default -> hxxps://greattypecaptcha.top; hxxps://mail.google.com; hxxps://pchelpforum.net; hxxps://www.bing.com; hxxps://www.paramountplus.com
Edge HomePage: Default -> hxxps://besthomepageever.com/
Edge StartupUrls: Default -> "hxxps://www.foxnews.com/","hxxps://besthomepageever.com/"
Edge DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
Edge DefaultSearchKeyword: Default -> duckduckgo.com
Edge DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
Edge Extension: (DuckDuckGo) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caoacbimdbbljakfhgikoodekdnlcgpk [2022-12-29]
Edge Extension: (Grammarly: Grammar Checker and Writing App) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cnlefmmeadmemmdciolhbnfeacpdfbkd [2022-11-13]
Edge Extension: (Live Street View) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dcdhcaiphjchoklnfjafghlgahifnmma [2022-10-11]
Edge Extension: (Avira Password Manager) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2022-09-18]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-12-15]
Edge Extension: (Chrome Remote Desktop) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2022-12-15]
Edge Extension: (Norton Password Manager) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lcccdlklhahfmobgpnilndimkankpnkg [2022-11-29]
Edge Extension: (iCloud Passwords) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mfbcdcnpokpoajjciilocoachedjkima [2022-11-13]
Edge Extension: (AVG Online Security) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nbmoafcmbajniiapeidgficgifbfmjfo [2021-12-31]
Edge Extension: (iCloud Passwords) - C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pejdijmoenmkgeppbflobdenhhabjlaj [2022-11-13]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default [2023-01-01]
CHR Notifications: Default -> hxxps://twitter.com; hxxps://www.facebook.com
CHR HomePage: Default -> hxxps://besthomepageever.com/
CHR StartupUrls: Default -> "hxxps://www.foxnews.com/","hxxps://besthomepageever.com/"
CHR NewTab: Default -> Active:"chrome-extension://omdkehkdnojcndhhilglklegbakenkgb/newTab.html", Not-active:"chrome-extension://amlielhlgedcjnbkilihjhoheammcbgm/dist/index.html"
CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?q={searchTerms}&PC=U316&FORM=CHROMN
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultNewTabURL: Default -> hxxps://www.bing.com/chrome/newtab
CHR DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?query={searchTerms}&language={language}&PC=U316
CHR Extension: (Norton Password Manager) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\admmjipmmciaobhojoghlmleefbicajg [2022-11-22]
CHR Extension: (Best Free Maps) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\amlielhlgedcjnbkilihjhoheammcbgm [2022-04-10]
CHR Extension: (DuckDuckGo) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2022-12-31]
CHR Extension: (Live Street View) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcdhcaiphjchoklnfjafghlgahifnmma [2022-04-09]
CHR Extension: (Google Docs Offline) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-03]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-12-15]
CHR Extension: (Chrome Remote Desktop) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2022-12-08]
CHR Extension: (Grammarly: Grammar Checker and Writing App) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2022-12-20]
CHR Extension: (Sea Foam) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lahipjfggmgneaopcckkaipmoandaboo [2021-12-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-29]
CHR Extension: (Best Homepage Ever - New Tab Quick Launch) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\omdkehkdnojcndhhilglklegbakenkgb [2022-11-04]
CHR Extension: (iCloud Passwords) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pejdijmoenmkgeppbflobdenhhabjlaj [2022-11-10]
CHR Profile: C:\Users\justc\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-10-09]
CHR Profile: C:\Users\justc\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-10-09]
CHR Extension: (Slides) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-04-08]
CHR Extension: (Docs) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2022-04-08]
CHR Extension: (Google Drive) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-04-08]
CHR Extension: (YouTube) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-04-08]
CHR Extension: (Sheets) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-04-08]
CHR Extension: (Google Docs Offline) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-08]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-04-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-08]
CHR Extension: (Gmail) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-04-08]
CHR Profile: C:\Users\justc\AppData\Local\Google\Chrome\User Data\Profile 2 [2022-10-09]
CHR Extension: (Avira Password Manager) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2022-10-03]
CHR Extension: (Avira Safe Shopping) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2022-10-03]
CHR Extension: (Avira Browser Safety) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2022-10-03]
CHR Extension: (Google Docs Offline) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-10-02]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-10-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\justc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-10-02]
CHR Profile: C:\Users\justc\AppData\Local\Google\Chrome\User Data\System Profile [2022-10-09]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AUEPLauncher; C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPLauncher.exe [55264 ] (Advanced Micro Devices Inc. -> AMD)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [2454632 2022-02-10] (Bitdefender SRL -> Bitdefender)
R2 BluetoothMouseThemeNotificationService; C:\Windows\System32\DriverStore\FileRepository\bluetoothmousethemenotificationdriver.inf_amd64_2e0b64a02f0c9539\BluetoothMouseThemeNotificationService.exe [1071432 2021-10-24] (Microsoft Corporation -> Microsoft Corporation)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1003344 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\108.0.5359.16\remoting_host.exe [74520 2022-10-23] (Google LLC -> Google LLC)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12540928 2022-12-13] (Microsoft Corporation -> Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [458960 2022-09-22] (Dell Inc -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [161488 2022-09-22] (Dell Inc -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [484560 2022-09-22] (Dell Inc -> Dell Technologies Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [47320 2022-11-18] (Dell Inc -> )
R2 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [156064 2022-08-15] (Dell Inc -> Dell)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncHelper.exe [3478928 2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8892256 2022-12-25] (Malwarebytes Inc. -> Malwarebytes)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.238.1114.0002\OneDriveUpdaterService.exe [3845008 2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [789072 2022-07-25] (Bitdefender SRL -> Bitdefender)
S3 ss_conn_launcher_service; C:\Windows\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2021-06-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2021-06-23] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [160096 2022-11-29] (Dell Inc -> Dell Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AMDSAFD; C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_8e2568524f674315\amdsafd.sys [100768 2021-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R3 DBUtilDrv2; C:\Windows\System32\drivers\DBUtilDrv2.sys [24968 2022-12-30] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
R3 DellInstrumentation; C:\Windows\System32\drivers\DellInstrumentation.sys [37808 2022-05-19] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2022-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2022-12-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-10-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [197088 2022-12-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [76216 2022-12-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2022-10-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [181816 2022-12-25] (Malwarebytes Inc. -> Malwarebytes)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49568 2022-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [473376 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
U1 avgbdisk; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-01-01 14:47 - 2023-01-01 14:47 - 002376192 _____ (Farbar) C:\Users\justc\Downloads\Unconfirmed 619325.crdownload
2023-01-01 14:36 - 2023-01-01 14:40 - 000050554 _____ C:\Users\justc\Downloads\Addition.txt
2023-01-01 14:34 - 2023-01-01 14:49 - 000036404 _____ C:\Users\justc\Downloads\FRST.txt
2023-01-01 14:33 - 2023-01-01 14:48 - 000000000 ____D C:\FRST
2023-01-01 14:32 - 2023-01-01 14:33 - 002376192 _____ (Farbar) C:\Users\justc\Downloads\FRST64.exe
2023-01-01 11:04 - 2023-01-01 11:04 - 000003126 _____ C:\Windows\system32\Tasks\AMDInstallLauncher
2023-01-01 11:04 - 2023-01-01 11:04 - 000003078 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2022-12-30 11:28 - 2022-12-30 11:28 - 000001095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iSnooker.lnk
2022-12-30 11:26 - 2022-12-30 11:27 - 029611448 _____ (Stratician ) C:\Users\justc\Downloads\setup2512.exe
2022-12-29 13:51 - 2022-12-29 13:51 - 000000189 _____ C:\Users\justc\Downloads\key (5).htm
2022-12-27 11:55 - 2022-12-27 11:55 - 000127226 _____ C:\Users\justc\Desktop\101169-large-551297.webp
2022-12-27 11:10 - 2022-12-27 11:10 - 000110104 _____ C:\Users\justc\Desktop\January 2023 woohooo.JPEG
2022-12-26 14:18 - 2022-12-26 14:18 - 000000017 _____ C:\Users\justc\Downloads\user_prefs
2022-12-26 13:32 - 2022-12-26 13:32 - 000000039 _____ C:\Users\justc\Downloads\key (4).htm
2022-12-26 13:30 - 2022-12-26 13:30 - 000000022 _____ C:\Users\justc\Downloads\key (3).htm
2022-12-26 13:27 - 2022-12-26 13:27 - 000000022 _____ C:\Users\justc\Downloads\key (2).htm
2022-12-26 13:21 - 2022-12-26 13:21 - 000000189 _____ C:\Users\justc\Downloads\key (1).htm
2022-12-25 11:37 - 2022-12-25 11:37 - 000181816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2022-12-25 11:35 - 2022-12-25 11:35 - 000003522 _____ C:\Windows\system32\Tasks\AMDInstallUEP
2022-12-23 23:12 - 2022-12-23 23:12 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-12-23 23:12 - 2022-12-23 23:12 - 000003474 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2022-12-23 23:12 - 2022-12-23 23:12 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2022-12-23 16:29 - 2022-12-23 16:29 - 000007650 _____ C:\Users\justc\Desktop\INV_837247803_200279486_202212230536.pdf
2022-12-20 18:18 - 2022-12-20 18:18 - 000440792 _____ C:\Windows\system32\FNTCACHE.DAT
2022-12-18 13:03 - 2022-12-18 13:03 - 000000000 _____ C:\Users\justc\Downloads\trash_restore
2022-12-18 11:54 - 2022-12-18 11:54 - 002014932 _____ C:\Users\justc\Downloads\Vachement bien fait1.MP4
2022-12-17 12:52 - 2022-12-17 12:52 - 000329338 _____ C:\Users\justc\Desktop\December.JPEG
2022-12-17 12:27 - 2022-12-17 12:27 - 000001353 _____ C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2022-12-15 14:08 - 2022-12-15 14:08 - 000002236 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dashboard.lnk
2022-12-15 14:08 - 2022-12-15 14:08 - 000002224 _____ C:\Users\justc\Desktop\Dashboard.lnk
2022-12-14 16:40 - 2022-12-14 16:40 - 000000000 ___HD C:\$WinREAgent
2022-12-14 15:46 - 2022-12-14 15:46 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-12-14 15:46 - 2022-12-14 15:46 - 000002092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-12-03 17:43 - 2022-12-03 17:43 - 008601453 _____ C:\Users\justc\Downloads\10000000_5654869931296466_1581435753157793963_n.mp4
2022-12-02 12:48 - 2022-12-02 12:49 - 000000000 ___HD C:\Windows\msdownld.tmp
2022-12-02 12:47 - 2022-12-02 12:50 - 000000000 ____D C:\Windows\SysWOW64\directx
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-01-01 14:40 - 2019-12-07 04:13 - 000000000 ____D C:\Windows\INF
2023-01-01 14:38 - 2022-01-09 17:45 - 000000000 ____D C:\Users\justc\Documents\Outlook Files
2023-01-01 14:33 - 2021-12-31 20:03 - 000000000 ____D C:\Users\justc\AppData\Roaming\Messenger
2023-01-01 14:25 - 2021-12-31 20:03 - 000000000 ____D C:\Users\justc\AppData\Local\Messenger
2023-01-01 14:21 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-01-01 14:13 - 2021-12-29 20:27 - 000000000 ____D C:\Program Files (x86)\Google
2023-01-01 11:39 - 2022-01-06 14:36 - 000000000 ____D C:\Users\justc\AppData\LocalLow\IGDump
2023-01-01 11:13 - 2021-12-31 08:10 - 000000000 ____D C:\Program Files\CCleaner
2023-01-01 11:03 - 2021-12-29 22:22 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-12-31 15:42 - 2022-01-14 11:32 - 000000000 ____D C:\Users\justc\AppData\Local\AMD_Common
2022-12-30 17:49 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\AppReadiness
2022-12-30 17:37 - 2021-12-29 19:46 - 000000000 ____D C:\Users\justc\AppData\Local\PlaceholderTileLogoFolder
2022-12-30 17:34 - 2021-12-29 19:37 - 000000000 ____D C:\Users\justc\AppData\Local\Packages
2022-12-30 17:34 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-12-30 14:35 - 2021-12-29 22:22 - 000000000 ____D C:\Users\justc\Desktop\Pool.Snooker
2022-12-30 13:32 - 2021-12-29 22:21 - 000002372 ____H C:\Users\justc\Documents\Default.rdp
2022-12-30 12:33 - 2022-01-29 16:39 - 000000000 ____D C:\Users\justc\AppData\Local\CrashDumps
2022-12-25 11:35 - 2022-11-27 11:11 - 000000021 _____ C:\Windows\system32\qsetup.txt
2022-12-22 08:38 - 2021-12-29 19:37 - 000000000 ____D C:\Users\justc\AppData\Local\D3DSCache
2022-12-20 18:23 - 2021-12-29 19:32 - 000795738 _____ C:\Windows\system32\PerfStringBackup.INI
2022-12-20 18:18 - 2022-09-17 20:42 - 000008192 ___SH C:\DumpStack.log.tmp
2022-12-20 18:18 - 2021-12-29 22:23 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-12-20 18:18 - 2021-12-29 22:22 - 000000000 ____D C:\Windows\Panther
2022-12-20 18:17 - 2019-12-07 04:03 - 000524288 _____ C:\Windows\system32\config\BBI
2022-12-20 18:16 - 2021-12-29 19:35 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2022-12-17 12:27 - 2022-11-03 12:16 - 000000000 ____D C:\Users\justc\AppData\Local\PCHealthCheck
2022-12-17 12:23 - 2021-12-29 22:23 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-12-16 12:10 - 2021-12-29 20:28 - 000002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-12-15 14:05 - 2022-01-13 19:19 - 000000000 ____D C:\ProgramData\Package Cache
2022-12-15 14:05 - 2022-01-13 19:19 - 000000000 ____D C:\Program Files (x86)\Western Digital
2022-12-15 04:04 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\bcastdvr
2022-12-15 04:04 - 2019-12-07 04:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-12-14 16:59 - 2019-12-07 04:03 - 000000000 ____D C:\Windows\CbsTemp
2022-12-14 16:36 - 2022-01-09 13:15 - 000000000 ____D C:\Program Files\Microsoft Office
2022-12-14 16:34 - 2022-01-10 21:11 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-12-14 16:33 - 2019-12-07 04:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2022-12-14 15:51 - 2021-12-29 21:51 - 000000000 ____D C:\Windows\system32\MRT
2022-12-14 15:46 - 2021-12-30 19:25 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-620754403-3632115308-3318375796-1001
2022-12-14 15:42 - 2021-12-29 21:50 - 148633544 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-12-09 09:07 - 2021-12-29 22:23 - 000000000 ____D C:\Windows\system32\Drivers\wd
2022-12-05 12:51 - 2022-08-12 08:26 - 000000000 ____D C:\ProgramData\Dell
2022-12-04 14:03 - 2021-12-29 21:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iPool
2022-12-04 14:03 - 2021-12-29 21:23 - 000000000 ____D C:\Program Files (x86)\iPool
2022-12-03 04:46 - 2019-12-07 04:14 - 000000000 ___SD C:\Windows\system32\UNP
2022-12-03 04:46 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2022-12-03 04:46 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2022-12-03 04:46 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2022-12-03 04:46 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2022-12-03 04:46 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2022-12-03 04:46 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-12-03 04:46 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SystemResources
2022-12-03 04:46 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SystemApps
2022-12-03 04:46 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2022-12-03 04:46 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\lv-LV
2022-12-03 04:46 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\lt-LT
2022-12-03 04:46 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\et-EE
2022-12-03 04:46 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\es-MX
2022-12-03 04:46 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\Dism
2022-12-03 04:46 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\Provisioning
2022-12-02 13:26 - 2021-12-29 22:25 - 003014656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
==================== Files in the root of some directories ========
2022-08-02 18:09 - 2022-08-02 18:09 - 000000128 _____ () C:\Users\justc\AppData\Local\PUTTY.RND
2022-01-16 10:20 - 2022-01-16 10:20 - 000000017 _____ () C:\Users\justc\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-12-2022
Ran by justc (01-01-2023 14:50:50)
Running from C:\Users\justc\Downloads
Microsoft Windows 10 Home Version 22H2 19045.2364 (X64) (2021-12-30 03:26:27)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-620754403-3632115308-3318375796-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-620754403-3632115308-3318375796-503 - Limited - Disabled)
Guest (S-1-5-21-620754403-3632115308-3318375796-501 - Limited - Disabled)
justc (S-1-5-21-620754403-3632115308-3318375796-1001 - Administrator - Enabled) => C:\Users\justc
WDAGUtilityAccount (S-1-5-21-620754403-3632115308-3318375796-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 4.06.10.651 - Advanced Micro Devices, Inc.)
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.19.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 22.6.1 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{c63a1907-428b-458b-935e-e61aad4aac6e}) (Version: 4.06.10.651 - Advanced Micro Devices, Inc.) Hidden
AVG Update Helper (HKLM-x32\...\{EDB7AEE7-E932-4836-AE50-D3B0B7766CB5}) (Version: 1.8.1188.1 - AVG Technologies) Hidden
Bing Wallpaper (HKLM-x32\...\{99B0DEA2-5306-4BCB-B918-5E945747F7F9}) (Version: 1.0.9.9 - Microsoft Corporation)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 26.0.1.233 - Bitdefender)
Branding64 (HKLM\...\{0DB6E0DC-607A-42C1-A3CE-7567A9F85AF4}) (Version: 1.00.0008 - Advanced Micro Devices, Inc.) Hidden
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MP Navigator EX 3.1 (HKLM-x32\...\MP Navigator EX 3.1) (Version: - )
Canon MX340 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series) (Version: - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.07 - Piriform)
Chrome Remote Desktop (HKU\S-1-5-21-620754403-3632115308-3318375796-1001\...\a5b77247be259ab1079f41093182062e) (Version: 1.0 - Google\Chrome)
Chrome Remote Desktop Host (HKLM-x32\...\{2DE3AD95-4E56-49E6-ADA5-30D9D0666F5E}) (Version: 108.0.5359.16 - Google LLC)
Core FTP LE (x64) (HKLM-x32\...\CoreFTP(x64)) (Version: - )
Dashboard (HKLM-x32\...\Western Digital SSD Dashboard) (Version: 3.7.2.5 - Western Digital Corporation)
Dell SupportAssist (HKLM\...\{B5DCDCBD-BBB3-4A09-A496-E2FB05EC56CE}) (Version: 3.13.0.236 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{5B678BC6-D551-458B-893D-B442B21ECD21}) (Version: 5.5.4.16189 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{dc44ee3f-d6c1-444d-a660-b0f1ac90b51d}) (Version: 5.5.4.16189 - Dell Inc.)
ENE_QSI_Loki_HAL (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.3.0 - ENE TECHNOLOGY INC.) Hidden
ENE_QSI_Loki_HAL (HKLM-x32\...\{205ef3a8-937b-43cb-90fc-2f58f71408d8}) (Version: 1.0.3.0 - ENE TECHNOLOGY INC.) Hidden
Flash Snooker Game version 1.7.96.50 (HKLM-x32\...\{B843DD61-F881-4C94-B013-51D04B1B1333}_is1) (Version: 1.7.96.50 - Brandon Phillips)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 108.0.5359.125 - Google LLC)
Grammarly for Microsoft® Office Suite (HKLM\...\{D55C414A-684A-4B84-A003-C248B40FD7C6}) (Version: 6.8.263 - Grammarly) Hidden
Grammarly for Microsoft® Office Suite (HKU\S-1-5-21-620754403-3632115308-3318375796-1001\...\{54da24a3-a032-400b-8762-669a8bf92df5}) (Version: 6.8.263 - Grammarly)
iCloud Outlook (HKLM\...\{F054257C-600A-4918-B730-F6829E491781}) (Version: 13.0.0.201 - Apple Inc.)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000150-0220-1033-84C8-B8D95FA3C8C3}) (Version: 22.150.0.6 - Intel Corporation)
iPool version 2.3.0201 (HKLM-x32\...\ipool_memir_is1) (Version: 2.3.0201 - Stratician)
iSnooker version 2.5.12 (01) (HKLM-x32\...\{BE5FCCBF-5CBB-487E-AC94-882028E1448C}_is1) (Version: 2.5.12 (01) - Stratician)
Malwarebytes version 4.5.19.229 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.19.229 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.9060.3 - Waves Audio Ltd.) Hidden
Messenger (HKU\S-1-5-21-620754403-3632115308-3318375796-1001\...\c1b3adcf-2068-5e8d-b25d-30ce588e3a4c) (Version: 172.0.430522017 - Facebook, Inc.)
Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.9 (x64) (HKLM\...\{C30ABA3F-32C0-43D1-B3B8-9AEFD58A15D9}) (Version: 48.39.47157 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.9 (x64) (HKLM\...\{FD10B803-97FD-4867-9753-8784BC35D2F8}) (Version: 48.39.47157 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM-x32\...\{a699b48e-5748-4980-ad92-0b61b1d9d718}) (Version: 5.0.17.31213 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.9 (x64) (HKLM\...\{0B4F742D-2D47-4E95-B756-402822D31C48}) (Version: 48.39.47157 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.9 (x64) (HKLM-x32\...\{67950e91-8f8f-4d75-9252-7cca68ccdacc}) (Version: 6.0.9.31619 - Microsoft Corporation)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.15831.20208 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 108.0.1462.54 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 108.0.1462.54 - Microsoft Corporation)
Microsoft Expression Web 4 (HKLM-x32\...\{5F8D931D-B230-47F3-A9C0-0C8CA459A332}) (Version: 4.0.1460.0 - Microsoft Corporation) Hidden
Microsoft Expression Web 4 (HKLM-x32\...\Web_4.0.1460.0) (Version: 4.0.1460.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 13.221.137.0 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.238.1114.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{80F1AF52-7AC0-42A3-9AF0-689BFB271D1D}) (Version: 3.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29325 (HKLM-x32\...\{d7a6435f-ac9a-4af6-8fdc-ca130d13fac9}) (Version: 14.28.29325.2 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.25.28508 (HKLM\...\{7D0B74C2-C3F8-4AF1-940F-CD79AB4B2DCE}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.25.28508 (HKLM\...\{EEA66967-97E2-4561-A999-5C22E3CDE428}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29325 (HKLM-x32\...\{B40FC85D-2B12-46E0-B950-E5B27E348793}) (Version: 14.28.29325 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29325 (HKLM-x32\...\{EE2E15BB-54C8-4DB0-B1F3-026E3C166991}) (Version: 14.28.29325 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15831.20184 - Microsoft Corporation) Hidden
Qualcomm WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1015.1016.1016.210323 - REALTEK Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8142 - Realtek Semiconductor Corp.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.46.0 - Samsung Electronics Co., Ltd.)
SMARTHDD (HKLM-x32\...\SMARTHDD) (Version: 7.4.0.9873 - Ivan Chupin)
SnookerQ version 0.1.666 (HKLM-x32\...\{45190E74-5CE1-4CF3-9F65-D73F7E69F658}_is1) (Version: 0.1.666 - SnookerQ Inc.)
SUABnR (HKLM-x32\...\{2485354C-6B65-4978-BB91-CCE61442377B}) (Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.) Hidden
SUABnR (HKLM-x32\...\InstallShield_{2485354C-6B65-4978-BB91-CCE61442377B}) (Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.)
WD P40 Game Drive (HKLM\...\{EE55DBAE-ECDD-4ADD-AAB5-23DE848B0996}) (Version: 1.0.2.14 - Western Digital Corporation) Hidden
WD P40 Game Drive (HKLM-x32\...\{3014bd63-c388-4f5c-8fb5-d45d99b75f0e}) (Version: 1.0.2.14 - Western Digital Corporation) Hidden
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Windows PC Health Check (HKLM\...\{804A0628-543B-4984-896C-F58BF6A54832}) (Version: 3.7.2204.15001 - Microsoft Corporation)
Packages:
=========
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2022-10-24] (Canon Inc.)
Canon Office Printer Utility -> C:\Program Files\WindowsApps\34791E63.CanonOfficePrinterUtility_12.7.0.0_x64__6e5tt8cgb93ep [2022-10-24] (Canon Inc.)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.13.5.0_x64__htrsf667h5kn2 [2022-12-01] (Dell Inc)
Discus Fish Aquarium -> C:\Program Files\WindowsApps\29889GeliosSoftware.DiscusFishAquarium_1.2.1.0_x64__d2p0bq4t3had4 [2022-12-30] (Gelios Software)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.44.2.0_x64__6rarf9sa4v8jt [2022-12-20] (Disney)
iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa [2022-12-14] (Apple Inc.) [Startup Task]
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.3000.0_x64__8wekyb3d8bbwe [2022-10-24] (Microsoft Corporation)
Neat Office -> C:\Program Files\WindowsApps\15191PeakPlayer.NeatOffice_3.4.2.0_x86__y5c4dfz5b21fm [2022-10-24] (Any DVD & Office App)
Paramount+ -> C:\Program Files\WindowsApps\2BDFC20A.CBS_1.0.1.0_neutral__bd059sf7kn2rm [2022-10-24] (CBS Interactive Inc.)
PC Manager S Mode -> C:\Program Files\WindowsApps\5982pcswpddeveloper.16028E6FE3875_13.0.2.0_x64__k2w57m4nm2t5j [2022-10-24] (pcswpddeveloper)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-10-24] (Microsoft Corporation)
Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.120.0_x64__pwbj9vvecjh7j [2022-12-14] (Amazon Development Centre (London) Ltd)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-08] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0 [2022-12-08] (Spotify AB) [Startup Task]
VPN Unlimited - Secure & Private Internet Connection for Anonymous Web Surfing -> C:\Program Files\WindowsApps\89E2DF08.VPNUnlimited-SecurePrivateInternetConnect_9.0.11.0_x64__6bkczb78q4msy [2022-12-24] (KeepSolid Inc.) [Startup Task]
Warm Winter Nights -> C:\Program Files\WindowsApps\Microsoft.WarmWinterNights_1.0.0.0_neutral__8wekyb3d8bbwe [2022-12-30] (Microsoft Corporation)
WiFi Analyzer -> C:\Program Files\WindowsApps\19965MATTHAFNER.WIFIANALYZER_2.6.1.0_x64__gs5k5vmxr2ste [2022-10-24] (Matt Hafner)
WindowsAppRuntime.1.1 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.1_1005.616.1651.0_x64__8wekyb3d8bbwe [2022-11-08] (Microsoft Corporation)
WindowsAppRuntime.1.1 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.1_1005.616.1651.0_x86__8wekyb3d8bbwe [2022-11-08] (Microsoft Corporation)
Word Mobile -> C:\Program Files\WindowsApps\Microsoft.Office.Word_16001.14326.21248.0_x64__8wekyb3d8bbwe [2022-12-13] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-620754403-3632115308-3318375796-1001_Classes\CLSID\{2AD206F1-152C-4F9D-A24E-6F93FE7A4AFC}\InprocServer32 -> C:\Users\justc\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.8.263\80F4D9F740\GrammarlyShim64.dll (Grammarly, Inc. -> CompanyName)
CustomCLSID: HKU\S-1-5-21-620754403-3632115308-3318375796-1001_Classes\CLSID\{4BE56754-B616-4998-B825-D16983AEE1B2}\InprocServer32 -> C:\Users\justc\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.8.263\80F4D9F740\Grammarly.AddIn.Connect.ActiveX.dll (Grammarly, Inc. -> Grammarly)
CustomCLSID: HKU\S-1-5-21-620754403-3632115308-3318375796-1001_Classes\CLSID\{4ECB6B49-DFEA-49B5-851F-5DDF43D402C7} -> [iCloud Photos] => C:\Users\justc\Pictures\iCloud Photos\Photos
CustomCLSID: HKU\S-1-5-21-620754403-3632115308-3318375796-1001_Classes\CLSID\{93E188C0-09FA-4FBC-9423-641F49132240} -> [iCloud Drive] => C:\Users\justc\iCloudDrive
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers2: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => -> No File
ContextMenuHandlers3: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-10-10] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Windows\System32\atiacm64.dll [2022-08-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-10-10] (Malwarebytes Inc. -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\justc\AppData\Local\Microsoft\Edge\User Data\Default\Web Applications\_crx__pokmkoiooknndbddmgmaolnlgelpkhep\Paramount+.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=pokmkoiooknndbddmgmaolnlgelpkhep --app-url=hxxps://www.paramountplus.com/ --app-launch-source=4
ShortcutWithArgument: C:\Users\justc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=efmjfjelnicpmdcmfikempdhlmainjcb
==================== Loaded Modules (Whitelisted) =============
2021-03-09 18:48 - 2021-03-09 18:48 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2022-07-15 08:57 - 2022-07-15 08:57 - 000912896 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-core.dll
2022-07-15 08:57 - 2022-07-15 08:57 - 003109888 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-s3.dll
2022-08-02 09:34 - 2022-08-02 09:34 - 000817152 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Device.dll
2022-08-02 09:33 - 2022-08-02 09:33 - 003650560 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Platform.dll
2022-01-02 16:37 - 2012-06-14 17:18 - 000359936 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNMN6PPM.DLL
2022-01-09 13:21 - 2022-01-09 13:21 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2022-01-09 13:21 - 2022-01-09 13:21 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000057856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\audio\qtaudio_windows.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000414720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 001441792 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 001189888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000134656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 006184448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 006867456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000735232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 001104896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 003668480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000517120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000051712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlWorkerScript.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 004228608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 001085440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000480256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5RemoteObjects.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000205824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000127488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000390656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 095598080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 005587968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000462848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000188928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 002878464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000055808 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQml\qmlplugin.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000284160 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000333824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000136704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2021-03-09 18:48 - 2021-03-09 18:48 - 000091648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-13] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 04:14 - 2019-12-07 04:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
2022-04-05 20:19 - 2022-07-28 16:22 - 000000445 _____ C:\Windows\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKCU\Environment\\Path -> %SystemRoot%\System32\Wbem;C:\Users\justc\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-620754403-3632115308-3318375796-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\justc\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 206.225.75.225 - 206.225.75.226
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "IJNetworkScanUtility"
HKU\S-1-5-21-620754403-3632115308-3318375796-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_46C0173F98CBD0BEB36BBC1DDC54FE9A"
HKU\S-1-5-21-620754403-3632115308-3318375796-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-620754403-3632115308-3318375796-1001\...\StartupApproved\Run: => "eM Client"
HKU\S-1-5-21-620754403-3632115308-3318375796-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-620754403-3632115308-3318375796-1001\...\StartupApproved\Run: => "BingWallpaperApp"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{8A2D3346-C5CD-4B27-9A06-5D08D983F478}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{99908431-F2BB-4DED-950E-AED370314106}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{72D43BE3-2EFE-4CDA-B7B5-E83D8940167D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F3630AA2-CC64-40D9-BCC3-235066D049D9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4A6EFBBE-CEE1-4896-A1BB-5792F77A5139}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{39BCABCC-AE5C-4874-B608-D7515D6790C0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D32E7389-34A9-4211-B04E-1CA6C92BF592}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{980029E5-F9F0-438A-8FA2-DC2075BBA63A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{163C58A8-A6AB-43B1-B0FD-F1743235BD1C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{C04DE238-49CD-4C5D-9630-414ED5DE1DFE}C:\program files\amd\cnext\cnext\radeonsoftware.exe] => (Block) C:\program files\amd\cnext\cnext\radeonsoftware.exe (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [UDP Query User{B1EEE5EC-7055-4674-9370-D8E9C55D9947}C:\program files\amd\cnext\cnext\radeonsoftware.exe] => (Block) C:\program files\amd\cnext\cnext\radeonsoftware.exe (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [{D2B9C7F2-EA52-4A67-AAF4-5875B70C501F}] => (Allow) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [{9038B1A2-4390-4B03-81D7-C9E00AB6AB28}] => (Allow) C:\Program Files\AMD\CNext\CNext\Radeonsoftware.exe (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [{F475800E-C2F6-48CA-AFF1-CC75EB95D72E}] => (Allow) C:\Program Files\AMD\CNext\CNext\AMDLink.exe (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [{B4CCFE4E-BE2C-4718-BE0D-E97BCC9197EA}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\108.0.5359.16\remoting_host.exe (Google LLC -> Google LLC)
FirewallRules: [{4210B52E-D4FA-4D20-ACCD-5F5F62A430CF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0F5F2CD7-1767-4DA0-B834-0A3728AE5CFA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1BBB7345-8285-4D3F-BC62-F9C032DA9B0F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E781BB85-2D13-4372-95F3-F4FE628BE373}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FA570AD9-3CA7-42E2-B3E0-589B486D9E6B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8B8010FB-9FFF-494F-93F7-FF9DF382CF41}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A77A996A-D763-494D-8691-05BC251102AF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4B3DABDF-3B22-46A3-B14C-126D4715520D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{46454D10-E538-4707-95C1-5A8E5840BD2A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{898B6A4D-1E34-4397-B89E-6CAC7A0432C3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FA69E265-4A04-4988-B0C0-570E60E8BDB8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6C016F2A-A35B-4AD6-8862-1833C3B90B03}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EF502498-2B01-47DF-9BBA-A75F8C7342DE}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{8F4ADDE4-D5A4-4E7D-A2A4-6C4F1E529C5D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\108.0.1462.54\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
25-12-2022 11:56:27 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
Name: USB Mass Storage Device
Description: USB Mass Storage Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Compatible USB storage device
Service: USBSTOR
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (12/30/2022 08:54:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SearchApp.exe version 10.0.19041.2364 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 4160
Start Time: 01d91cbab2bc2b84
Termination Time: 4294967295
Application Path: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Report Id: 2c363d7b-f49e-4a1d-a16c-6b7e84073c4a
Faulting package full name: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: ShellFeedsUI
Hang type: Quiesce
Error: (12/30/2022 08:37:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SearchApp.exe version 10.0.19041.2364 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 4c08
Start Time: 01d91c9f5774d63c
Termination Time: 4294967295
Application Path: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Report Id: 8e2b115a-bd74-4ce7-b949-da778087a338
Faulting package full name: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: ShellFeedsUI
Hang type: Quiesce
Error: (12/30/2022 08:29:47 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: Description: A .NET application failed.
Application: YourPhoneAppProxy.exe
Path: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy.exe
Message: Cannot use file stream for [C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy.deps.json]: No such file or directory
Error: (12/30/2022 08:29:13 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: Description: A .NET application failed.
Application: YourPhoneAppProxy.exe
Path: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy.exe
Message: Cannot use file stream for [C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy.deps.json]: No such file or directory
Error: (12/30/2022 08:29:06 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: Description: A .NET application failed.
Application: YourPhoneAppProxy.exe
Path: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy.exe
Message: Cannot use file stream for [C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy.deps.json]: No such file or directory
Error: (12/30/2022 05:25:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SearchApp.exe version 10.0.19041.2364 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 342c
Start Time: 01d914cad646bc96
Termination Time: 4294967295
Application Path: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Report Id: 3fa1afda-7f53-49d9-934e-c9cd95c0cd01
Faulting package full name: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: ShellFeedsUI
Hang type: Quiesce
Error: (12/30/2022 12:32:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: isnooker.exe, version: 1.0.0.1, time stamp: 0x63ae96e5
Faulting module name: isnooker.exe, version: 1.0.0.1, time stamp: 0x63ae96e5
Exception code: 0xc0000005
Fault offset: 0x0007ed30
Faulting process id: 0x3b2c
Faulting application start time: 0x01d91c6bbcb49c72
Faulting application path: C:\Program Files (x86)\Documents\isnooker.exe
Faulting module path: C:\Program Files (x86)\Documents\isnooker.exe
Report Id: 6e71118e-ed7c-4c0c-bdc4-51794980f17a
Faulting package full name:
Faulting package-relative application ID:
Error: (12/29/2022 12:38:31 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: Description: A .NET application failed.
Application: YourPhoneAppProxy.exe
Path: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy.exe
Message: Cannot use file stream for [C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy.deps.json]: No such file or directory
System errors:
=============
Error: (01/01/2023 02:42:20 PM) (Source: disk) (EventID: 154) (User: )
Description: The IO operation at logical block address 0x0 for Disk 1 (PDO name: \Device\0000003b) failed due to a hardware error.
Error: (01/01/2023 02:40:26 PM) (Source: disk) (EventID: 154) (User: )
Description: The IO operation at logical block address 0x0 for Disk 1 (PDO name: \Device\0000003b) failed due to a hardware error.
Error: (01/01/2023 02:40:26 PM) (Source: disk) (EventID: 154) (User: )
Description: The IO operation at logical block address 0x0 for Disk 1 (PDO name: \Device\0000003b) failed due to a hardware error.
Error: (01/01/2023 02:27:20 PM) (Source: disk) (EventID: 154) (User: )
Description: The IO operation at logical block address 0x0 for Disk 1 (PDO name: \Device\0000003b) failed due to a hardware error.
Error: (01/01/2023 02:12:20 PM) (Source: disk) (EventID: 154) (User: )
Description: The IO operation at logical block address 0x0 for Disk 1 (PDO name: \Device\0000003b) failed due to a hardware error.
Error: (01/01/2023 01:57:20 PM) (Source: disk) (EventID: 154) (User: )
Description: The IO operation at logical block address 0x0 for Disk 1 (PDO name: \Device\0000003b) failed due to a hardware error.
Error: (01/01/2023 01:42:19 PM) (Source: disk) (EventID: 154) (User: )
Description: The IO operation at logical block address 0x0 for Disk 1 (PDO name: \Device\0000003b) failed due to a hardware error.
Error: (01/01/2023 01:27:19 PM) (Source: disk) (EventID: 154) (User: )
Description: The IO operation at logical block address 0x0 for Disk 1 (PDO name: \Device\0000003b) failed due to a hardware error.
Windows Defender:
================
Date: 2022-12-12 15:04:55
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-12-08 15:11:11
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-12-06 15:10:19
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-12-05 14:16:34
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-12-04 19:25:12
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:
Date: 2022-12-03 04:50:47
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.377.1344.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19700.3
Error code: 0x80072ee2
Error description: The operation timed out
Date: 2022-12-03 04:50:47
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.377.1344.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19700.3
Error code: 0x80072ee2
Error description: The operation timed out
Date: 2022-12-03 04:50:47
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.377.1344.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19700.3
Error code: 0x80072ee2
Error description: The operation timed out
Date: 2022-12-03 04:50:13
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.377.1344.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19700.3
Error code: 0x80240022
Error description: The program can't check for definition updates.
Date: 2022-12-03 04:50:13
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.377.1344.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19700.3
Error code: 0x80240022
Error description: The program can't check for definition updates.
CodeIntegrity:
===============
Date: 2023-01-01 14:37:07
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. 4.3.0 08/10/2016
Motherboard: Dell Inc. 03PYWR
Processor: AMD A8-7410 APU with AMD Radeon R5 Graphics
Percentage of memory in use: 52%
Total physical RAM: 15297.18 MB
Available physical RAM: 7254.15 MB
Total Virtual: 19674.2 MB
Available Virtual: 6983.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:929.83 GB) (Free:853.24 GB) (Model: WDC WDS100T2B0A-00SM50) NTFS
\\?\Volume{ac8a3d3f-7a87-425d-9063-8c0fb9e32416}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{82cb100e-1fa4-497d-79dd-e0991af04956}\ (DELLSUPPORT) (Fixed) (Total:1.06 GB) (Free:1.05 GB) NTFS
\\?\Volume{1352e1de-3d36-4d8f-8cdc-8032dedbee11}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
Last edited by a moderator: