Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Latest News:    Google Chrome to let Isolated Web App access sensitive USB devices

Featured Deal: Block malvertising with $60 off AdGuard ad blocker

Latest Buyer's Guide:    Best web browsers with built in VPN: Boost online privacy

Generic User Avatar

Windows 10 Trojan message

Started by husky1954 , Jun 20 2024 02:29 PM

  • Please log in to reply
67 replies to this topic

#16 husky1954

husky1954
  • Topic Starter

  • Avatar image
  • Members
  • 83 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Eagle, CO
  • Local time:08:31 PM

Posted 21 June 2024 - 10:22 AM

Gary I do not have a copy of FRST64.exe.  Should I download a copy and run it?


BC AdBot (Login to Remove)

 

#17 husky1954

husky1954
  • Topic Starter

  • Avatar image
  • Members
  • 83 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Eagle, CO
  • Local time:08:31 PM

Posted 21 June 2024 - 10:28 AM

I clicked on the link for 64. it put a copy of something called Unconfirmed 172091.crdownload  in my downloads folder.


#18 Oh My!

Oh My!

    Adware and Spyware and Malware


  • Avatar image
  • Malware Response Instructor
  • 58,110 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:California
  • Local time:08:31 PM

Posted 21 June 2024 - 10:31 AM

Would you be able to download the program onto a USB device using your other computer?
Gary 

Lord, to whom shall we go? You have the words of eternal life. We have come to believe and to know that you are the Holy One of God.
John 6:68-69

#19 husky1954

husky1954
  • Topic Starter

  • Avatar image
  • Members
  • 83 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Eagle, CO
  • Local time:08:31 PM

Posted 21 June 2024 - 10:33 AM

no


#20 husky1954

husky1954
  • Topic Starter

  • Avatar image
  • Members
  • 83 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Eagle, CO
  • Local time:08:31 PM

Posted 21 June 2024 - 10:47 AM

Gary can you email the software to my brother?   

Edited by Oh My!, 21 June 2024 - 01:12 PM.

#21 husky1954

husky1954
  • Topic Starter

  • Avatar image
  • Members
  • 83 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Eagle, CO
  • Local time:08:31 PM

Posted 21 June 2024 - 11:35 AM

Gary my brother downloaded FRST64.exe.   I will drive over and get it on a thumb drive.


#22 husky1954

husky1954
  • Topic Starter

  • Avatar image
  • Members
  • 83 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Eagle, CO
  • Local time:08:31 PM

Posted 21 June 2024 - 01:28 PM

I tried to run FRST64.  Clicked scan but I don't think it ran. Nothing posted to the desktop.


#23 Oh My!

Oh My!

    Adware and Spyware and Malware


  • Avatar image
  • Malware Response Instructor
  • 58,110 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:California
  • Local time:08:31 PM

Posted 21 June 2024 - 01:31 PM

Did you try to run FRST64.exe from the Desktop or the USB? Did you right click on it and select Run as administrator?


Edited by Oh My!, 21 June 2024 - 01:33 PM.

Gary 

Lord, to whom shall we go? You have the words of eternal life. We have come to believe and to know that you are the Holy One of God.
John 6:68-69

#24 husky1954

husky1954
  • Topic Starter

  • Avatar image
  • Members
  • 83 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Eagle, CO
  • Local time:08:31 PM

Posted 21 June 2024 - 01:33 PM

usb


#25 Oh My!

Oh My!

    Adware and Spyware and Malware


  • Avatar image
  • Malware Response Instructor
  • 58,110 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:California
  • Local time:08:31 PM

Posted 21 June 2024 - 01:35 PM

Tell me if you can copy and paste FRST64.exe from the USB to the Desktop.


Gary 

Lord, to whom shall we go? You have the words of eternal life. We have come to believe and to know that you are the Holy One of God.
John 6:68-69

#26 husky1954

husky1954
  • Topic Starter

  • Avatar image
  • Members
  • 83 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Eagle, CO
  • Local time:08:31 PM

Posted 21 June 2024 - 01:38 PM

Yes


#27 Oh My!

Oh My!

    Adware and Spyware and Malware


  • Avatar image
  • Malware Response Instructor
  • 58,110 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:California
  • Local time:08:31 PM

Posted 21 June 2024 - 01:42 PM

Boot back into Safe Mode. Right click on FRST64.exe and select Run as administrator. See if you can complete a scan.
Gary 

Lord, to whom shall we go? You have the words of eternal life. We have come to believe and to know that you are the Holy One of God.
John 6:68-69

#28 husky1954

husky1954
  • Topic Starter

  • Avatar image
  • Members
  • 83 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Eagle, CO
  • Local time:08:31 PM

Posted 21 June 2024 - 02:01 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.06.2024
Ran by Main (administrator) on DESKTOP-8JE58SU (HP 750-427c) (21-06-2024 12:54:46)
Running from C:\Users\Main\Desktop\FRST64.exe
Loaded Profiles: Main
Platform: Microsoft Windows 10 Home Version 22H2 19045.4529 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Safe Mode (minimal)
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(winlogon.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\userinit.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235944 2018-12-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart [1883704 2017-07-21] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [423832 2024-06-11] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2109064 2019-11-27] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] (OOO Lightshot -> )
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [707624 2018-08-08] (HP Inc. -> HP Inc.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3509614529-1817421791-1398712029-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45626272 2024-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3509614529-1817421791-1398712029-1001\...\Run: [MicrosoftEdgeAutoLaunch_76C40646BBD3800935311AFFC2552034] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3883456 2024-06-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3509614529-1817421791-1398712029-1001\...\Run: [Opera Browser Assistant] => C:\Users\Main\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3968928 2024-04-11] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-3509614529-1817421791-1398712029-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31349528 2024-03-20] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-3509614529-1817421791-1398712029-1001\...\MountPoints2: {f87aa301-59f9-11ed-9672-dcfe07d4fea7} - "F:\LaunchU3.exe" -a
HKLM\...\Windows x64\Print Processors\BJ Print Processor4: C:\Windows\System32\spool\prtprocs\x64\CNBPP4.DLL [84992 2011-08-30] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon MX310 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD8Z.DLL [27648 2007-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [109288 2018-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\BJ Language Monitor4: C:\windows\system32\CNBLM4.DLL [267776 2011-08-30] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MX310 series: C:\windows\system32\CNMLM8Z.DLL [258560 2007-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon MP FAX Language Monitor MX310: C:\windows\system32\CNCF2Ld.DLL [183296 2007-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Canon Inc.)
HKLM\...\Print\Monitors\LIDIL hpzlllhn: C:\windows\system32\hpzlllhn.dll [58112 2018-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Audio Switch.lnk [2016-10-26]
ShortcutTarget: HP Audio Switch.lnk -> C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitchLC.vbs () [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {EDDB656E-CDE0-4982-8992-D90A71B5CD64} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {A4769EED-4961-4E15-909E-5F6733C3692B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {C57ACA29-2F8D-441F-86E0-7D5ECDDD505B} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [5079448 2024-06-11] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {DA9A0344-405D-4D9A-9161-97A7E8262337} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-01] (Avast Software s.r.o. -> Avast Software)
Task: {E69B246B-B3CD-4E84-A946-313E9A6D64C2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {30DF480A-0C8B-46B1-8219-30444B96BFD3} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5074848 2024-06-07] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc. All rights reserved.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "c37bd6e1-6ba2-406e-ad25-5ed2e32bef7f" --version "6.25.11093" --silent
Task: {904FF389-292F-43D9-9541-772A5DE8426E} - System32\Tasks\CCleanerSkipUAC - Main => C:\Program Files\CCleaner\CCleaner.exe [39449504 2024-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {DC880CD8-F4B3-4BED-9414-D5180410323D} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [31000 2024-03-20] (Garmin International, Inc. -> )
Task: {6D809F57-0CA8-4961-BB3D-6162FD285272} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2024-05-13] (HP Inc. -> HP Inc.)
Task: {5271C275-62DE-402D-9B87-27EBBCA73777} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe  -> C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\/f
Task: {B6E30815-376D-484B-8B6D-FB2886F99A9B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1161744 2024-05-13] (HP Inc. -> HP Inc.)
Task: {941D26F4-957D-47CA-950D-E1979845F466} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe  /DeviceScanR6 (No File)
Task: {DF1E0514-6086-4485-BE1B-B4D45420E70A} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64472 2024-06-18] (HP Inc. -> HP Inc.)
Task: {29C76D5B-AE91-4700-A12B-24E4C791682C} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64472 2024-06-18] (HP Inc. -> HP Inc.)
Task: {F7F315D0-C294-4B62-AFDD-FFEE7730336E} - System32\Tasks\HPEA3JOBS => C:\Program  -> Files\HP\HP ePrint\hpeprint.exe /CheckJobs
Task: {7E5A751D-55DE-4C6B-922B-29A61B8D28E4} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [459680 2017-07-28] (HP Inc. -> )
Task: {0E0EC0F5-D9AA-4804-842F-DF6A371F7B4D} - System32\Tasks\Microsoft\Windows\rempl\shell => %ProgramFiles%\rempl\sedlauncher.exe  (No File)
Task: {808AAD00-8AC4-419C-9501-71740F18C908} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [494136 2017-07-21] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {EA6965C3-928F-4BC9-914B-89E143D2663E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [947768 2017-07-21] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {C1633AFC-CB21-4F09-B1F9-82F0C40B434C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [649272 2017-07-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {436F5C59-BC52-4767-9FFC-DF8453784B97} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [649272 2017-07-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B5323D2F-D106-4C32-9304-FBDA83B69A17} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [437816 2017-07-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1192D833-20FE-41DC-98B0-DF1A1515622F} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [721976 2017-07-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {54965C12-CF64-4E91-BD72-F145E59AD4BC} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [721976 2017-07-21] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\Update Core\--logon
Task: {44F4DA27-56A5-4F73-8772-1EBCF3D18C07} - System32\Tasks\Opera scheduled assistant Autoupdate 1703010764 => C:\Users\Main\AppData\Local\Programs\Opera\launcher.exe [1610144 2024-06-14] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Main\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {AFBBD632-62CD-44C8-BCCB-8801DD3DF8F1} - System32\Tasks\Opera scheduled Autoupdate 1685974122 => C:\Users\Main\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5728672 2024-06-13] (Opera Norway AS -> Opera Software)
Task: {56FC7D46-A40C-4EC0-A575-1517B778BF46} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235944 2018-12-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {1C973358-9213-4806-9355-B4A128F4E57C} - System32\Tasks\update-S-1-5-21-3509614529-1817421791-1398712029-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {BE4B7FE3-521D-4E7C-B9C5-8CB69E14A923} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-3509614529-1817421791-1398712029-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4d27ffc8-7ff0-40c1-89b8-cea5d8bc1cbd}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{f756bca5-0cd0-45e4-9a88-d4c2124cabc6}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f756bca5-0cd0-45e4-9a88-d4c2124cabc6}: [DhcpDomain] lan
Tcpip\..\Interfaces\{f756bca5-0cd0-45e4-9a88-d4c2124cabc6}\033443534454: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{f756bca5-0cd0-45e4-9a88-d4c2124cabc6}\3456E647572797C496E6B643237313: [DhcpNameServer] 192.168.0.1 205.171.3.25
Tcpip\..\Interfaces\{f756bca5-0cd0-45e4-9a88-d4c2124cabc6}\3456E647572797C496E6B643237313: [DhcpDomain] Home
Tcpip\..\Interfaces\{f756bca5-0cd0-45e4-9a88-d4c2124cabc6}\37861646F677279646765613: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f756bca5-0cd0-45e4-9a88-d4c2124cabc6}\741627975376: [DhcpNameServer] 24.248.131.30
 
Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Main\AppData\Local\Microsoft\Edge\User Data\Default [2024-06-21]
Edge DownloadDir: Default -> C:\Users\Main\Downloads
Edge Notifications: Default -> hxxps://www.jotform.com; hxxps://www.walkfitplatinumsale.com
Edge HomePage: Default -> hxxps://duckduckgo.com/
Edge DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
Edge DefaultSearchKeyword: Default -> duckduckgo.com
Edge DefaultNewTabURL: Default -> hxxps://duckduckgo.com/chrome_newtab
Edge DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
Edge Extension: (Google Docs Offline) - C:\Users\Main\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-31]
Edge Extension: (Edge relevant text changes) - C:\Users\Main\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
 
FireFox:
========
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-06-14] (Adobe Inc. -> Adobe Systems Inc.)
 
Opera: 
=======
OPR DefaultProfile: Default
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [9026968 2024-06-11] (Avast Software s.r.o. -> AVAST Software)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [761752 2024-06-11] (Avast Software s.r.o. -> Gen Digital Inc.)
S2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [1198488 2024-06-11] (Avast Software s.r.o. -> Gen Digital Inc.)
S2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-09-16] (Avast Software s.r.o. -> AVAST Software)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1085856 2024-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1321096 2018-09-28] (HP Inc. -> HP Inc.)
S2 HP Orbit Service; C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe [3421616 2017-06-20] (HP Inc. -> HP Inc.)
S2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [895552 2024-03-25] (HP Inc. -> HP Inc.)
S2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [894416 2024-03-25] (HP Inc. -> HP Inc.)
S2 HPJumpStartBridge; C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-07-28] (HP Inc. -> HP Inc.)
S2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [890832 2024-03-25] (HP Inc. -> HP Inc.)
S2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [241104 2024-06-18] (HP Inc. -> HP Inc.)
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
S2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [894928 2024-03-25] (HP Inc. -> HP Inc.)
S2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc. -> HP Inc.)
S2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [628768 2017-07-13] (HP Inc. -> HP Inc.)
S3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [File not signed]
S2 IntuitUpdateServiceV4; C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [19840 2022-08-24] (Intuit ESD Test Certificate -> Intuit Inc.) [File not signed]
S2 IRMTService; C:\Program Files\Intel\Intel® Ready Mode Technology\IRMTService.exe [181360 2016-06-21] (Intel® RMT -> Intel Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8895072 2024-06-20] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-06-20] (Malwarebytes Inc. -> Malwarebytes)
S2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhdc.inf_amd64_7f14eb0fd6d4fd5b\Display.NvContainer\NVDisplay.Container.exe [1275000 2024-03-11] (NVIDIA Corporation -> NVIDIA Corporation)
S2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2016-03-23] (CyberLink Corp. -> CyberLink)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [20424 2024-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [229832 2024-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [380360 2024-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [292808 2024-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [84536 2024-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [27760 2024-02-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [28728 2024-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [269768 2024-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [548808 2024-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [97848 2024-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [69168 2024-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [939976 2024-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [698424 2024-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [203832 2024-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [306744 2024-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 IntelReadyModeDriver; C:\WINDOWS\System32\drivers\IntelReadyModeDriver.sys [34952 2016-06-21] (Intel® RMT -> Intel Corporation)
S2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [221136 2024-06-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-06-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-06-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-11] (Microsoft Windows -> Microsoft Corporation)
S3 WinRing0_1_2_0; \??\C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClient.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2024-06-21 12:54 - 2024-06-21 12:55 - 000023763 _____ C:\Users\Main\Desktop\FRST.txt
2024-06-21 12:54 - 2024-06-21 12:54 - 000000000 ____D C:\FRST
2024-06-21 12:37 - 2024-06-21 10:28 - 002395648 _____ (Farbar) C:\Users\Main\Desktop\FRST64.exe
2024-06-21 12:15 - 2024-06-21 12:15 - 000000000 ___HD C:\avast! sandbox
2024-06-21 09:23 - 2024-06-21 09:23 - 002395648 _____ (Farbar) C:\Users\Main\Downloads\Unconfirmed 172091.crdownload
2024-06-21 06:03 - 2024-06-21 06:03 - 1340125012 _____ C:\WINDOWS\MEMORY.DMP
2024-06-21 06:03 - 2024-06-21 06:03 - 002443996 _____ C:\WINDOWS\Minidump\062124-6968-01.dmp
2024-06-21 06:03 - 2024-06-21 06:03 - 000000000 ___HD C:\ProgramData\temp
2024-06-20 22:57 - 2024-06-21 12:53 - 000000000 ____D C:\Users\Main\AppData\Local\Malwarebytes
2024-06-20 22:57 - 2024-06-20 22:57 - 000002100 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-06-20 22:57 - 2024-06-20 22:57 - 000002088 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2024-06-20 22:57 - 2024-06-20 22:57 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-06-20 22:57 - 2024-06-20 22:57 - 000000000 ____D C:\Program Files\Malwarebytes
2024-06-20 22:54 - 2024-06-20 22:56 - 277685776 _____ (Malwarebytes) C:\Users\Main\Downloads\MBSetup-076981.076981-5.1.5.116 (1).exe
2024-06-20 20:47 - 2024-06-21 07:16 - 000001624 _____ C:\Users\Main\Desktop\Rkill.txt
2024-06-20 20:47 - 2024-06-20 20:47 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Main\Downloads\rkill.exe
2024-06-20 20:47 - 2024-06-20 20:47 - 000988112 _____ (Bleeping Computer, LLC) C:\Users\Main\Downloads\rkill64.exe
2024-06-20 18:26 - 2024-06-20 20:14 - 000000000 ____D C:\Users\Main\AppData\Local\ElevatedDiagnostics
2024-06-20 18:20 - 2024-06-21 12:54 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2024-06-20 18:20 - 2024-06-20 18:20 - 000000000 ____D C:\WINDOWS\pss
2024-06-16 21:30 - 2024-06-16 21:30 - 000056256 _____ C:\WINDOWS\system32\lc.dat
2024-06-12 05:44 - 2024-06-12 05:46 - 000000000 ___HD C:\$WinREAgent
2024-06-11 22:44 - 2024-06-11 22:44 - 000315288 _____ (Gen Digital Inc.) C:\WINDOWS\system32\aswBoot.exe
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2024-06-21 12:54 - 2020-11-06 08:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-06-21 12:54 - 2020-11-06 08:09 - 000008192 ___SH C:\DumpStack.log.tmp
2024-06-21 12:54 - 2019-12-07 03:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-06-21 12:54 - 2016-10-26 07:20 - 000000000 ____D C:\ProgramData\NVIDIA
2024-06-21 12:34 - 2019-12-07 03:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-06-21 12:14 - 2020-11-06 08:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-06-21 10:13 - 2017-02-10 15:16 - 000000000 ____D C:\Program Files\CCleaner
2024-06-21 09:56 - 2018-05-13 14:58 - 000000000 ____D C:\Users\Main\AppData\Local\D3DSCache
2024-06-21 06:07 - 2020-11-06 08:13 - 000936842 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-06-21 06:07 - 2019-12-07 03:13 - 000000000 ____D C:\WINDOWS\INF
2024-06-21 06:03 - 2024-04-07 07:24 - 000000000 ____D C:\WINDOWS\Minidump
2024-06-20 22:57 - 2019-12-07 03:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-06-20 21:01 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-06-20 20:57 - 2017-10-19 09:13 - 000000000 ____D C:\Users\Main\AppData\Local\Packages
2024-06-20 20:45 - 2022-09-20 14:05 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-06-20 20:45 - 2017-12-30 18:15 - 000000000 ____D C:\ProgramData\AVAST Software
2024-06-20 20:20 - 2021-12-15 19:21 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-06-20 13:48 - 2019-12-07 03:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-06-20 10:54 - 2022-09-20 14:05 - 000003382 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-06-20 10:54 - 2020-11-06 08:15 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-06-20 10:42 - 2020-06-19 01:17 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-06-18 08:29 - 2022-01-26 15:51 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2024-06-18 08:29 - 2022-01-26 15:47 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2024-06-17 12:25 - 2018-05-08 00:55 - 000000000 ____D C:\Users\Main\Documents\Help
2024-06-15 17:14 - 2022-10-11 06:17 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-06-15 17:14 - 2022-10-11 06:17 - 000002068 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-06-15 17:14 - 2020-11-06 08:15 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-06-14 06:03 - 2023-06-05 08:08 - 000004258 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1685974122
2024-06-14 06:03 - 2023-06-05 08:08 - 000001394 _____ C:\Users\Main\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2024-06-11 22:44 - 2020-12-10 05:51 - 000548808 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2024-06-11 22:44 - 2020-11-06 08:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2024-06-11 22:44 - 2020-02-25 05:05 - 000269768 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2024-06-11 22:44 - 2019-01-24 17:34 - 000380360 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2024-06-11 22:44 - 2019-01-18 08:38 - 000292808 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2024-06-11 22:44 - 2019-01-18 08:38 - 000084536 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2024-06-11 22:44 - 2019-01-18 08:38 - 000020424 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2024-06-11 22:44 - 2018-10-23 09:49 - 000028728 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswKbd.sys
2024-06-11 22:44 - 2018-05-13 14:05 - 000939976 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2024-06-11 22:44 - 2018-05-13 14:05 - 000698424 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswSP.sys
2024-06-11 22:44 - 2018-05-13 14:05 - 000306744 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswVmm.sys
2024-06-11 22:44 - 2018-05-13 14:05 - 000229832 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswArPot.sys
2024-06-11 22:44 - 2018-05-13 14:05 - 000097848 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2024-06-11 22:44 - 2018-05-13 14:05 - 000069168 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2024-06-11 21:09 - 2020-11-06 08:09 - 000359864 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-06-11 21:08 - 2019-12-07 03:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-06-11 21:08 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-06-11 21:08 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-06-11 21:08 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-06-11 21:08 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-06-11 21:08 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-06-11 21:08 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-06-11 21:08 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-06-11 21:08 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-06-11 20:59 - 2019-12-07 03:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-06-11 20:56 - 2020-11-06 08:13 - 003017216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-06-11 20:46 - 2016-12-13 11:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-06-11 20:44 - 2016-12-13 11:49 - 199048176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-06-06 04:50 - 2020-11-06 08:15 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-06-06 04:50 - 2020-11-06 08:15 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-05-31 15:20 - 2023-12-19 12:32 - 000003760 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1703010764
2024-05-31 15:20 - 2022-12-04 20:43 - 000002702 _____ C:\WINDOWS\system32\Tasks\GarminUpdaterTask
2024-05-31 15:20 - 2021-08-18 16:50 - 000002252 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Main
2024-05-26 06:57 - 2018-07-10 16:30 - 000000000 ____D C:\ProgramData\Packages
2024-05-23 09:14 - 2016-12-13 09:49 - 000000000 ____D C:\Users\Main\AppData\Local\Comms
2024-05-22 14:49 - 2022-11-03 14:22 - 000000000 ____D C:\Users\Main\Documents\Recipes
 
==================== Files in the root of some directories ========
 
2024-04-07 21:51 - 2024-04-07 21:51 - 000003584 _____ () C:\Users\Main\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-08-06 16:27 - 2023-08-10 22:52 - 000007605 _____ () C:\Users\Main\AppData\Local\resmon.resmoncfg
2017-07-02 08:50 - 2017-07-02 08:50 - 000000003 _____ () C:\Users\Main\AppData\Local\updater.log
2017-07-02 08:50 - 2017-07-02 08:50 - 000000425 _____ () C:\Users\Main\AppData\Local\UserProducts.xml
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
 
 
safeboot: Minimal => The system is configured to boot to Safe Mode <==== ATTENTION
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19.06.2024
Ran by Main (21-06-2024 12:55:36)
Running from C:\Users\Main\Desktop
Microsoft Windows 10 Home Version 22H2 19045.4529 (X64) (2020-11-06 14:15:37)
Boot Mode: Safe Mode (minimal)
==========================================================
 
 
==================== Accounts: =============================
 
 
(If an entry is included in the fixlist, it will be removed.)
 
Administrator (S-1-5-21-3509614529-1817421791-1398712029-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3509614529-1817421791-1398712029-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3509614529-1817421791-1398712029-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-3509614529-1817421791-1398712029-501 - Limited - Disabled)
Main (S-1-5-21-3509614529-1817421791-1398712029-1001 - Administrator - Enabled) => C:\Users\Main
WDAGUtilityAccount (S-1-5-21-3509614529-1817421791-1398712029-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Malwarebytes (Disabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 24.002.20857 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601067}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
ANT Drivers Installer x64 (HKLM\...\{D2B4737B-0A1E-4C5B-AEB9-49A2BBD336ED}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 24.5.6116 - Avast Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon MX310 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX310_series) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 6.25 - Piriform)
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.6.7503 - CyberLink Corp.)
CyberLink PowerDirector 14 (HKLM-x32\...\{6BADCD73-E925-46F7-A295-FF2448632728}) (Version: 14.0.2.3309 - CyberLink Corp.)
Elevated Installer (HKLM-x32\...\{5D30B228-8185-473A-A710-59B503D0E631}) (Version: 7.20.3.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Garmin Express (HKLM-x32\...\{c6571d14-572e-41c8-ba10-46a74d5d0e01}) (Version: 7.20.3.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{E57F5608-BBB3-4623-8062-86BA4081C0ED}) (Version: 7.20.3.0 - Garmin Ltd or its subsidiaries) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
HP Audio Switch (HKLM\...\HPAudioSwitch) (Version: 1.0.111.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.15.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.2 - HP Inc.)
HP ePrint SW (HKLM\...\{1B1E721E-4843-465C-867F-E8651E5ABCD1}) (Version: 5.1.19895 - HP Inc.) Hidden
HP ePrint SW (HKLM\...\{70FF7FA8-1775-4D18-855B-DDB5AE876486}) (Version: 5.1.19895 - HP Inc.) Hidden
HP ePrint SW (HKLM\...\{804E6C19-C29C-4C2A-AB7D-84F657F36A1A}) (Version: 5.1.19895 - HP Inc.) Hidden
HP ePrint SW (HKLM\...\{9E79DC8C-9CBD-4BFF-B1C6-DDE56471600E}) (Version: 5.1.19895 - HP Inc.) Hidden
HP ePrint SW (HKLM-x32\...\{2460D024-A262-43EE-B83B-D990D7188252}) (Version: 5.1.19895 - HP Inc.) Hidden
HP ePrint SW (HKLM-x32\...\{b0ebf7ff-6b1a-4a92-9c85-6915be1962b9}) (Version: 5.1.19895 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{E1FE22DE-22EF-4235-A56A-287CE38AA584}) (Version: 5.1.19895 - HP Inc.) Hidden
HP JumpStart Bridge (HKLM-x32\...\{1E7D6A6F-E28B-4057-BD4F-9989C1F5353D}) (Version: 1.3.0.423 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{4380D813-39E5-46FD-AC23-FC9A1A8B98AA}) (Version: 1.3.423.0 - HP Inc.)
HP Orbit (HKLM\...\{1A083C69-5382-4CF9-8074-80EC050D9FC8}) (Version: 3.5.171.271 - HP) Hidden
HP Orbit (HKLM-x32\...\{82b971c1-85fa-4c53-ada1-4ec6be0c0c8a}) (Version: 3.5.171.271 - HP Inc.)
HP Orbit Service (HKLM\...\{B384505E-0FE1-4A0F-9E92-7C592276E0A4}) (Version: 2.5.171.271 - HP Inc) Hidden
HP Recovery Manager (HKLM-x32\...\{64BAA990-F1FC-4145-A7B1-E41FBBC9DA47}) (Version: 1.2.1510 - HP) Hidden
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8357.5639 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{C85AC2ED-2305-4137-A8BA-CC628F635C82}) (Version: 12.18.34.21 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{57058272-92B0-4EFA-8FDD-ED3E5D689D37}) (Version: 1.4.32 - HP Inc.)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
Intel® Chipset Device Software (HKLM\...\{94E05108-3E4E-4F2E-AC5F-33A1B22B779C}) (Version: 10.1.1.44 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2026.14.0.1676 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{38311187-61A3-493F-880A-CCA93718AFAE}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{941C4885-7886-4BEA-A222-C6A187D5FD9F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Driver (HKLM\...\{4EAF526C-F3AC-415F-839E-397DD2943BB4}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® ME UninstallLegacy (HKLM\...\{BAD8B014-371F-43A5-9004-FF2078BBDD18}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.9.1.1020 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{82B8C0DF-94E9-4E42-B132-47F13CD5EE3C}) (Version: 15.9.1.1020 - Intel Corporation) Hidden
Intel® Ready Mode Technology (HKLM\...\{56F58306-9501-4933-8AC5-7079891D5AD0}) (Version: 1.1.70.525 - Intel Corporation)
Intel® Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.61.251.0 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.61.251.0 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{69bc85f1-55f9-44f2-b5df-3840fe07854c}) (Version: 1.61.251.0 - Intel Corporation) Hidden
Intel® Wireless Bluetooth® (HKLM-x32\...\{F50984E6-5E69-4A75-B1A5-7F5B4D964EB0}) (Version: 19.11.1641.0703 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{185db067-38cd-4521-a43e-c39b96ee1389}) (Version: 19.50.1 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{B294CE94-FE0F-4427-910C-180AF9FCFED1}) (Version: 1.0.1.620 - Intel Corporation)
Lightshot-5.4.0.10 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.10 - Skillbrains)
Logitech Options (HKLM\...\LogiOptions) (Version: 8.10.84 - Logitech)
Malwarebytes version 5.1.5.116 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.1.5.116 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 126.0.2592.61 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 126.0.2592.61 - Microsoft Corporation)
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{22EDC529-0D1F-47E1-938E-6EB6BAB3E573}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{58147998-2831-44F6-B716-E2B25B697A35}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.23506 (HKLM\...\{B0B194F8-E0CE-33FE-AA11-636428A4B73D}) (Version: 14.0.23506 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.23506 (HKLM\...\{A1C31BA5-5438-3A07-9EEE-A5FB2D0FDE36}) (Version: 14.0.23506 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.23.27820 (HKLM-x32\...\{86BE78D9-65A1-4E69-86F8-C1F5281F8553}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.23.27820 (HKLM-x32\...\{00AC3934-26B4-406E-807C-1692AC7329EC}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
NVIDIA GeForce Experience 3.5.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.5.0.70 - NVIDIA Corporation)
NVIDIA Graphics Driver 551.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 551.34 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0516 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0516 - NVIDIA Corporation)
OpenOffice 4.1.4 (HKLM-x32\...\{4138A847-021B-4C26-B6BF-220B2446F603}) (Version: 4.14.9787 - Apache Software Foundation)
Opera Stable 110.0.5130.82 (HKU\S-1-5-21-3509614529-1817421791-1398712029-1001\...\Opera 110.0.5130.82) (Version: 110.0.5130.82 - Opera Software)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31235 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.9.422.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8237 - Realtek Semiconductor Corp.)
TurboTax 2022 (HKLM-x32\...\{E02EC8E6-200F-4BF9-AF32-572FEA31F457}) (Version: 022.000.0664 - Intuit Inc.)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{85C69797-7336-4E83-8D97-32A7C8465A3B}) (Version: 8.94.0.0 - Microsoft Corporation)
waziperStateIS (HKLM-x32\...\{CC134703-E6D7-49B5-AD75-FB05BC7D404E}) (Version: 022.000.0109 - Intuit Inc.) Hidden
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
 
Packages:
=========
 
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-06-15] ()
Drawboard PDF -> C:\Program Files\WindowsApps\DRAWBOARD.DRAWBOARDPDF_6.60.35.0_x64__gqbn7fs4pywxm [2024-06-05] (Drawboard)
Facebook -> C:\Program Files\WindowsApps\www.facebook.com-1C2D851A_2023.531.1.1_neutral__n468xs7erp6tc [2023-10-15] (www.facebook.com)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.2.228.0_x64__v10z8vjag6ke6 [2024-03-06] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_154.1.1072.0_x64__v10z8vjag6ke6 [2024-06-18] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.35.35.0_x64__v10z8vjag6ke6 [2024-05-20] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-04] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-04] (Microsoft Corporation) [MS Ad]
Microsoft Sudoku -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSudoku_2.9.5081.0_x64__8wekyb3d8bbwe [2024-05-14] (Microsoft Studios)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.99.5.0_x64__mcm4njqhnhss8 [2024-04-19] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-04-23] (NVIDIA Corp.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-02-01] (Microsoft Corporation)
Web Search from Microsoft Bing -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-03-06] (Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3509614529-1817421791-1398712029-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2024-06-11] (Avast Software s.r.o. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2024-06-11] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2024-06-11] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2024-06-11] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-06-20] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvhdc.inf_amd64_7f14eb0fd6d4fd5b\nvshext.dll [2024-03-11] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2024-06-11] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-06-20] (Malwarebytes Inc. -> Malwarebytes)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Priceline.com.lnk -> C:\Program Files (x86)\HP\Shared\WizLink.exe () -> hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=priceline&refclickid=square
 
==================== Loaded Modules (Whitelisted) =============
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-3509614529-1817421791-1398712029-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM -> {27F5BC6B-277A-43CC-B862-657877A6DF8B} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {27F5BC6B-277A-43CC-B862-657877A6DF8B} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3509614529-1817421791-1398712029-1001 -> {27F5BC6B-277A-43CC-B862-657877A6DF8B} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2024-05-13] (HP Inc. -> HP Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2024-05-13] (HP Inc. -> HP Inc.)
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2016-07-16 05:47 - 2019-01-04 02:10 - 000000825 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
2017-11-11 23:54 - 2017-11-11 23:55 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3509614529-1817421791-1398712029-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3509614529-1817421791-1398712029-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKU\S-1-5-21-3509614529-1817421791-1398712029-1001\...\StartupApproved\Run: => "GarminExpress"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{70FBBAFF-20D0-4049-8A47-B63786FCE310}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{46767D32-3020-4E38-AFEB-4DA4A82FBB0F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [{21459643-9A4C-47A2-A3A5-0977BF21D74D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [{FB932164-9613-4FA1-9B00-24CBAB594058}] => (Allow) LPort=13148
FirewallRules: [{EE6EC17E-C737-44C9-84A2-3FD4A64F2836}] => (Allow) C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe (HP Inc. -> HP Inc.)
FirewallRules: [{942B64D2-C685-4949-BF5E-FB5E06A2BD48}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{69239499-EF66-4708-B3E0-7BF3DB8C87EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{413BD4CC-F008-4FD3-A456-D85B7758650D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B32382F5-8D3B-4A9C-BF08-C96A0AE38C73}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4B8D1F70-AFE1-4496-9D4F-6E3E89DF4C09}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{70402FE2-CA65-4AF0-A5B9-F35EA17D50AE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C32A8119-3420-492F-9212-F40BAEC35922}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6F654A43-AAE2-4C89-AF85-639B5969D1C1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6CD3E50A-26F1-460F-927D-3C20D3797224}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C14479AF-DCC3-4A57-AB38-52F630B8C776}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{1A8B0C72-B442-4561-BF8B-51AD5B769B4D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{C452E1FE-7FDC-47FE-9438-BA439F06B676}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{A5850618-5026-4DBF-832B-CAF3F4E0A33F}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{5F5652EE-5733-4976-A462-55210727D1A1}] => (Allow) C:\Program Files (x86)\TurboTax\Individual 2022\32bit\CefSharp.BrowserSubprocess.exe (INTUIT INC. -> The CefSharp Authors)
FirewallRules: [{907292D4-25C6-4B70-9DB4-D0D0CDE9B0D7}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe (Intuit ESD Test Certificate -> Intuit Inc.) [File not signed]
FirewallRules: [{8820F8A3-21C7-474A-AF43-1AB7EAF30134}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit ESD Test Certificate -> Intuit Inc.) [File not signed]
FirewallRules: [{C5D86ADF-883D-4197-AD4D-40A097D74CEB}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit ESD Test Certificate -> Intuit Inc.) [File not signed]
FirewallRules: [{4C5E0C7F-CA65-4850-9B81-4105EF9F39CE}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit ESD Test Certificate -> Intuit Inc.) [File not signed]
FirewallRules: [{8DC7BFAF-678F-4E7A-A95C-93A51EEC9EDA}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit ESD Test Certificate -> Intuit Inc.) [File not signed]
FirewallRules: [{A5373CC8-D2E3-4198-A652-884D103B02F4}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit ESD Test Certificate -> Intuit Inc.) [File not signed]
FirewallRules: [TCP Query User{2EF360C7-59A6-4268-A26C-7964E9C4D3FB}C:\users\main\appdata\local\programs\opera\opera.exe] => (Block) C:\users\main\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{930209A5-6110-401C-A9EF-52CA790B58A6}C:\users\main\appdata\local\programs\opera\opera.exe] => (Block) C:\users\main\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{12B81DFB-0281-4744-97B1-9C832DF327F1}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.61\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{44254165-B4C6-4DF7-B63F-1424ECA33A22}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.122.3205.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6D1BFD09-66CD-46E8-820A-76B0581862B3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.122.3205.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{25BF7A95-5727-4C21-A5E6-315F633C852A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.122.3205.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7F2A36A7-A8B0-4A23-A694-EE76B2971835}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.122.3205.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
 
==================== Restore Points =========================
 
11-06-2024 11:54:08 Scheduled Checkpoint
11-06-2024 20:49:48 Windows Modules Installer
11-06-2024 20:51:46 Windows Modules Installer
20-06-2024 13:48:20 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices ============
 
Name: Microsoft Hyper-V Virtualization Infrastructure Driver
Description: Microsoft Hyper-V Virtualization Infrastructure Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Vid
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
Description: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: nvvad_WaveExtensible
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (06/20/2024 08:45:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname DESKTOP-8JE58SU.local already in use; will try DESKTOP-8JE58SU-2.local instead
 
Error: (06/20/2024 08:45:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister   16 DESKTOP-8JE58SU.local. AAAA FD27:9EDD:78B7:0010:0000:0000:0000:03C0
 
Error: (06/20/2024 08:45:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from FD27:9EDD:78B7:0010:0000:0000:0000:03C0:5353   16 DESKTOP-8JE58SU.local. AAAA 2605:59C8:0089:3A10:0000:0000:0000:03C0
 
Error: (06/20/2024 08:45:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Ignoring response received before we even began probing:   16 DESKTOP-8JE58SU.local. AAAA FE80:0000:0000:0000:D4DE:6820:8BF3:4503
 
Error: (06/20/2024 08:45:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Ignoring response received before we even began probing:   16 DESKTOP-8JE58SU.local. AAAA FD27:9EDD:78B7:0010:0000:0000:0000:03C0
 
Error: (06/20/2024 08:45:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Ignoring response received before we even began probing:   16 DESKTOP-8JE58SU.local. AAAA FE80:0000:0000:0000:D4DE:6820:8BF3:4503
 
Error: (06/20/2024 08:45:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Ignoring response received before we even began probing:   16 DESKTOP-8JE58SU.local. AAAA FD27:9EDD:78B7:0010:0000:0000:0000:03C0
 
Error: (06/20/2024 08:45:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Ignoring response received before we even began probing:   16 DESKTOP-8JE58SU.local. AAAA FE80:0000:0000:0000:D4DE:6820:8BF3:4503
 
 
System errors:
=============
Error: (06/21/2024 12:56:01 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8JE58SU)
Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server:
{4991D34B-80A1-4291-83B6-3328366B9097}
 
Error: (06/21/2024 12:56:01 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8JE58SU)
Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server:
{F087771F-D74F-4C1A-BB8A-E16ACA9124EA}
 
Error: (06/21/2024 12:56:01 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8JE58SU)
Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server:
{6D18AD12-BDE3-4393-B311-099C346E6DF9}
 
Error: (06/21/2024 12:56:01 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8JE58SU)
Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server:
{03CA98D6-FF5D-49B8-ABC6-03DD84127020}
 
Error: (06/21/2024 12:56:01 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8JE58SU)
Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server:
{659CDEA7-489E-11D9-A9CD-000D56965251}
 
Error: (06/21/2024 12:56:01 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8JE58SU)
Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server:
{BB6DF56B-CACE-11DC-9992-0019B93A3A84}
 
Error: (06/21/2024 12:56:01 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8JE58SU)
Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server:
{1ECCA34C-E88A-44E3-8D6A-8921BDE9E452}
 
Error: (06/21/2024 12:56:01 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8JE58SU)
Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server:
{4D233817-B456-4E75-83D2-B17DEC544D12}
 
 
CodeIntegrity:
===============
Date: 2024-06-21 12:54:05
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
 
Date: 2024-06-21 12:54:05
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
 
 
==================== Memory info =========================== 
 
BIOS: AMI F.45 05/22/2019
Motherboard: HP 828A
Processor: Intel® Core™ i7-6700 CPU @ 3.40GHz
Percentage of memory in use: 11%
Total physical RAM: 16329.56 MB
Available physical RAM: 14415.02 MB
Total Virtual: 18761.56 MB
Available Virtual: 17204.01 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:450.81 GB) (Free:351.13 GB) (Model: CT500MX500SSD1) NTFS
Drive d: (RECOVERY) (Fixed) (Total:13.7 GB) (Free:4.76 GB) (Model: CT500MX500SSD1) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (USB DISK) (Removable) (Total:0.48 GB) (Free:0.48 GB) FAT
 
\\?\Volume{685f49dd-25d3-435d-a448-5814b8782297}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{2db22ce2-6a5e-44ff-8039-34ef351b887a}\ (Windows RE tools) (Fixed) (Total:0.46 GB) (Free:0.01 GB) NTFS
\\?\Volume{8bea5e7e-17f6-424b-bce1-e6982152061a}\ () (Fixed) (Total:0.25 GB) (Free:0.16 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 066C2D81)
 
Partition: GPT.
 
==========================================================
Disk: 1 (Size: 496.6 MB) (Disk ID: 6F20736B)
No partition Table on disk 1.
Disk 1 is a removable device.
 
==================== End of Addition.txt =======================

#29 Oh My!

Oh My!

    Adware and Spyware and Malware


  • Avatar image
  • Malware Response Instructor
  • 58,110 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:California
  • Local time:08:31 PM

Posted 21 June 2024 - 04:14 PM

Is FRST64.exe the only program you are currently having difficulty with?


Gary 

Lord, to whom shall we go? You have the words of eternal life. We have come to believe and to know that you are the Holy One of God.
John 6:68-69

#30 husky1954

husky1954
  • Topic Starter

  • Avatar image
  • Members
  • 83 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Eagle, CO
  • Local time:08:31 PM

Posted 21 June 2024 - 05:43 PM

I can only run FRST.exe in safe mode. I dont run any other programs. Just Microsoft Windows things. I had trouble last night running things, but did not make a log. Also had a hard time getting out of Safe mode. I only use this computer to get online.
Back to Virus, Trojan, Spyware, and Malware Removal Help


2 user(s) are reading this topic

0 members, 2 guests, 0 anonymous users


  1. BleepingComputer Forums
  2. Security
  3. Virus, Trojan, Spyware, and Malware Removal Help
  4. Privacy Policy
  5. Rules ·