• Location:
    • Home » Technology » Got message saying do not restart or use your computer

Got message saying do not restart or use your computer

techholyland 1395

I can't seem to get this message off my screen.Anyway here are the log files

Got message saying do not restart or use your computer

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-05-2022
Ran by 12567 (administrator) on DESKTOP-019UCIE (HP HP Slimline Desktop PC 270-p0xx) (16-05-2022 20:49:53)
Running from C:\Users\12567\Desktop
Loaded Profiles: 12567
Platform: Microsoft Windows 10 Home Version 21H1 19043.1706 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Charter Security Suite\fs_ui_32.exe ->) (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\ui\fsmainui.exe
(C:\Program Files (x86)\Charter Security Suite\fshoster32.exe ->) (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\fs_ui_32.exe
(C:\Program Files (x86)\Charter Security Suite\Ultralight\ulcore\1651147404\fshoster64.exe ->) (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\Ultralight\ulcore\1651147404\FsPisces.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_5a1ab3b0567b3cdb\igfxCUIService.exe ->) (Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5a1ab3b0567b3cdb\igfxEM.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <14>
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\fshoster32.exe <8>
(services.exe ->) (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\Ultralight\ulcore\1651147404\fshoster64.exe <2>
(services.exe ->) (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\Ultralight\ulcore\1651147404\fsorsp64.exe
(services.exe ->) (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\Ultralight\ulcore\1651147404\fsulprothoster.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5a1ab3b0567b3cdb\igfxCUIService.exe
(services.exe ->) (Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5a1ab3b0567b3cdb\IntelCpHDCPSvc.exe
(services.exe ->) (Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5a1ab3b0567b3cdb\IntelCpHeciSvc.exe
(services.exe ->) (Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (WildTangent, Inc. -> ) C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.549981c3f5f10_4.2203.4603.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20858.0_x64__8wekyb3d8bbwe\HxAccounts.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20858.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20858.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [703312 2017-07-21] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-3292964692-1604838336-1727243791-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36705520 2022-04-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3292964692-1604838336-1727243791-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [809472 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\101.0.4951.54\Installer\chrmstp.exe [2022-05-02] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {006C2043-77D3-416A-85DF-0AAD9971C666} - System32\Tasks\GoogleUpdateTaskMachineCore{F7CFA107-B0BF-4BBA-8DFE-D21E6A3A3B55} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-04-11] (Google LLC -> Google LLC)
Task: {02F811D7-CFC4-4B11-806A-042083453C8B} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [42144 2022-04-28] (HP Inc. -> HP Inc.)
Task: {19CAC551-31ED-47DD-A6CB-205719B7B7B1} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2017-09-27] (HP Inc. -> HP Inc.)
Task: {1D8E4384-44C4-4EF4-B684-6AB3992DD3BE} - \Hewlett-Packard\HP Support Assistant\Product Configurator -> No File <==== ATTENTION
Task: {2F04C2C5-33F6-4BCE-BDAC-6A677D006488} - System32\Tasks\F-Secure\F-Secure Hotfix => C:\Program Files (x86)\Charter Security Suite\fs_hotfix.exe [291992 2022-03-24] (F-Secure Corporation -> F-Secure Corporation)
Task: {37292EA8-F458-47ED-A55C-5A3A1CCF5FD5} - \Microsoft\Windows\WindowsUpdate\sih -> No File <==== ATTENTION
Task: {3891CB81-CF07-4ECD-A7CE-59544F84AF7D} - \Microsoft\Windows\Shell\FamilySafetyMonitorToastTask -> No File <==== ATTENTION
Task: {390E864D-2A01-4EC5-9184-001280DCE480} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651632 2017-09-27] (HP Inc. -> HP Inc.)
Task: {49810E68-DE3D-470E-AAB6-835C19E805DC} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [42144 2022-04-28] (HP Inc. -> HP Inc.)
Task: {5D98D8C0-F572-4D29-8B04-5C1D25EA0393} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9279544 2018-09-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {601ACA37-8190-438C-A569-1FB844BFF412} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [119664 2017-09-27] (HP Inc. -> HP Inc.)
Task: {64D445F3-4838-4B6F-A7B1-A773A5069435} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1057648 2017-09-27] (HP Inc. -> HP Inc.)
Task: {658E7034-E823-4ADE-81C4-CFEE29EFA6BE} - System32\Tasks\CCleanerSkipUAC - 12567 => C:\Program Files\CCleaner\CCleaner.exe [30836464 2022-04-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {67B5A589-8B6A-4C7F-A87F-AA497676436D} - \Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display -> No File <==== ATTENTION
Task: {80BA2026-6538-4B6A-AD10-76F52F7B956B} - \OneDrive Standalone Update Task v2 -> No File <==== ATTENTION
Task: {83282EEB-3A30-42A0-89DA-A0286DFB2C42} - \HPJumpStartLaunch -> No File <==== ATTENTION
Task: {8DC4F6F2-5AC8-41B5-8461-383B58804B47} - \Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask -> No File <==== ATTENTION
Task: {9051F8E3-A1F4-40A9-9C9B-7FD945BB33E6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1490800 2017-09-27] (HP Inc. -> HP Inc.)
Task: {90D8AC3B-77AE-45D0-B37B-F283AF8BE17B} - System32\Tasks\GoogleUpdateTaskMachineUA{999D8CB3-FE3A-4568-9481-BD588428617B} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-04-11] (Google LLC -> Google LLC)
Task: {924AAE1B-A930-4E3C-847E-DB2AD2A68B15} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-04-07] (Piriform Software Ltd -> Piriform)
Task: {9DDD16BB-8857-41AC-91A5-32E5CC613125} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {A44C9BA9-420D-4E83-B2C3-C159D990DC07} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1057648 2017-09-27] (HP Inc. -> HP Inc.)
Task: {AC605C1B-F8E3-405C-A160-CA3E3C77A100} - \Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start -> No File <==== ATTENTION
Task: {AC761CB0-BEBB-4B6E-8FFA-595F39A8FB9E} - \HPEA3JOBS -> No File <==== ATTENTION
Task: {D0218C70-9C99-4043-BF17-667E1AE5C42E} - \Microsoft\Windows\UpdateOrchestrator\Reboot -> No File <==== ATTENTION
Task: {D69E98AD-CA98-4239-83B2-A773EB3181EC} - \Microsoft\Windows\Management\Provisioning\PostResetBoot -> No File <==== ATTENTION
Task: {E14B0C43-9E0D-4F23-8A6A-A151E6A403AA} - \HPAudioSwitch -> No File <==== ATTENTION
Task: {F85F0F3A-C567-4753-87F7-0171420E57E7} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c02a1c66-44ae-4528-9811-a51921a9687b}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d1a4efaf-7448-4e55-8460-b97957e03018}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge Profile: C:\Users\12567\AppData\Local\Microsoft\Edge\User Data\Default [2022-05-08]
Edge Extension: (Browsing Protection by F-Secure) - C:\Users\12567\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cpikpibllpjmpnchjajlibnmmomnnhnm [2022-04-14]
Edge HKLM\...\Edge\Extension: [cpikpibllpjmpnchjajlibnmmomnnhnm]
Edge HKLM-x32\...\Edge\Extension: [cpikpibllpjmpnchjajlibnmmomnnhnm]

FireFox:
========
FF DefaultProfile: j917guwc.default
FF ProfilePath: C:\Users\12567\AppData\Roaming\Mozilla\Firefox\Profiles\j917guwc.default [2022-05-16]
FF ProfilePath: C:\Users\12567\AppData\Roaming\Mozilla\Firefox\Profiles\8mrf26rb.default-release [2022-05-16]

Chrome:
=======
CHR Profile: C:\Users\12567\AppData\Local\Google\Chrome\User Data\Default [2022-05-16]
CHR Extension: (Google Docs Offline) - C:\Users\12567\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-11]
CHR Extension: (Browsing Protection by F-Secure) - C:\Users\12567\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2022-04-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\12567\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-11]
CHR HKLM\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade]
CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 fshoster; C:\Program Files (x86)\Charter Security Suite\fshoster32.exe [234648 2022-03-24] (F-Secure Corporation -> F-Secure Corporation)
R2 fsnethoster; C:\Program Files (x86)\Charter Security Suite\fshoster32.exe [234648 2022-03-24] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulhoster; C:\Program Files (x86)\Charter Security Suite\Ultralight\ulcore\1651147404\fshoster64.exe [417048 2022-04-28] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulnethoster; C:\Program Files (x86)\Charter Security Suite\Ultralight\ulcore\1651147404\fshoster64.exe [417048 2022-04-28] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulorsp; C:\Program Files (x86)\Charter Security Suite\Ultralight\ulcore\1651147404\fsorsp64.exe [107208 2022-04-28] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulprothoster; C:\Program Files (x86)\Charter Security Suite\Ultralight\ulcore\1651147404\fsulprothoster.exe [417048 2022-04-28] (F-Secure Corporation -> F-Secure Corporation)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1325864 2017-07-25] (HP Inc. -> HP Inc.)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [477184 2017-10-06] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [223904 2022-04-28] (HP Inc. -> HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-04] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [323952 2017-09-27] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [628768 2017-07-13] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8524512 2022-05-16] (Malwarebytes Inc. -> Malwarebytes)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WildTangentHelper; C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe [1689984 2022-03-29] (WildTangent, Inc. -> )
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [287744 2022-02-10] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [154112 2021-10-13] (Microsoft Corporation) [File not signed]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [103888 2022-05-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\Charter Security Suite\Ultralight\ulcore\1651147404\fsulgk.sys [404512 2022-04-28] (Microsoft Windows Hardware Compatibility Publisher -> F-Secure Corporation)
R0 fsbts; C:\WINDOWS\System32\drivers\fsbts.sys [51736 2022-04-12] (Microsoft Windows Hardware Compatibility Publisher -> F-Secure Corporation)
S0 fselms; C:\WINDOWS\System32\drivers\fselms.sys [15816 2022-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> F-Secure Corporation)
R2 fsnif2; C:\Program Files (x86)\Charter Security Suite\Ultralight\nif2\1643898281\nif2s64.sys [172480 2022-04-12] (Microsoft Windows Hardware Compatibility Publisher -> F-Secure Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-05-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-05-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [194512 2022-05-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [70088 2022-05-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239560 2022-05-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181992 2022-05-16] (Malwarebytes Inc. -> Malwarebytes)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49600 2022-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [443664 2022-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-12] (Microsoft Windows -> Microsoft Corporation)
U3 aspnet_state; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-05-16 20:49 - 2022-05-16 20:52 - 000020205 _____ C:\Users\12567\Desktop\FRST.txt
2022-05-16 20:49 - 2022-05-16 20:46 - 002366976 _____ (Farbar) C:\Users\12567\Desktop\FRST64.exe
2022-05-16 20:48 - 2022-05-16 20:50 - 000000000 ____D C:\FRST
2022-05-16 20:46 - 2022-05-16 20:46 - 002366976 _____ (Farbar) C:\Users\12567\Downloads\FRST64.exe
2022-05-16 20:42 - 2022-05-16 20:46 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-05-16 20:42 - 2022-05-16 20:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-05-16 20:42 - 2022-05-16 20:42 - 000000000 ____D C:\Users\12567\AppData\Roaming\Mozilla
2022-05-16 20:42 - 2022-05-16 20:42 - 000000000 ____D C:\Users\12567\AppData\LocalLow\Mozilla
2022-05-16 20:42 - 2022-05-16 20:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-05-16 20:40 - 2022-05-16 20:40 - 000338608 _____ (Mozilla) C:\Users\12567\Downloads\Firefox Installer (1).exe
2022-05-16 20:39 - 2022-05-16 20:42 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-05-16 20:39 - 2022-05-16 20:42 - 000001000 _____ C:\Users\Public\Desktop\Firefox.lnk
2022-05-16 20:39 - 2022-05-16 20:39 - 000000000 ____D C:\Users\12567\AppData\Local\Mozilla
2022-05-16 20:38 - 2022-05-16 20:42 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-05-16 20:38 - 2022-05-16 20:38 - 000338608 _____ (Mozilla) C:\Users\12567\Downloads\Firefox Installer.exe
2022-05-16 20:32 - 2022-05-16 20:32 - 000070088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2022-05-16 20:31 - 2022-05-16 20:31 - 000194512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2022-05-16 20:31 - 2022-05-16 20:31 - 000181992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2022-05-16 20:07 - 2022-05-16 20:08 - 000000000 ____D C:\AdwCleaner
2022-05-16 20:07 - 2022-05-16 20:07 - 008551608 _____ (Malwarebytes) C:\Users\12567\Downloads\AdwCleaner (2).exe
2022-05-16 20:07 - 2022-05-16 20:07 - 008551608 _____ (Malwarebytes) C:\Users\12567\Downloads\AdwCleaner (1).exe
2022-05-16 20:06 - 2022-05-16 20:07 - 008551608 _____ (Malwarebytes) C:\Users\12567\Downloads\AdwCleaner.exe
2022-05-16 19:23 - 2022-05-16 19:23 - 000000000 ____D C:\Users\12567\AppData\Local\mbam
2022-05-16 19:22 - 2022-05-16 19:22 - 000239560 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-05-16 19:22 - 2022-05-16 19:22 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-05-16 19:22 - 2022-05-16 19:22 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-05-16 19:22 - 2022-05-16 19:22 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-05-16 19:22 - 2022-05-16 19:21 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-05-16 19:21 - 2022-05-16 19:21 - 000103888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-05-16 19:21 - 2022-05-16 19:21 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-05-16 19:21 - 2022-05-16 19:21 - 000000000 ____D C:\Program Files\Malwarebytes
2022-05-16 19:20 - 2022-05-16 19:20 - 002443448 _____ (Malwarebytes) C:\Users\12567\Downloads\MBSetup-130589.130589-consumer (3).exe
2022-05-16 19:19 - 2022-05-16 19:19 - 002443448 _____ (Malwarebytes) C:\Users\12567\Downloads\MBSetup-130589.130589-consumer (2).exe
2022-05-16 19:16 - 2022-05-16 19:16 - 002443448 _____ (Malwarebytes) C:\Users\12567\Downloads\MBSetup-130589.130589-consumer (1).exe
2022-05-16 19:15 - 2022-05-16 19:16 - 002443448 _____ (Malwarebytes) C:\Users\12567\Downloads\MBSetup-130589.130589-consumer.exe
2022-05-11 03:26 - 2022-05-11 03:26 - 000011799 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-05-11 03:25 - 2022-05-11 03:25 - 000093696 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-05-11 03:24 - 2022-05-11 03:24 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-05-11 02:53 - 2022-05-11 02:53 - 000000000 ___HD C:\$WinREAgent
2022-05-01 15:49 - 2022-05-01 15:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2022-04-28 23:42 - 2022-04-28 23:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2022-04-22 19:48 - 2022-04-22 19:48 - 000374944 _____ C:\WINDOWS\gethelp_audiotroubleshooter_latestpackage.zip
2022-04-22 19:48 - 2022-04-22 19:48 - 000000000 ____D C:\ProgramData\WindowsPerformanceRecorder
2022-04-21 23:06 - 2022-04-21 23:06 - 000000000 ____D C:\Program Files\PCHealthCheck

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-05-16 20:35 - 2022-04-12 09:28 - 000000000 ____D C:\Program Files\CCleaner
2022-05-16 20:35 - 2022-04-11 16:29 - 000910856 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-05-16 20:35 - 2022-04-11 13:45 - 000000000 ____D C:\WINDOWS\INF
2022-05-16 20:34 - 2022-04-11 20:23 - 000000000 ____D C:\Program Files (x86)\Google
2022-05-16 20:33 - 2022-04-11 13:47 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-05-16 20:31 - 2022-04-11 17:28 - 000000000 __SHD C:\Users\12567\IntelGraphicsProfiles
2022-05-16 20:31 - 2022-04-11 16:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-05-16 20:30 - 2022-04-11 15:59 - 000008192 ___SH C:\DumpStack.log.tmp
2022-05-16 20:30 - 2022-04-11 13:27 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-05-16 20:24 - 2022-04-11 15:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-05-16 19:22 - 2022-04-11 13:47 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-05-15 10:20 - 2022-04-11 13:47 - 000000000 ___HD C:\Program Files\WindowsApps
2022-05-15 10:20 - 2022-04-11 13:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-05-15 04:39 - 2022-04-11 16:02 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-05-11 17:44 - 2022-04-11 15:59 - 000258688 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-05-11 17:40 - 2022-04-11 13:47 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-05-11 17:40 - 2022-04-11 13:47 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-05-11 17:40 - 2022-04-11 13:47 - 000000000 ____D C:\WINDOWS\SystemResources
2022-05-11 17:40 - 2022-04-11 13:47 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-05-11 17:40 - 2022-04-11 13:47 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-05-11 17:40 - 2022-04-11 13:47 - 000000000 ____D C:\Program Files\Common Files\System
2022-05-11 03:35 - 2022-04-11 13:38 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-05-11 02:51 - 2022-04-11 19:03 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-05-11 02:47 - 2022-04-11 19:03 - 145501456 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-05-10 03:32 - 2022-04-11 16:02 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-05-10 03:32 - 2022-04-11 16:02 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-05-09 17:19 - 2022-04-11 17:34 - 000000000 ____D C:\Users\12567\AppData\Local\PlaceholderTileLogoFolder
2022-05-04 22:43 - 2022-04-11 17:33 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3292964692-1604838336-1727243791-1001
2022-05-04 22:43 - 2022-04-11 17:32 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3292964692-1604838336-1727243791-1001
2022-05-04 22:43 - 2022-04-11 17:26 - 000002390 _____ C:\Users\12567\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-05-02 14:37 - 2022-04-11 20:24 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-05-02 14:37 - 2022-04-11 20:24 - 000002213 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-05-01 22:58 - 2022-04-11 13:27 - 000000000 ____D C:\WINDOWS\servicing
2022-05-01 16:04 - 2022-04-12 10:18 - 000000000 ____D C:\Users\12567\AppData\Local\F-Secure
2022-04-28 23:42 - 2022-04-13 18:49 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2022-04-21 23:06 - 2022-04-11 19:09 - 000001153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2022-04-19 17:29 - 2022-04-11 20:23 - 000003496 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{999D8CB3-FE3A-4568-9481-BD588428617B}
2022-04-19 17:29 - 2022-04-11 20:23 - 000003372 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{F7CFA107-B0BF-4BBA-8DFE-D21E6A3A3B55}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-05-2022
Ran by 12567 (16-05-2022 20:54:17)
Running from C:\Users\12567\Desktop
Microsoft Windows 10 Home Version 21H1 19043.1706 (X64) (2022-04-11 21:30:52)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

12567 (S-1-5-21-3292964692-1604838336-1727243791-1001 - Administrator - Enabled) => C:\Users\12567
Administrator (S-1-5-21-3292964692-1604838336-1727243791-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3292964692-1604838336-1727243791-503 - Limited - Disabled)
Guest (S-1-5-21-3292964692-1604838336-1727243791-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3292964692-1604838336-1727243791-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Security Suite by F-Secure (Enabled - Up to date) {67E93A7F-FDB2-39E8-E991-EA71E0926EF7}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.92 - Piriform)
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 101.0.4951.54 - Google LLC)
HP Audio Switch (HKLM-x32\...\{BC852AA8-58F6-4F07-ACB1-7377E52CA4F3}) (Version: 1.0.150.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.7.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{cdb5f70f-5107-4613-bf69-15de903b5b5d}) (Version: 5.5.22560 - HP Inc.)
HP JumpStart Apps (HKLM-x32\...\HP JumpStart Apps) (Version: 7.0.32 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{3FC961DB-BD36-4D8D-B276-0C456A2BB638}) (Version: 1.4.0.441 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{F213102E-FD30-4E22-AF73-4C682D65FFEE}) (Version: 1.4.441.0 - HP Inc.)
HP Support Assistant (HKLM-x32\...\{4AAC4B07-77EF-4BCF-88DC-D24E4DE683E8}) (Version: 8.5.37.19 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{63F82052-C045-4F97-A3CA-C41D2CCA1FFA}) (Version: 12.8.37.11 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{4B0A7A8A-ECE5-4639-9A0D-C535F354313D}) (Version: 1.4.26 - HP Inc.)
Intel® Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1043 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4691 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.8.1.1007 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1725.1 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{00000080-0190-1033-84C8-B8D95FA3C8C3}) (Version: 19.80.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{8060a69f-ee27-444b-b126-775f861232ea}) (Version: 20.0.2 - Intel Corporation)
Malwarebytes version 4.5.9.198 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.9.198 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 101.0.1210.47 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 101.0.1210.47 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3292964692-1604838336-1727243791-1001\...\OneDriveSetup.exe) (Version: 22.077.0410.0007 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 100.0.1 (x64 en-US)) (Version: 100.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 100.0.1 - Mozilla)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31237 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.19.627.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8536 - Realtek Semiconductor Corp.)
Security Suite (HKLM-x32\...\{235B3536-A54E-4072-905F-FEFC431CEB2C}) (Version: 18.2 - F-Secure Corporation)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.1.1.19 - WildTangent)
WildTangent Helper (HKLM-x32\...\{A39303AB-4898-4F12-BAA0-0B8630F86DB4}) (Version: 5.0.0.305 - WildTangent) Hidden
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)

Packages:
=========
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.27.1.0_x64__6rarf9sa4v8jt [2022-04-22] (Disney)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.8.0_x64__xbfy0k16fey96 [2022-04-11] (Dropbox Inc.)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.4.443.0_x86__v10z8vjag6ke6 [2022-04-11] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_136.1.269.0_x64__v10z8vjag6ke6 [2022-04-28] (HP Inc.)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.15128.20224.0_x86__8wekyb3d8bbwe [2022-05-15] (Microsoft Corporation)
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.15128.20224.0_x86__8wekyb3d8bbwe [2022-05-15] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.15128.20224.0_x86__8wekyb3d8bbwe [2022-05-15] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.15128.20224.0_x86__8wekyb3d8bbwe [2022-05-15] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.15128.20224.0_x86__8wekyb3d8bbwe [2022-05-15] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.15128.20224.0_x86__8wekyb3d8bbwe [2022-05-15] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.3171.0_x64__8wekyb3d8bbwe [2022-04-11] (Microsoft Studios) [MS Ad]
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.15128.20224.0_x86__8wekyb3d8bbwe [2022-05-15] (Microsoft Corporation)
Power Media Player 14 for HP Consumer PCs with DVD -> C:\Program Files\WindowsApps\cyberlinkcorp.hs.powermediaplayer14forhpconsumerpc_14.2.9528.0_x86__06qsbagp91rvg [2022-04-11] (CYBERLINKCOM CORP)
Priceline.com: The Best Deals on Hotels, Flights and Rental Cars -> C:\Program Files\WindowsApps\PricelinePartnerNetwork.Priceline.comTheBestDealso_2.0.5.0_x64__mgae2k3ys4ra0 [2022-04-11] (Priceline Partner Network)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.4.4.0_x64__kx24dqmazqk8j [2022-04-11] (Random Salad Games LLC)
Smartfriend by HP Care -> C:\Program Files\WindowsApps\AD2F1837.SmartfriendbyHPCare_1.1.13.0_x64__v10z8vjag6ke6 [2022-04-11] (HP Inc.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0 [2022-05-15] (Spotify AB) [Startup Task]
VUDU Movies and TV -> C:\Program Files\WindowsApps\95FE1D22.VUDUMoviesandTV_3.0.1.0_neutral__0wkekwh8d6p78 [2022-04-11] (VUDU Inc.)
WildTangent Games -> C:\Program Files\WindowsApps\WildTangentGames.63435CFB65F55_2.0.84.0_x64__qt5r5pa5dyg8m [2022-04-11] (WildTangent Games)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [F-Secure DataGuard Icon Overlay] -> {CA789262-D278-40F7-AC12-19C0395F9DD9} => C:\Program Files (x86)\Charter Security Suite\FsShellExtension64.dll [2022-03-24] (F-Secure Corporation -> F-Secure Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-16] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>-> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5a1ab3b0567b3cdb\igfxDTCM.dll [2020-03-10] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-16] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2022-05-12 17:48 - 2022-05-12 17:48 - 000160768 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\b902286e090f4dd45044cb6e15c71ff6\BRIDGECommon.ni.dll
2022-05-12 17:49 - 2022-05-12 17:49 - 000125440 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\1719de6d78aff784defee226310e763e\BridgeExtension.ni.dll
2022-05-12 17:49 - 2022-05-12 17:49 - 000395264 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\b7febff1589b398211046b1f9edffc99\CleanStartController.ni.dll
2022-05-12 17:49 - 2022-05-12 17:49 - 000145920 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Registratio4eabc192#\69e4e4a4d7e105cc7df5fc204a9ce096\RegistrationUtilities.ni.dll
2022-05-12 17:49 - 2022-05-12 17:49 - 000136192 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CommonPortable\172b77b8e13fb0f61f5c5630bed4aebc\CommonPortable.ni.dll
2022-05-12 17:48 - 2022-05-12 17:48 - 002306560 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\f160bfbb9b76f5c5c3b8fcb44cbfab13\Newtonsoft.Json.ni.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-3292964692-1604838336-1727243791-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-3292964692-1604838336-1727243791-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
BHO: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\Charter Security Suite\Ultralight\http\1650532648\browser\fs_ie_https\fs_ie_https64.dll [2022-04-21] (F-Secure Corporation -> F-Secure Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-09-27] (HP Inc. -> HP Inc.)
BHO-x32: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\Charter Security Suite\Ultralight\http\1650532648\browser\fs_ie_https\fs_ie_https.dll [2022-04-21] (F-Secure Corporation -> F-Secure Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-09-27] (HP Inc. -> HP Inc.)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 08:46 - 2017-09-29 08:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3292964692-1604838336-1727243791-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\HP Backgrounds\backgroundDefault.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-3292964692-1604838336-1727243791-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3292964692-1604838336-1727243791-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{354FD8EB-0A00-4406-8B9D-1C7E61ABB19A}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel® Wireless Connectivity Solutions -> )
FirewallRules: [{93533D8C-0D98-4508-B2E6-10C908755CD2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{867C79FE-367A-4354-9C8A-68C544075885}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A13EE61B-9E60-4DD2-9EB1-41BB88B15A97}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C4D49E2D-191C-4B59-9E1B-F4EB08E880DC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{741D7AC6-6FC1-4A65-BB0A-8A8BF79F755B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{48CB7F8B-FE28-43B7-8F6E-862914F3714B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DAF7188B-8F37-4B33-B3FF-CB15D9EF6A09}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9341D860-0444-4305-AA2A-ADA910025CDF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1B035ABC-3C51-45F6-92E7-33CDA1611824}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{6F88A0E0-FA83-4677-82CA-ECC00B69F902}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0E6987C7-6755-43F0-B49F-522A747224ED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CCCE6141-45D3-4138-8FE2-6CF7CF49577B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0817E4C0-81D6-4C22-A2DD-39363A5EE21E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BC7D692E-CD3D-4FF0-A0C0-B00C48795A2A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3EE8F3D8-6BC0-4F81-ADAD-6E6CD9555EF6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1B33D3CA-CB76-40A0-B2A4-049C8D6843CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E49AFD49-5B71-4035-8332-FF17C7E6A571}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2A40472E-4F56-4068-BB4E-997B437C7B98}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.15128.20224.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E0B0FF19-B52E-4E11-89DF-EC56FE35F86D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\101.0.1210.47\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{38FE7FD8-B5D1-4881-AB41-26ADAE1CD874}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1362D747-5B25-4DB5-BDC9-3308C6DA1A3F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

==================== Restore Points =========================

30-04-2022 08:20:55 Windows Modules Installer
01-05-2022 08:21:19 Windows Modules Installer
08-05-2022 16:16:14 Scheduled Checkpoint
11-05-2022 02:51:25 Windows Modules Installer

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (05/11/2022 05:44:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname DESKTOP-019UCIE.local already in use; will try DESKTOP-019UCIE-2.local instead

Error: (05/11/2022 05:44:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister4 DESKTOP-019UCIE.local. Addr 192.168.1.7

Error: (05/11/2022 05:44:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.7:5353 16 DESKTOP-019UCIE.local. AAAA 2600:6C58:0200:023C:0000:0000:0000:0005

Error: (05/10/2022 08:27:13 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on RECOVERY (D:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (05/10/2022 08:27:12 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on Windows (C:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (05/04/2022 06:44:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname DESKTOP-019UCIE.local already in use; will try DESKTOP-019UCIE-2.local instead

Error: (05/04/2022 06:44:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister4 DESKTOP-019UCIE.local. Addr 192.168.1.7

Error: (05/04/2022 06:44:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.7:5353 16 DESKTOP-019UCIE.local. AAAA 2600:6C58:0200:023C:293B:389B:8AAE:6A88


System errors:
=============
Error: (05/16/2022 08:41:19 PM) (Source: Netwtw04) (EventID: 5007) (User: )
Description: 5007 - TX/CMD timeout (TfdQueue hanged)

Error: (05/16/2022 08:41:19 PM) (Source: Netwtw04) (EventID: 5007) (User: )
Description: 5007 - TX/CMD timeout (TfdQueue hanged)

Error: (05/01/2022 10:38:30 AM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}. The error:
"2147943855"
Happened while starting this command:
C:\WINDOWS\system32\wbem\wmiprvse.exe -secured -Embedding

Error: (05/01/2022 10:38:30 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {1F87137D-0E7C-44D5-8C73-4EFFB68962F2} did not register with DCOM within the required timeout.

Error: (05/01/2022 10:32:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Microsoft Account Sign-in Assistant service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (05/01/2022 10:32:59 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft Account Sign-in Assistant service to connect.

Error: (05/01/2022 10:01:54 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {1F87137D-0E7C-44D5-8C73-4EFFB68962F2} did not register with DCOM within the required timeout.

Error: (05/01/2022 08:41:31 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.


CodeIntegrity:
===============
Date: 2022-05-16 20:35:58
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Charter Security Suite\Ultralight\ulcore\1651147404\fsamsi64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: AMI F.24 01/23/2018
Motherboard: HP 82F2
Processor: Intel® Pentium® CPU G4560T @ 2.90GHz
Percentage of memory in use: 91%
Total physical RAM: 3984.34 MB
Available physical RAM: 342.95 MB
Total Virtual: 5904.34 MB
Available Virtual: 827.43 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:915.9 GB) (Free:866.58 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:14.37 GB) (Free:1.73 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{60c60de7-dd58-43a2-a3e0-7d2998ea9535}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.47 GB) NTFS
\\?\Volume{2f1cde20-afaa-4ae5-a2f1-e74035085d4e}\ () (Fixed) (Total:0.25 GB) (Free:0.18 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 747ADBD5)

Partition: GPT.

==================== End of Addition.txt =======================


Edited by trig, 16 May 2022 - 09:06 PM.

Popular Articles
Navigation Lists