Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-04-2023
Ran by fredp (administrator) on DESKTOP-HKKIPON (Alienware Alienware m17 R5 AMD) (06-04-2023 19:26:10)
Running from C:\Users\fredp\OneDrive\Desktop
Loaded Profiles: fredp
Platform: Microsoft Windows 11 Home Version 22H2 22621.1485 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPN.exe ->) (EXPRSVPN LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe
(C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.VpnService.exe ->) (EXPRSVPN LLC -> The OpenVPN Project) C:\Program Files (x86)\ExpressVPN\services\openvpn.exe
(C:\Program Files\Alienware\Alienware Command Center\AWCC.Service.exe ->) (Dell Inc -> Dell Technologies) C:\Program Files\Alienware\Alienware Command Center\AWCC.Background.Server.exe
(C:\Program Files\Alienware\Alienware Command Center\AWCC.Service.exe ->) (Dell Inc -> Dell Technologies) C:\Program Files\Alienware\Alienware Command Center\OCControlService\OCControl.Service.exe
(C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.UserSessionAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\DCF\Dell.DCF.UA.Bradbury.API.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DataManagerSubAgent\Dell.TechHub.DataManager.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DiagnosticsSubAgent\Dell.TechHub.Diagnostics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\AlwaysOnTop\PowerToys.AlwaysOnTop.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\Awake\PowerToys.Awake.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\ColorPicker\PowerToys.ColorPickerUI.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\FancyZones\PowerToys.FancyZones.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\KeyboardManager\KeyboardManagerEngine\PowerToys.KeyboardManagerEngine.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\launcher\PowerToys.PowerLauncher.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\PowerOCR\PowerToys.PowerOCR.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\Settings\PowerToys.Settings.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.8900.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\111.0.1661.62\msedgewebview2.exe <6>
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_ce09737aeee31fb0\DAX3API.exe ->) (Dolby Laboratories, Inc. -> ) C:\ProgramData\Dolby\DAX3\RADARHOST\DSRHost.exe
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_ce09737aeee31fb0\DAX3API.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~3.INF\DAX3API.exe
(DriverStore\FileRepository\u0383439.inf_amd64_373282d24608ea94\B383240\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0383439.inf_amd64_373282d24608ea94\B383240\atieclxx.exe
(explorer.exe ->) (EXPRSVPN LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPN.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Users\fredp\AppData\Local\Google\Chrome\Application\chrome.exe <16>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(services.exe ->) () [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0383439.inf_amd64_373282d24608ea94\B383240\atiesrxx.exe
(services.exe ->) (British Cayman Islands Intelligo Technology Inc. Taiwan Branch -> Intelligo Technology Inc.) C:\Windows\System32\DriverStore\FileRepository\igoaudioservice.inf_amd64_06dbba3b0824e6c2\IgoAudioService_x64.exe
(services.exe ->) (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Alienware Digital Delivery Services\Dell.D3.WinSvc.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\Fusion\FusionService.exe
(services.exe ->) (Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (Dell Inc -> Dell Technologies) C:\Program Files\Alienware\Alienware Command Center\AWCC.Service.exe
(services.exe ->) (Dell Inc -> Dell) C:\Program Files\Dell\TechHub\Dell.TechHub.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_ce09737aeee31fb0\DAX3API.exe
(services.exe ->) (EXPRSVPN LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.AppService.exe
(services.exe ->) (EXPRSVPN LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.SystemService.exe
(services.exe ->) (EXPRSVPN LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.VpnService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CredentialEnrollmentManager.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdmegpu.inf_amd64_50940ba92eaca245\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_1c0a31316508effa\RtkAudUService64.exe <3>
(sihost.exe ->) (F005DA31-7CE1-4D3E-ABEE-08A4AFF4F592 -> ) C:\Program Files\WindowsApps\dellinc.alienwareonscreendisplay_1.10.2.0_x86__htrsf667h5kn2\Win32\AlienwareOn-ScreenDisplay.exe
(svchost.exe ->) (British Cayman Islands Intelligo Technology Inc. Taiwan Branch -> Intelligo Technology Inc.) C:\Windows\System32\DriverStore\FileRepository\igoaudioservice.inf_amd64_06dbba3b0824e6c2\iGoSwServer.exe <2>
(svchost.exe ->) (Janos Mathe -> H.D.S. Hungary) C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\microsoft.sechealthui_1000.25305.1000.0_x64__8wekyb3d8bbwe\SecHealthUI.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21374.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21374.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\microsoft.xboxgamingoverlay_5.823.1271.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\microsoft.xboxgamingoverlay_5.823.1271.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\microsoft.yourphone_1.23022.140.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.8900.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\SecurityHealth\1.0.2302.21002-0\SecurityHealthHost.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_1c0a31316508effa\RtkAudUService64.exe [1596792 2022-09-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [381288 2023-03-20] (EXPRSVPN LLC -> ExpressVPN)
HKLM-x32\...\Run: [I19E] => C:\WINDOWS\twain_32\Brimi19e\Common\TwDsUiLaunch.exe [85944 2021-01-11] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3591168 2022-10-09] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3671040 2023-01-09] (Brother Industries, Ltd.) [File not signed]
HKU\S-1-5-21-3247745194-3029165324-3130719624-1001\...\Run: [MicrosoftEdgeAutoLaunch_84F953FEB4B40174043D59B459EAF93F] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4056016 2023-03-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3247745194-3029165324-3130719624-1001\...\Run: [Google Update] => C:\Users\fredp\AppData\Local\Google\Update\1.3.36.152\GoogleUpdateCore.exe [230360 2023-03-30] (Google LLC -> Google LLC)
HKU\S-1-5-21-3247745194-3029165324-3130719624-1001\...\Run: [ExpressVPN] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPN.exe [854376 2023-03-20] (EXPRSVPN LLC -> ExpressVPN)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0868C196-60E4-4327-99B0-94F17E7E4059} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_fredp => C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe [6103432 2022-03-14] (Janos Mathe -> H.D.S. Hungary)
Task: {0C5705A0-3D7E-4151-8E76-F64D2EF215D0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26409896 2023-04-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {17AB446C-7644-4CCD-BEC6-C87F86C53404} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MpCmdRun.exe [1645904 2023-03-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1FE90F10-4DC8-4225-A8F3-EB904D5A93FF} - System32\Tasks\PowerENGAGE => Command(1): msiexec -> /f {400A01BF-E908-4393-BD39-31E386377BDA} /quiet /qn
Task: {1FE90F10-4DC8-4225-A8F3-EB904D5A93FF} - System32\Tasks\PowerENGAGE => Command(2): PowerENGAGE.exe -> scheduled-run
Task: {2729F51C-003C-4E67-9BFF-9050524C73BC} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080 2022-03-31] (Nvidia Corporation -> NVIDIA Corporation)
Task: {27919CDE-0CD8-4096-8383-5412D45AB6E4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646344 2022-03-31] (Nvidia Corporation -> NVIDIA Corporation)
Task: {3B0FF6B3-19E5-4C97-AA6D-A969648F6816} - System32\Tasks\PowerToys\Autorun for fredp => C:\Program Files\PowerToys\PowerToys.exe [1103296 2023-03-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {43DF4E4F-4607-40A2-8D6C-5D404EACEBFB} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-3247745194-3029165324-3130719624-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [65536 2022-05-06] (Microsoft Windows -> Microsoft Corporation)
Task: {48752BE8-3146-4F12-9E3F-439D6B158167} - System32\Tasks\iGoAudioTask => C:\WINDOWS\System32\DriverStore\FileRepository\igoaudioservice.inf_amd64_06dbba3b0824e6c2\iGoSwServer.exe [371296 2022-09-27] (British Cayman Islands Intelligo Technology Inc. Taiwan Branch -> Intelligo Technology Inc.)
Task: {4B4D9B4C-F6C4-4AF0-8C54-50DB2961B2E5} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-31] (Nvidia Corporation -> NVIDIA Corporation)
Task: {5CA579F3-8DD3-4AF3-8EF0-18D4AB068ED7} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-02] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {5DBCECCB-AFDE-4285-9340-BB6D6C0B68A8} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\FrameworkAgents\SupportAssistInstaller.exe [665952 2023-01-31] (Dell Inc -> Dell Inc.)
Task: {6476CF37-014F-4796-80A8-A6AF70344867} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3247745194-3029165324-3130719624-1001UA{5C13E383-669F-4A21-882B-FCE035D77A95} => C:\Users\fredp\AppData\Local\Google\Update\GoogleUpdate.exe [171480 2023-03-30] (Google LLC -> Google LLC)
Task: {65A25EC7-DFFC-4651-9FA0-24B3333F6276} - System32\Tasks\iGoAudioTaskSession => C:\WINDOWS\System32\DriverStore\FileRepository\igoaudioservice.inf_amd64_06dbba3b0824e6c2\iGoSwServer.exe [371296 2022-09-27] (British Cayman Islands Intelligo Technology Inc. Taiwan Branch -> Intelligo Technology Inc.)
Task: {79B73759-E18B-4E3C-BC46-5C0A6719778A} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-31] (Nvidia Corporation -> NVIDIA Corporation)
Task: {800E6E64-B951-4AF2-981C-1E683ACFCB9E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-31] (Nvidia Corporation -> NVIDIA Corporation)
Task: {8C7561CD-2AB8-4FC9-99D3-FEB67631CA92} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MpCmdRun.exe [1645904 2023-03-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {90187184-4F9C-47F3-935D-6F120623EA30} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3247745194-3029165324-3130719624-1001Core{87E8B378-C78F-418C-B98F-6454B91A9922} => C:\Users\fredp\AppData\Local\Google\Update\GoogleUpdate.exe [171480 2023-03-30] (Google LLC -> Google LLC)
Task: {93F40677-88F4-4D49-8BCE-D536316889E8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MpCmdRun.exe [1645904 2023-03-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B3CF2F5D-24BF-428D-A634-4DC5F5CF6EC0} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [168880 2023-04-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {B412C791-183E-4F21-88D8-02A039A30141} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26409896 2023-04-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {BE571543-1CFD-4C34-811E-22C3B81D4A82} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MpCmdRun.exe [1645904 2023-03-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C3C31023-B4E7-435A-86F5-D661E6FF8592} - System32\Tasks\AWCC\Update => C:\Program Files (x86)\InstallShield Installation Information\{D2DA930B-CB5D-4DD6-BF62-BE6C310A353D}\Update\IMSilentUpdate.exe [19888 2023-02-06] (Dell Inc -> )
Task: {D17368D8-8FCC-4D46-9DCD-B0DB96FF977F} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-31] (Nvidia Corporation -> NVIDIA Corporation)
Task: {D88DD38D-82D3-4A0D-B59D-FBDE0C0E89C0} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144272 2023-04-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
Task: {E4548A1B-0351-4B5A-AF67-620D83C97EE2} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144272 2023-04-05] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.131.0.1
Tcpip\..\Interfaces\{1c6e5fee-2fa5-4be9-86f0-17fff26595be}: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{215f2c17-614a-4fc6-80f0-54b3556e6a28}: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{6bdb5fe4-356c-49dd-a681-34ee3faa2bc2}: [NameServer] 100.64.100.1
Tcpip\..\Interfaces\{9f890a1d-c7d1-4c16-8d2d-c330cd7f5500}: [DhcpNameServer] 10.131.0.1
Edge:
=======
Edge Profile: C:\Users\fredp\AppData\Local\Microsoft\Edge\User Data\Default [2023-04-06]
Edge Extension: (Edge relevant text changes) - C:\Users\fredp\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-06]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-03-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-03-30] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\fredp\AppData\Local\Google\Chrome\User Data\Default [2023-04-06]
CHR Extension: (Google Docs Offline) - C:\Users\fredp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-03-31]
CHR Extension: (Chrome Web Store Payments) - C:\Users\fredp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-31]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Alienware Digital Delivery Services; C:\Program Files (x86)\Alienware Digital Delivery Services\Dell.D3.WinSvc.exe [55712 2022-11-07] (Dell Inc -> )
R2 Alienware SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [22224 2022-10-26] (Dell Inc -> Dell INC.)
R2 AWCCService; C:\Program Files\Alienware\Alienware Command Center\AWCC.Service.exe [20912 2023-02-22] (Dell Inc -> Dell Technologies)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [372736 2023-01-04] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12634544 2023-04-05] (Microsoft Corporation -> Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [458960 2022-11-08] (Dell Inc -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [161488 2022-11-08] (Dell Inc -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [484560 2022-11-08] (Dell Inc -> Dell Technologies Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [47320 2022-11-18] (Dell Inc -> )
R2 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [156064 2022-08-16] (Dell Inc -> Dell)
R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_ce09737aeee31fb0\DAX3API.exe [2299944 2022-08-17] (Dolby Laboratories, Inc. -> Dolby Laboratories)
R2 ExpressVPN App Service; C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.AppService.exe [437096 2023-03-20] (EXPRSVPN LLC -> ExpressVPN)
R2 ExpressVPN System Service; C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.SystemService.exe [437096 2023-03-20] (EXPRSVPN LLC -> ExpressVPN)
R2 ExpressVPN VPN Service; C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.VpnService.exe [437096 2023-03-20] (EXPRSVPN LLC -> ExpressVPN)
R2 FusionService; C:\Program Files\Dell\Fusion\FusionService.exe [26792 2023-02-13] (Dell Inc -> Dell Inc.)
R2 IgoAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\igoaudioservice.inf_amd64_06dbba3b0824e6c2\IgoAudioService_x64.exe [35000 2022-09-27] (British Cayman Islands Intelligo Technology Inc. Taiwan Branch -> Intelligo Technology Inc.)
S2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_06dd582276d3f601\\AS\\IAS\\IntelAudioService.exe [532024 ] (Intel Corporation -> Intel)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [160096 2023-01-31] (Dell Inc -> Dell Inc.)
R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2022-11-10] () [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\NisSrv.exe [3224328 2023-03-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe [133544 2023-03-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [19456 2022-11-10] () [File not signed]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmegpu.inf_amd64_50940ba92eaca245\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvdmegpu.inf_amd64_50940ba92eaca245\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AMDAfdAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\amdacpafd.inf_amd64_3f818c4efacb8c98\amdacpafd.sys [412624 2022-08-15] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [35360 2022-06-01] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 amdpmf; C:\WINDOWS\System32\drivers\amdpmf.sys [105416 2021-12-22] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R2 AMDRyzenMasterDriverV19; C:\Program Files\Alienware\AMDRyzenMasterDriver\bin\AMDRyzenMasterDriver.sys [43336 2022-12-14] (Advanced Micro Devices INC. -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0383439.inf_amd64_373282d24608ea94\B383240\amdkmdag.sys [94462328 2022-09-13] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 amdwirelessbutton; C:\WINDOWS\System32\drivers\amdwirelessbutton.sys [41712 2021-12-22] (Advanced Micro Devices INC. -> Advanced Micro Devices, Inc)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R3 AWCCDriver; C:\WINDOWS\System32\drivers\AWCCDriver.sys [42448 2023-01-19] (IndiLogic LLC -> Dell Inc.)
R3 DBUtilDrv2; C:\WINDOWS\System32\drivers\DBUtilDrv2.sys [24968 2023-04-03] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
R3 DellInstrumentation; C:\WINDOWS\System32\drivers\DellInstrumentation.sys [47472 2022-09-21] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [42456 2021-09-29] (Dell Inc -> OSR Open Systems Resources, Inc.)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\driver\expressvpnsplittunnel.sys [46712 2023-03-20] (ExprsVPN LLC -> ExpressVPN)
R3 expressvpntun; C:\WINDOWS\System32\drivers\expressvpn-tun.sys [56552 2023-03-20] (Express VPN International Ltd. -> ExpressVPN)
S3 IntcSdwBus; C:\WINDOWS\System32\DriverStore\FileRepository\intcsdwbus.inf_amd64_4f92127e9a9f0760\IntcSdwBus.sys [509992 2022-06-02] (Intel Corporation -> Intel(R) Corporation)
S3 IntelGNA; C:\WINDOWS\System32\DriverStore\FileRepository\gna.inf_amd64_19ceb7ce67a7cf8b\gna.sys [87208 2021-09-17] (Intel Corporation -> Intel Corporation)
R3 MTKBTFilterX64; C:\WINDOWS\System32\drivers\mtkbtfilterx.sys [381360 2023-02-05] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 mtkwlex; C:\WINDOWS\System32\drivers\mtkwl6ex.sys [1656696 2023-02-05] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 nvpcf; C:\WINDOWS\System32\drivers\nvpcf.sys [231496 2022-05-30] (Nvidia Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R3 rt25cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt25cx21x64.inf_amd64_89da3c8218c64ec3\rt25cx21x64.sys [652264 2022-05-20] (Realtek Semiconductor Corp. -> Realtek)
R3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [61496 2023-03-20] (ExprsVPN LLC -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49608 2023-03-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [495896 2023-03-30] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99624 2023-03-30] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-04-06 18:42 - 2023-04-06 18:42 - 004245976
_ (Irfan Skiljan) C:\Users\fredp\Downloads\iview462_x64_setup.exe
2023-04-06 18:42 - 2023-04-06 18:42 - 000000000 ____D C:\Users\fredp\AppData\Roaming\IrfanView
2023-04-06 18:42 - 2023-04-06 18:42 - 000000000 ____D C:\Program Files\IrfanView
2023-04-06 18:40 - 2023-04-06 18:40 - 000000000 ____D C:\Users\fredp\AppData\Local\ElevatedDiagnostics
2023-04-06 10:01 - 2023-04-06 10:01 - 000001063
_ C:\Users\fredp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2023-04-06 09:59 - 2023-04-06 09:59 - 095927184
_ C:\Users\fredp\Downloads\torbrowser-install-win64-12.0.4_ALL.exe
2023-04-06 05:19 - 2023-04-06 18:59 - 000000000 ____D C:\Users\fredp\AppData\Local\CrashDumps
2023-04-05 23:48 - 2023-04-05 23:53 - 000000000 ____D C:\Program Files (x86)\Hard Disk Sentinel
2023-04-05 23:48 - 2023-04-05 23:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\HardDiskSentinel
2023-04-05 23:48 - 2023-04-05 23:48 - 000000000 ____D C:\Users\fredp\AppData\Roaming\Hard Disk Sentinel
2023-04-05 23:48 - 2023-04-05 23:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hard Disk Sentinel
2023-04-05 22:51 - 2023-04-05 22:51 - 000000000 ____D C:\Users\Default\AppData\Local\Dell
2023-04-05 22:51 - 2023-04-05 22:51 - 000000000 ____D C:\ProgramData\Alienware Command Center
2023-04-05 22:32 - 2023-04-05 22:32 - 000000000 ____D C:\WINDOWS\Minidump
2023-04-05 22:30 - 2023-04-05 22:31 - 000000000 ____D C:\AdwCleaner
2023-04-05 22:03 - 2023-04-06 19:26 - 000000000 ____D C:\FRST
2023-04-03 23:24 - 2023-04-03 23:24 - 000000000
_ C:\WINDOWS\invcol.tmp
2023-04-01 23:46 - 2023-04-01 23:56 - 000003280
_ C:\WINDOWS\system32\Tasks\Optimize Push Notification Data File-S-1-5-21-3247745194-3029165324-3130719624-1001
2023-03-31 10:55 - 2023-04-06 18:36 - 000000000 ____D C:\Program Files (x86)\PowerENGAGE
2023-03-31 10:55 - 2023-03-31 10:55 - 000003642
_ C:\WINDOWS\system32\Tasks\PowerENGAGE
2023-03-31 10:55 - 2023-03-31 10:55 - 000000000 ____D C:\Users\fredp\AppData\Roaming\PowerENGAGE
2023-03-31 10:55 - 2023-03-31 10:55 - 000000000 ____D C:\Users\fredp\AppData\Roaming\Brother
2023-03-31 10:55 - 2023-03-31 10:55 - 000000000 ____D C:\Users\fredp\AppData\Local\Brother
2023-03-31 10:53 - 2023-03-31 10:56 - 000000000 ____D C:\Program Files (x86)\Browny02
2023-03-31 10:53 - 2023-03-31 10:53 - 000002127
_ C:\Users\Public\Desktop\Brother Creative Center.lnk
2023-03-31 10:53 - 2023-03-31 10:53 - 000001692
_ C:\Users\Public\Desktop\Brother Utilities.lnk
2023-03-31 10:53 - 2023-03-31 10:53 - 000000964
_ C:\Users\Public\Desktop\Brother iPrint&Scan.lnk
2023-03-31 10:53 - 2023-03-31 10:53 - 000000000 ____D C:\ProgramData\PCFaxTx
2023-03-31 10:53 - 2023-03-31 10:53 - 000000000 ____D C:\ProgramData\PCFaxRx
2023-03-31 10:53 - 2023-03-31 10:53 - 000000000 ____D C:\Program Files (x86)\PC-FAXReceive
2023-03-31 10:53 - 2019-10-29 12:52 - 000318464
_ ( ) C:\WINDOWS\system32\BrFaxTxAppRunA64.dll
2023-03-31 10:53 - 2019-10-29 12:52 - 000000000
_ C:\WINDOWS\Brpfx04a.ini
2023-03-31 10:52 - 2019-09-26 16:19 - 000121344
_ () C:\WINDOWS\system32\BrNetSti.dll
2023-03-31 10:52 - 2019-07-12 15:45 - 000670208
_ C:\WINDOWS\system32\NSSRH64.dll
2023-03-31 10:52 - 2019-07-12 15:45 - 000072192
_ () C:\WINDOWS\system32\BrWiaNCp.dll
2023-03-31 10:52 - 2019-07-12 15:45 - 000065024
_ () C:\WINDOWS\system32\Brnsplg.dll
2023-03-31 10:43 - 2023-03-31 10:53 - 000000000 ____D C:\Program Files (x86)\Brother
2023-03-31 10:38 - 2023-03-31 10:42 - 277743840
_ (SOURCENEXT CORPORATION) C:\Users\fredp\Downloads\Y20C_C2_UWC_PP-usa-inst-B2.EXE
2023-03-31 10:36 - 2023-03-31 10:47 - 000000000 ____D C:\ProgramData\Brother
2023-03-31 10:34 - 2023-03-31 10:35 - 000000000 ____D C:\Users\fredp\Downloads\EasySetup_2_0_16_1
2023-03-31 10:18 - 2023-03-31 10:19 - 073119328
_ (SOURCENEXT CORPORATION) C:\Users\fredp\Downloads\EasySetup_2_0_16_1.EXE
2023-03-31 01:28 - 2023-03-31 01:28 - 000000000 ___HD C:\$WinREAgent
2023-03-31 00:55 - 2023-04-06 18:30 - 000000000 ____D C:\WINDOWS\system32\Tasks\PowerToys
2023-03-31 00:55 - 2023-03-31 00:55 - 000000000 ____D C:\Program Files\PowerToys
2023-03-31 00:50 - 2023-03-31 00:50 - 000000000 ____D C:\Users\fredp\AppData\Local\OneDrive
2023-03-31 00:45 - 2023-03-31 00:50 - 000000000 ____D C:\Users\fredp\AppData\Local\ExpressVPN
2023-03-31 00:45 - 2023-03-31 00:45 - 000002174
_ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ExpressVPN.lnk
2023-03-31 00:45 - 2023-03-31 00:45 - 000002162
_ C:\Users\Public\Desktop\ExpressVPN.lnk
2023-03-31 00:45 - 2023-03-31 00:45 - 000000000 ____D C:\Users\fredp\OneDrive\Documents\OneNote Notebooks
2023-03-31 00:45 - 2023-03-31 00:45 - 000000000 ____D C:\Users\fredp\AppData\Local\ToastNotificationManagerCompat
2023-03-31 00:45 - 2023-03-31 00:45 - 000000000 ____D C:\ProgramData\ExpressVPN
2023-03-31 00:45 - 2023-03-31 00:45 - 000000000 ____D C:\Program Files (x86)\ExpressVPN
2023-03-31 00:45 - 2023-01-26 16:31 - 000000173 ____R C:\Users\fredp\OneDrive\Documents\Fred's Notebook.url
2023-03-31 00:34 - 2023-03-31 00:34 - 000000000 ____D C:\Program Files (x86)\DummyDir
2023-03-31 00:28 - 2023-04-01 23:46 - 000001623
_ C:\WINDOWS\system32\config\VSMIDK
2023-03-31 00:26 - 2023-04-06 02:15 - 000000000 ____D C:\ProgramData\LogMeIn
2023-03-31 00:26 - 2023-03-31 00:26 - 000000000 ____D C:\Users\fredp\AppData\Local\LogMeIn
2023-03-31 00:23 - 2023-04-06 07:34 - 000000000 ____D C:\Program Files (x86)\LogMeIn Ignition
2023-03-31 00:23 - 2023-04-06 02:15 - 000000000 ____D C:\Users\fredp\AppData\Local\LogMeInIgnition
2023-03-31 00:23 - 2023-03-31 00:23 - 000002023
_ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2023-03-31 00:23 - 2023-03-31 00:23 - 000000000 ____D C:\Users\fredp\AppData\Roaming\LogMeInIgnition
2023-03-31 00:22 - 2023-03-31 00:22 - 010297344
_ C:\Users\fredp\Downloads\LogMeInIgnition.msi
2023-03-31 00:16 - 2023-03-31 00:16 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2023-03-31 00:16 - 2023-03-30 23:24 - 000002440
_ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-03-31 00:16 - 2023-03-30 23:24 - 000000000 ____D C:\WINDOWS\Panther
2023-03-31 00:16 - 2023-03-30 23:24 - 000000000 ____D C:\Windows.old
2023-03-31 00:12 - 2023-03-31 00:12 - 000000000 ____D C:\WINDOWS\Firmware
2023-03-31 00:11 - 2023-03-31 00:11 - 000008192
_ C:\WINDOWS\system32\config\userdiff
2023-03-31 00:06 - 2023-04-05 03:11 - 000002504
_ C:\Users\fredp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-03-31 00:06 - 2023-03-31 00:06 - 000003760
_ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3247745194-3029165324-3130719624-1001UA{5C13E383-669F-4A21-882B-FCE035D77A95}
2023-03-31 00:06 - 2023-03-31 00:06 - 000003492
_ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3247745194-3029165324-3130719624-1001Core{87E8B378-C78F-418C-B98F-6454B91A9922}
2023-03-31 00:03 - 2023-03-30 23:22 - 000000000 ___HD C:\$SysReset
2023-03-30 23:56 - 2023-03-30 23:56 - 000000000 ____D C:\Users\fredp\AppData\Local\Comms
2023-03-30 23:52 - 2023-03-31 00:07 - 000000000 ____D C:\Users\fredp\AppData\Local\Google
2023-03-30 23:52 - 2023-03-30 23:52 - 001427176
_ (Google LLC) C:\Users\fredp\Downloads\ChromeSetup.exe
2023-03-30 23:45 - 2023-04-06 10:45 - 000000000 ____D C:\Users\fredp\AppData\LocalLow\Mozilla
2023-03-30 23:45 - 2023-04-06 10:01 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-03-30 23:41 - 2023-03-30 23:41 - 000000000 ____D C:\Users\fredp\AppData\Local\Publishers
2023-03-30 23:33 - 2023-03-30 23:33 - 000000000 ____D C:\Users\fredp\AppData\Local\Dell
2023-03-30 23:30 - 2023-04-05 23:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-03-30 23:27 - 2023-03-30 23:27 - 000000000 ____D C:\Users\fredp\AppData\Local\CEF
2023-03-30 23:26 - 2023-04-06 18:36 - 000000000 ____D C:\Users\fredp\AppData\Local\PlaceholderTileLogoFolder
2023-03-30 23:26 - 2023-04-05 21:22 - 000003592
_ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3247745194-3029165324-3130719624-1001
2023-03-30 23:26 - 2023-04-05 21:22 - 000003380
_ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3247745194-3029165324-3130719624-1001
2023-03-30 23:26 - 2023-04-05 21:22 - 000002385
_ C:\Users\fredp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-03-30 23:26 - 2023-03-30 23:26 - 000000000 ____D C:\Users\fredp\AppData\Local\NVIDIA
2023-03-30 23:26 - 2023-03-30 23:26 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2023-03-30 23:25 - 2023-04-06 01:05 - 000804932
_ C:\WINDOWS\system32\PerfStringBackup.INI
2023-03-30 23:25 - 2023-03-30 23:25 - 000000000 ____D C:\Users\fredp\AppData\Local\Downloaded Installations
2023-03-30 23:24 - 2023-04-06 18:38 - 000000000 ____D C:\Users\fredp\AppData\Local\D3DSCache
2023-03-30 23:24 - 2023-04-06 18:36 - 000000000 ____D C:\Users\fredp\AppData\Local\Packages
2023-03-30 23:24 - 2023-03-31 00:45 - 000000000 ____D C:\Users\fredp\AppData\Local\ConnectedDevicesPlatform
2023-03-30 23:24 - 2023-03-31 00:26 - 000000000 ____D C:\Users\fredp\AppData\Local\AMD
2023-03-30 23:24 - 2023-03-30 23:27 - 000000000 ____D C:\Users\fredp\AppData\Local\NVIDIA Corporation
2023-03-30 23:24 - 2023-03-30 23:24 - 000000020 ___SH C:\Users\fredp\ntuser.ini
2023-03-30 23:24 - 2023-03-30 23:24 - 000000000 ____D C:\Users\fredp\AppData\Roaming\Adobe
2023-03-30 23:24 - 2023-03-30 23:24 - 000000000 ____D C:\Users\fredp\AppData\Local\VirtualStore
2023-03-30 23:22 - 2023-04-06 01:01 - 000003310
_ C:\WINDOWS\system32\Tasks\iGoAudioTask
2023-03-30 23:22 - 2023-04-06 01:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-03-30 23:22 - 2023-04-05 22:52 - 000000000 ____D C:\WINDOWS\system32\Tasks\AWCC
2023-03-30 23:22 - 2023-04-04 21:27 - 000003536
_ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-03-30 23:22 - 2023-04-04 21:27 - 000003412
_ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-03-30 23:22 - 2023-03-31 00:28 - 000003368
_ C:\WINDOWS\system32\Tasks\iGoAudioTaskSession
2023-03-30 23:22 - 2023-03-30 23:31 - 000003952
_ C:\WINDOWS\system32\Tasks\Dell SupportAssistAgent AutoUpdate
2023-03-30 23:22 - 2023-03-30 23:22 - 000003398
_ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-30 23:22 - 2023-03-30 23:22 - 000003152
_ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-30 23:22 - 2023-03-30 23:22 - 000002948
_ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-30 23:22 - 2023-03-30 23:22 - 000002948
_ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-30 23:22 - 2023-03-30 23:22 - 000002948
_ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-30 23:22 - 2023-03-30 23:22 - 000002948
_ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-30 23:22 - 2023-03-30 23:22 - 000002914
_ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-30 23:21 - 2023-04-05 22:40 - 000000000 ____D C:\Users\fredp
2023-03-30 23:18 - 2023-04-06 18:36 - 000000000 ____D C:\ProgramData\NVIDIA
2023-03-30 23:18 - 2023-04-01 20:59 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2023-03-30 23:18 - 2023-03-30 23:18 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2023-03-30 23:18 - 2023-03-30 23:18 - 000000000 ____D C:\ProgramData\Dolby
2023-03-30 23:17 - 2023-04-06 00:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-03-30 23:17 - 2023-03-31 01:34 - 000471320
_ C:\WINDOWS\system32\FNTCACHE.DAT
2023-03-30 23:17 - 2023-03-30 23:20 - 000000000 ____D C:\WINDOWS\system32\AMD
2023-03-30 23:17 - 2023-03-30 23:17 - 000000000 ____D C:\WINDOWS\system32\config\BFS
2023-03-30 23:17 - 2023-03-30 23:17 - 000000000 ____D C:\Program Files\AMD
2023-03-30 21:59 - 2023-03-30 21:59 - 039691408
_ (Dell Inc.) C:\Users\fredp\Downloads\MediaTek-MT7921-MT7922-Wi-Fi-UWD-Driver_89KDF_WIN_3.3.3.760_A11_01.EXE
2023-03-30 21:59 - 2023-03-30 21:59 - 039691408
_ (Dell Inc.) C:\Users\fredp\Downloads\MediaTek-MT7921-MT7922-Wi-Fi-UWD-Driver_89KDF_WIN_3.3.3.760_A11_01 (1).EXE
2023-03-30 21:56 - 2023-03-30 21:56 - 000702816
_ (Dell Inc.) C:\Users\fredp\Downloads\SupportAssistLauncher.exe
2023-03-28 22:16 - 2023-03-28 22:16 - 048184842
_ (SomePythonThings ) C:\Users\fredp\Downloads\ElevenClock.Installer.exe
2023-03-28 21:25 - 2023-03-28 21:25 - 000000000 ____D C:\Users\fredp\OneDrive\Documents\PowerToys
2023-03-28 21:24 - 2023-03-31 00:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerToys (Preview)
2023-03-28 18:44 - 2023-03-28 18:44 - 000001038
_ C:\Users\fredp\Downloads\Export-23032901423089219967a149bfe3.zip
2023-03-27 03:38 - 2023-03-27 03:39 - 000016658
_ C:\Users\fredp\OneDrive\Documents\cc_20230327_033852.reg
2023-03-27 02:25 - 2023-03-27 02:25 - 000000452
_ C:\Users\fredp\OneDrive\Documents\cc_20230327_022503.reg
2023-03-27 02:24 - 2023-03-27 02:24 - 000083484
_ C:\Users\fredp\OneDrive\Documents\cc_20230327_022420.reg
2023-03-27 02:24 - 2023-03-27 02:24 - 000006088
_ C:\Users\fredp\OneDrive\Documents\cc_20230327_022443.reg
2023-03-27 01:44 - 2023-03-31 00:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2023-03-27 01:44 - 2023-03-27 01:44 - 000000980
_ C:\Users\fredp\Downloads\Documents - Shortcut.lnk
2023-03-27 01:43 - 2023-03-27 01:43 - 054286968
_ (Piriform Software Ltd) C:\Users\fredp\Downloads\ccsetup610.exe
2023-03-27 00:29 - 2023-03-27 00:29 - 000000000 ___DL C:\E
2023-03-27 00:14 - 2023-03-27 00:14 - 000000000 ___RD C:\Users\fredp\OneDrive\Documents\DellInc.DellSupportAssistforPCs_htrsf667h5kn2!App
2023-03-24 15:14 - 2023-03-24 15:14 - 000000000 ___RD C:\Users\fredp\OneDrive\Documents\Microsoft.DiagnosticDataViewer_8wekyb3d8bbwe!App
2023-03-24 03:26 - 2023-03-24 03:26 - 000000000 ____D C:\Users\fredp\OneDrive\Documents\Custom Office Templates
2023-03-24 02:18 - 2023-03-24 02:18 - 000000000 ____H C:\Users\fredp\OneDrive\Documents\Default.rdp
2023-03-22 03:19 - 2023-03-22 03:19 - 062664616
_ (ExpressVPN) C:\Users\fredp\Downloads\expressvpn_windows_12.46.0.42_release.exe
2023-03-20 23:17 - 2023-03-31 10:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2023-03-20 16:45 - 2023-03-20 16:45 - 000061496
_ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tapexpressvpn.sys
2023-03-20 16:45 - 2023-03-20 16:45 - 000056552
_ (ExpressVPN) C:\WINDOWS\system32\Drivers\expressvpn-tun.sys
2023-03-20 07:16 - 2023-03-20 07:16 - 000391315
_ C:\Users\fredp\Downloads\3509-230318-Opp Ex Parte Final.pdf
2023-03-20 06:11 - 2023-03-20 06:11 - 000347441
_ C:\Users\fredp\Downloads\LTR ISR 4533-7120 draft (Natha)(18414727.1).pdf
2023-03-19 23:42 - 2023-03-19 23:42 - 000174843
_ C:\Users\fredp\Downloads\3509-230317-Ex Parte App to Cont Trial and Prop Ord-Amirtalesh.pdf
2023-03-12 19:36 - 2023-03-12 19:36 - 002580896
_ (Malwarebytes) C:\Users\fredp\Downloads\MBSetup.exe
2023-03-09 02:15 - 2023-03-09 02:15 - 000000000 __SHD C:\Do_Not_Delete
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-04-06 19:21 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-04-06 19:11 - 2022-05-06 22:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-04-06 18:52 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-04-06 18:42 - 2023-02-13 00:23 - 000000000 ____D C:\Users\fredp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2023-04-06 18:36 - 2022-05-06 22:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-04-06 01:18 - 2023-01-19 10:26 - 000000000 ____D C:\Program Files (x86)\Alienware Digital Delivery Services
2023-04-06 01:05 - 2022-05-06 22:22 - 000000000 ____D C:\WINDOWS\INF
2023-04-06 01:01 - 2023-01-26 16:29 - 000000000 __RHD C:\Users\fredp\OneDrive
2023-04-06 01:01 - 2023-01-19 10:15 - 000012288 ___SH C:\DumpStack.log.tmp
2023-04-06 01:00 - 2022-05-06 22:17 - 000524288
_ C:\WINDOWS\system32\config\BBI
2023-04-05 23:24 - 2023-01-19 10:26 - 000000000 ____D C:\ProgramData\Packages
2023-04-05 22:52 - 2023-01-19 10:23 - 000000000 ____D C:\Program Files\Alienware
2023-04-05 22:52 - 2023-01-19 10:18 - 000000000 ____D C:\ProgramData\Package Cache
2023-04-05 22:51 - 2023-01-19 10:23 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2023-04-05 22:51 - 2023-01-19 10:18 - 000000000 ____D C:\Program Files (x86)\Dell
2023-04-05 22:39 - 2023-01-19 10:26 - 000000000 ____D C:\Program Files\Microsoft Office
2023-04-05 22:32 - 2023-01-19 09:59 - 002552063 ____N C:\WINDOWS\Minidump\040523-16296-01.dmp
2023-04-05 02:43 - 2022-05-24 21:28 - 000000000 ____D C:\dell
2023-04-03 23:24 - 2023-01-19 10:18 - 000000000 ____D C:\ProgramData\Dell
2023-04-03 01:22 - 2023-01-19 10:18 - 000000000 ____D C:\Program Files\Dell
2023-04-01 18:35 - 2022-05-06 22:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-03-31 10:27 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\appcompat
2023-03-31 01:33 - 2022-05-06 22:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-03-31 01:33 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\UUS
2023-03-31 01:33 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\SystemResources
2023-03-31 01:33 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-03-31 01:33 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-03-31 01:33 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-03-31 01:33 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-03-31 01:33 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\Provisioning
2023-03-31 01:33 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-03-31 01:33 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-03-31 00:16 - 2023-01-26 16:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2023-03-31 00:16 - 2022-05-06 22:28 - 000000000 ____D C:\WINDOWS\Setup
2023-03-31 00:16 - 2022-05-06 22:24 - 000028672
_ C:\WINDOWS\system32\config\BCD-Template
2023-03-31 00:16 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2023-03-31 00:15 - 2022-05-06 22:25 - 000209920
_ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2023-03-31 00:15 - 2022-05-06 22:24 - 000249856
_ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2023-03-31 00:15 - 2022-05-06 22:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-03-31 00:15 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-03-31 00:15 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-03-31 00:15 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-03-31 00:15 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-03-31 00:15 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\SystemApps
2023-03-31 00:15 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-03-31 00:15 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-03-31 00:15 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-03-31 00:15 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2023-03-31 00:15 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\setup
2023-03-31 00:15 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-03-31 00:15 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-03-31 00:15 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-03-31 00:15 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\Globalization
2023-03-31 00:15 - 2022-05-06 22:24 - 000000000 ____D C:\Program Files\Common Files\System
2023-03-30 23:40 - 2022-05-06 22:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-03-30 23:40 - 2022-05-06 22:17 - 000000000 ____D C:\WINDOWS\servicing
2023-03-30 23:32 - 2023-01-19 10:15 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-03-30 23:32 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2023-03-30 23:32 - 2022-05-06 22:24 - 000000000 ____D C:\Program Files\Windows Defender
2023-03-30 23:30 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-03-30 23:24 - 2023-01-19 10:37 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-03-30 23:24 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2023-03-30 23:24 - 2022-05-06 22:24 - 000000000 ____D C:\ProgramData\USOPrivate
2023-03-30 23:22 - 2023-02-23 14:12 - 000000000 ____D C:\Users\fredp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2023-03-30 23:22 - 2023-01-26 22:11 - 000000000 ____D C:\Users\fredp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2023-03-30 23:22 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2023-03-30 23:22 - 2022-05-06 22:17 - 000032768
_ C:\WINDOWS\system32\config\ELAM
2023-03-30 23:20 - 2023-01-19 10:28 - 000000000 ____D C:\WINDOWS\{427AB09C-B3AD-4EB7-9D73-6D584684FE91}
2023-03-30 23:20 - 2023-01-19 10:28 - 000000000 ____D C:\Program Files (x86)\Alienware Update
2023-03-30 23:20 - 2023-01-19 10:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2023-03-30 23:20 - 2023-01-19 10:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2023-03-30 23:20 - 2023-01-19 10:26 - 000000000 ____D C:\Program Files\Microsoft Office 15
2023-03-30 23:20 - 2023-01-19 10:25 - 000000000 ____D C:\WINDOWS\nvmup
2023-03-30 23:20 - 2023-01-19 10:25 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2023-03-30 23:20 - 2023-01-19 10:25 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2023-03-30 23:20 - 2023-01-19 10:24 - 000000000 ____D C:\Program Files (x86)\Realtek
2023-03-30 23:20 - 2023-01-19 10:23 - 000000000 ____D C:\ProgramData\Alienware
2023-03-30 23:20 - 2023-01-19 10:10 - 000000000 ____D C:\WINDOWS\scratch
2023-03-30 23:20 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\spool
2023-03-30 23:19 - 2023-01-19 10:27 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2023-03-30 23:19 - 2023-01-19 10:18 - 000000000 ____D C:\Program Files\dotnet
2023-03-30 23:19 - 2023-01-19 10:14 - 000000000 ____D C:\backup
2023-03-30 23:19 - 2023-01-19 10:01 - 000000000 ____D C:\MFG
2023-03-30 23:19 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2023-03-30 23:19 - 2022-05-06 22:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-03-30 23:17 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\ServiceState
==================== Files in the root of some directories ========
2023-01-19 10:26 - 2021-05-14 04:42 - 000000235
_ () C:\ProgramData\LaunchOSDonce.vbs
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ===================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-04-2023
Ran by fredp (06-04-2023 19:27:00)
Running from C:\Users\fredp\OneDrive\Desktop
Microsoft Windows 11 Home Version 22H2 22621.1485 (X64) (2023-03-31 06:24:23)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3247745194-3029165324-3130719624-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3247745194-3029165324-3130719624-503 - Limited - Disabled)
fredp (S-1-5-21-3247745194-3029165324-3130719624-1001 - Administrator - Enabled) => C:\Users\fredp
Guest (S-1-5-21-3247745194-3029165324-3130719624-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3247745194-3029165324-3130719624-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Alienware CC Components for AWCC (1.1.37.0) (HKLM\...\Alienware CC Components for AWCC) (Version: 1.1.37.0 - Dell Inc) Hidden
Alienware Command Center Package Manager (HKLM-x32\...\{D2DA930B-CB5D-4DD6-BF62-BE6C310A353D}) (Version: 5.5.43.0 - Dell Inc.)
Alienware Command Center Suite (HKLM\...\{68089185-71B6-4DB5-8BD9-0F21D19BD744}) (Version: 5.5.43.0 - Dell Inc.) Hidden
Alienware Command Center Suite (HKLM-x32\...\InstallShield_{68089185-71B6-4DB5-8BD9-0F21D19BD744}) (Version: 5.5.43.0 - Dell Inc.) Hidden
Alienware Digital Delivery Services (HKLM-x32\...\{CF95CED4-3A1E-4486-B7FA-428C25D617ED}) (Version: 5.0.64.0 - Dell Inc.)
Alienware FX Display Smart Installer (2.2.11.0) (HKLM\...\AWFXDisp_SmartInstaller) (Version: 2.2.11.0 - Dell Inc) Hidden
Alienware FX Display001 Smart Installer (2.4.1.205) (HKLM\...\{ACFDF14D-FCE6-4D6E-AD2B-BEFAF66FDAF4}_is1) (Version: 2.4.1.205 - Dell Inc.) Hidden
Alienware OC Controls (HKLM-x32\...\{24b87c1a-6ce2-4d88-ba35-c17b38acba62}) (Version: 1.4.26.1430 - Dell Inc) Hidden
Alienware OCControls Service Installer (HKLM\...\{0E2007DF-D030-449E-892F-E09FF4F8ECAE}) (Version: 1.4.26.1430 - DELL Inc) Hidden
Alienware SupportAssist OS Recovery Plugin for Alienware Update (HKLM\...\{7DFEC04C-4CBC-4013-AAA2-A1E7B1CD135B}) (Version: 5.5.5.16208 - Dell Inc.) Hidden
Alienware SupportAssist OS Recovery Plugin for Alienware Update (HKLM-x32\...\{ab3f7261-beee-49b8-b31a-27dd1dfd122d}) (Version: 5.5.5.16208 - Dell Inc.)
Alienware SupportAssist Remediation (HKLM\...\{DEF2160E-12B6-477C-9D55-DF4B100E3E2B}) (Version: 5.5.5.16208 - Dell Inc.) Hidden
Alienware SupportAssist Remediation (HKLM-x32\...\{9dd30d6d-7999-4e32-9295-a2d7ece703ba}) (Version: 5.5.5.16208 - Dell Inc.)
Alienware Update for Windows 10 (HKLM\...\{41D2D254-D869-4CD8-B440-5DF49083C4BA}) (Version: 4.3.0 - Dell Inc.)
AppLogLibSetup (HKLM-x32\...\{52FB0C8F-DF05-4C61-AEB6-18C55F8C385F}) (Version: 1.0.3.0 - Brother Industries Ltd.) Hidden
BrLauncher (HKLM-x32\...\{9D02508E-D7FF-4DC4-B423-B4C2AD42FAC5}) (Version: 2.0.27.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{3DEA56AB-0899-41DF-8C4F-0A608FD36904}) (Version: 10.5.0.74 - Brother Industries, Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{d0c84829-3b3f-46d1-b292-e3fb77d972c2}) (Version: 10.5.0.74 - Brother Industries, Ltd.)
Brother PCFax Driver (HKLM-x32\...\{79262B43-9E15-4732-A034-BFD29D9BD077}) (Version: 1.4.1.0 - Brother Industries Ltd.) Hidden
Brother Port Driver (HKLM-x32\...\{F9496A68-777D-4B9F-A72B-34FCA4AB6D55}) (Version: 1.0.2.1 - Brother Industries Ltd.) Hidden
Brother PowerENGAGE (HKLM-x32\...\{3CE8B8E8-B33B-453C-BB7A-821ED6E18A24}) (Version: 1.0.27 - Aviata, Inc.)
Brother Printer Driver (HKLM-x32\...\{DC05CAEF-CDB0-4DAA-A8A1-5B72B4714FD3}) (Version: 1.1.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{2326DFD5-AF8C-46B0-B2BA-943999A62FB9}) (Version: 1.0.12.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{8B58D1A2-DFAD-4069-A0C0-7FD272B68BB3}) (Version: 1.0.30.0 - Brother Industries Ltd.) Hidden
Dell SupportAssist (HKLM\...\{82B84211-71FD-4AB7-87D1-68568646860F}) (Version: 3.13.2.14 - Dell Inc.)
ExpressVPN (HKLM-x32\...\{bbf35f5e-ff68-491e-be69-1772c80b4a8f}) (Version: 12.46.0.42 - ExpressVPN)
ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B898AD785B}) (Version: 12.46.0.42 - ExpressVPN) Hidden
Fusion Service (HKLM\...\{93D141B9-9B5E-485B-8ED1-97DE741EE768}) (Version: 2.2.14.0 - Dell.Inc) Hidden
Fusion Service (HKLM-x32\...\{6e578348-d226-4341-a69f-26274feac293}) (Version: 2.2.14.0 - Dell.Inc)
Google Chrome (HKU\S-1-5-21-3247745194-3029165324-3130719624-1001\...\Google Chrome) (Version: 111.0.5563.148 - Google LLC)
Hard Disk Sentinel PRO (HKLM-x32\...\Hard Disk Sentinel_is1) (Version: 6.01 - Janos Mathe)
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
HttpToUsbBridge (HKLM-x32\...\{E2D35939-25BF-4EC8-BF6D-F9C0AF8ECC11}) (Version: 2.0.30.1 - Brother Industries Ltd.)
IrfanView 4.62 (64-bit) (HKLM\...\IrfanView64) (Version: 4.62 - Irfan Skiljan)
LogMeIn Client (HKLM-x32\...\{71B8933C-E625-4B0D-9A9D-343ED72F3BC2}) (Version: 1.3.5398 - LogMeIn, Inc.)
Microsoft .NET Host - 6.0.9 (x64) (HKLM\...\{C30ABA3F-32C0-43D1-B3B8-9AEFD58A15D9}) (Version: 48.39.47157 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.9 (x64) (HKLM\...\{FD10B803-97FD-4867-9753-8784BC35D2F8}) (Version: 48.39.47157 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.9 (x64) (HKLM\...\{0B4F742D-2D47-4E95-B756-402822D31C48}) (Version: 48.39.47157 - Microsoft Corporation) Hidden
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.16227.20258 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 111.0.1661.62 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 111.0.1661.62 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3247745194-3029165324-3130719624-1001\...\OneDriveSetup.exe) (Version: 23.061.0319.0003 - Microsoft Corporation)
Microsoft OneNote - en-us (HKLM\...\OneNoteFreeRetail - en-us) (Version: 16.0.16227.20258 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29914 (HKLM-x32\...\{1b5476d9-ab8e-4b0d-b004-059a1bd5568b}) (Version: 14.28.29914.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931 (HKLM-x32\...\{d4cecf3b-b68f-4995-8840-52ea0fab646e}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29914 (HKLM-x32\...\{BD8C6100-7C7D-48DD-93BA-69F6828213FE}) (Version: 14.28.29914 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29914 (HKLM-x32\...\{42365A3A-622A-4EED-A727-FE192A794AFD}) (Version: 14.28.29914 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31931 (HKLM\...\{EAE242B1-0A26-485A-BFEB-0292EE9F03CB}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31931 (HKLM\...\{CF4C347D-954E-4543-88D2-EC17F07F466F}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.9 (x64) (HKLM\...\{C1CD2FC1-92E6-4DE2-89D8-6D309881856F}) (Version: 48.39.47171 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.9 (x64) (HKLM-x32\...\{569b351b-451b-48db-a2c7-7beb63411666}) (Version: 6.0.9.31620 - Microsoft Corporation)
NetworkRepairTool (HKLM-x32\...\{A195CE5F-17C2-4BC1-AFE1-665695F8FF2E}) (Version: 1.2.23.0 - Brother Industries, Ltd.) Hidden
NVIDIA FrameView SDK 1.2.7521.31103277 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7521.31103277 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.25.1.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.25.1.27 - NVIDIA Corporation)
NVIDIA Graphics Driver 512.80 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 512.80 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.39.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.3 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20332 - Microsoft Corporation) Hidden
PC-FAXReceive (HKLM-x32\...\{56D227E7-9A8E-4EFC-8401-1FFFF7DBA13B}) (Version: 1.8.421.0 - Brother Industries, Ltd.) Hidden
PCFaxTx (HKLM-x32\...\{4A924D32-17F1-4EFC-B2D8-BBCF1BC6E26C}) (Version: 3.7.15.1 - Brother Industries Ltd.) Hidden
PowerENGAGE (HKLM-x32\...\{400A01BF-E908-4393-BD39-31E386377BDA}) (Version: 3.2.16 - Aviata, Inc.) Hidden
PowerToys (Preview) (HKLM\...\{7F0C3584-ED21-4282-9931-50D173C2CCE5}) (Version: 0.68.1 - Microsoft Corporation) Hidden
PowerToys (Preview) x64 (HKLM-x32\...\{51efee50-0959-4cb6-8958-e1c1ba33fbdf}) (Version: 0.68.1 - Microsoft Corporation)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9369.1 - Realtek Semiconductor Corp.)
ScannerUtilityInstaller (HKLM-x32\...\{D94DD953-F38C-4220-A17C-9217106510A6}) (Version: 1.20.0.1 - Brother) Hidden
SoftwareUpdateNotification (HKLM-x32\...\{3D1AD910-B82B-4635-B1C3-0CEF9F6F3D34}) (Version: 1.0.21.0 - Brother Industries, Ltd.) Hidden
StatusMonitor (HKLM-x32\...\{2CA4537C-19BA-47F5-88A6-7C9DB6BD37B4}) (Version: 1.35.1.0 - Brother Industries, Ltd.) Hidden
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
Packages:
=========
Alienware Customer Connect -> C:\Program Files\WindowsApps\DellInc.AlienwareCustomerConnect_5.4.1.0_x64__htrsf667h5kn2 [2023-03-30] (Dell Inc)
Alienware Digital Delivery -> C:\Program Files\WindowsApps\DellInc.AlienwareDigitalDelivery_5.0.64.0_x64__htrsf667h5kn2 [2023-04-01] (Dell Inc)
Alienware OnScreen Display -> C:\Program Files\WindowsApps\dellinc.alienwareonscreendisplay_1.10.2.0_x86__htrsf667h5kn2 [2023-03-30] (Dell Inc)
Alienware Update -> C:\Program Files\WindowsApps\DellInc.AlienwareUpdate_4.8.20.0_x86__htrsf667h5kn2 [2023-03-30] (Dell Inc)
All My LAN -> C:\Program Files\WindowsApps\13258Thoroughsoft.AllMyLAN_1.1.7.0_x64__set6qczgvnq5g [2023-04-05] (Thoroughsoft)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\dellinc.dellsupportassistforpcs_3.13.7.0_x64__htrsf667h5kn2 [2023-03-31] (Dell Inc)
Diagnostic Data Viewer -> C:\Program Files\WindowsApps\Microsoft.DiagnosticDataViewer_4.2209.22941.0_x64__8wekyb3d8bbwe [2023-04-05] (Microsoft Corporation)
Direct Whois -> C:\Program Files\WindowsApps\KomodexSystems.DirectWhois_1.0.0.0_neutral__2164brwjfsjmg [2023-04-05] (Komodex Systems)
Dolby Access -> C:\Program Files\WindowsApps\dolbylaboratories.dolbyaccess_3.16.352.0_x64__rz1tebttyb220 [2023-03-30] (Dolby Laboratories)
Dolby Vision Extensions -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyVisionAccess_2.2.244.0_x64__rz1tebttyb220 [2023-03-30] (Dolby Laboratories)
intelliGo Neptune -> C:\Program Files\WindowsApps\IntelligoTechnologyInc.intelliGoNeptune_1.0.112.0_x64__zzw691tb7va64 [2023-03-30] (Intelligo Technology Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2023-04-05] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2023-04-05] (Microsoft Corporation) [MS Ad]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.39.0_x64__8wekyb3d8bbwe [2023-03-30] (Microsoft Corp.)
Mozilla Firefox -> C:\Program Files\WindowsApps\Mozilla.Firefox_111.0.1.0_x64__n80bbvh6b1yt2 [2023-03-30] (Mozilla)
ms-resource:app_name_ms_todo -> C:\Program Files\WindowsApps\Microsoft.Todos_2.93.6831.0_x64__8wekyb3d8bbwe [2023-04-05] (Microsoft Corporation) [Startup Task]
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\microsoft.mpeg2videoextension_1.0.50901.0_x64__8wekyb3d8bbwe [2023-03-30] (Microsoft Corporation)
My Alienware -> C:\Program Files\WindowsApps\DellInc.MyAlienware_2.2.4.0_x64__htrsf667h5kn2 [2023-03-30] (Dell Inc)
Network Inspector -> C:\Program Files\WindowsApps\48425ShipwreckSoftware.NetworkInspector_2.3.24.0_x64__jh2negtepkzpr [2023-04-05] (Shipwreck Software) [MS Ad]
Network Usage -> C:\Program Files\WindowsApps\7340RobertDurfee.NetworkUsage_3.1.8.0_x64__ygerwv1yqg9j8 [2023-04-05] (Robert Durfee)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\nvidiacorp.nvidiacontrolpanel_8.1.964.0_x64__56jybvy8sckqj [2023-03-30] (NVIDIA Corp.)
Power Automate -> C:\Program Files\WindowsApps\Microsoft.PowerAutomateDesktop_10.0.6154.0_x64__8wekyb3d8bbwe [2023-03-30] (Microsoft Corporation) [Startup Task]
PowerToys ImageResizer Context Menu -> C:\Program Files\PowerToys\modules\ImageResizer [2023-03-31] (0)
PowerToys PowerRename Context Menu -> C:\Program Files\PowerToys\modules\PowerRename [2023-03-31] (0)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.39.279.0_x64__dt26b99r8h8gj [2023-03-30] (Realtek Semiconductor Corp)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-03-30] (Microsoft Studios) [MS Ad]
Speech Pack - English (United States) -> C:\Program Files\WindowsApps\MicrosoftWindows.Speech.en-US.1_1.0.8.0_x64__cw5n1h2txyewy [2023-04-06] (Microsoft Windows)
System Internals -> C:\Program Files\WindowsApps\58380Millionerd.55815960D4FD3_2.3.54.0_neutral__gvk782kz518e0 [2023-04-05] (Million)
WiFi Analyzer -> C:\Program Files\WindowsApps\19965MATTHAFNER.WIFIANALYZER_2.6.1.0_x64__gs5k5vmxr2ste [2023-03-31] (Matt Hafner)
WiFi Manager -> C:\Program Files\WindowsApps\62283sudanec.WiFiManager_2.0.1.0_x64__jtya06md77q40 [2023-04-05] (sudanec)
WLAN-Monitor -> C:\Program Files\WindowsApps\42667Pinqinselektrostube.32892633D96D_1.1.0.0_x64__5d58qq83w4ter [2023-04-05] (Pinqinselektrostube)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3247745194-3029165324-3130719624-1001_Classes\CLSID\{10144713-1526-46C9-88DA-1FB52807A9FF}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.SvgThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3247745194-3029165324-3130719624-1001_Classes\CLSID\{1F9E0710-2073-435F-9C1B-F29946205947}\InprocServer32 -> C:\Users\fredp\AppData\Local\Google\Update\1.3.36.152\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3247745194-3029165324-3130719624-1001_Classes\CLSID\{3f5d0051-61b8-0f45-6166-996cfb4f914f}\localserver32 -> C:\Program Files\PowerToys\modules\launcher\PowerToys.PowerLauncher.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3247745194-3029165324-3130719624-1001_Classes\CLSID\{60789D87-9C3C-44AF-B18C-3DE2C2820ED3}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.MarkdownPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3247745194-3029165324-3130719624-1001_Classes\CLSID\{745fba2b-78ca-4eaf-6688-ba4f69a60391}\localserver32 -> C:\Program Files\Alienware\Alienware Command Center\AWCC.Background.Server.exe (Dell Inc -> Dell Technologies)
CustomCLSID: HKU\S-1-5-21-3247745194-3029165324-3130719624-1001_Classes\CLSID\{77257004-6F25-4521-B602-50ECC6EC62A6}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.StlThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3247745194-3029165324-3130719624-1001_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\fredp\AppData\Local\Google\Update\1.3.36.152\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3247745194-3029165324-3130719624-1001_Classes\CLSID\{A0257634-8812-4CE8-AF11-FA69ACAEAFAE}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.GcodePreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3247745194-3029165324-3130719624-1001_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\fredp\AppData\Local\Google\Chrome\Application\111.0.5563.148\notification_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3247745194-3029165324-3130719624-1001_Classes\CLSID\{D8034CFA-F34B-41FE-AD45-62FCBB52A6DA}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.MonacoPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3247745194-3029165324-3130719624-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\fredp\AppData\Local\Google\Update\1.3.36.152\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3247745194-3029165324-3130719624-1001_Classes\CLSID\{F2847CBE-CD03-4C83-A359-1A8052C1B9D5}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.GcodeThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3247745194-3029165324-3130719624-1001_Classes\CLSID\{FCDD4EED-41AA-492F-8A84-31A1546226E0}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.SvgPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers2: [FileLocksmithExt] -> {84D68575-E186-46AD-B0CB-BAEB45EE29C0} => C:\Program Files\PowerToys\modules\FileLocksmith\PowerToys.FileLocksmithExt.dll [2023-03-07] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [FileLocksmithExt] -> {84D68575-E186-46AD-B0CB-BAEB45EE29C0} => C:\Program Files\PowerToys\modules\FileLocksmith\PowerToys.FileLocksmithExt.dll [2023-03-07] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [PowerRenameExt] -> {0440049F-D1DC-4E46-B27B-98393D79486B} => C:\Program Files\PowerToys\modules\PowerRename\PowerToys.PowerRenameExt.dll [2023-03-07] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvdmegpu.inf_amd64_50940ba92eaca245\nvshext.dll [2022-06-14] (Nvidia Corporation -> NVIDIA Corporation)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2016-11-25 10:18 - 2016-11-25 10:18 - 000139264
_ () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2022-11-10 18:46 - 2022-11-10 18:46 - 000543744
_ () [File not signed] C:\Program Files (x86)\Browny02\BrMonitor.dll
2022-12-01 00:53 - 2022-12-01 00:53 - 001874432
_ () [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
2022-12-01 00:53 - 2022-12-01 00:53 - 000020480
_ () [File not signed] C:\Program Files (x86)\Browny02\OfferingService.dll
2023-03-31 10:52 - 2019-09-26 16:19 - 000121344
_ () [File not signed] C:\WINDOWS\system32\BrNetSti.dll
2017-03-02 15:19 - 2017-03-02 15:19 - 000310272 ____N (easyhook.codeplex.com) [File not signed] C:\ProgramData\Dolby\DAX3\RADARHOST\EasyHook64.dll
2022-11-07 12:53 - 2022-11-07 12:53 - 001548800
_ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Alienware Digital Delivery Services\SQLite.Interop.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-3247745194-3029165324-3130719624-1001\Software\Classes\regfile: <==== ATTENTION
HKU\S-1-5-21-3247745194-3029165324-3130719624-1001\Software\Classes\.reg: => <==== ATTENTION
HKU\S-1-5-21-3247745194-3029165324-3130719624-1001\Software\Classes\.bat: => <==== ATTENTION
HKU\S-1-5-21-3247745194-3029165324-3130719624-1001\Software\Classes\.cmd: => <==== ATTENTION
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-3247745194-3029165324-3130719624-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.alienwarearena.com/welcome-us
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-03-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-04-05] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2022-05-06 22:24 - 2022-05-06 22:22 - 000000824
_ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3247745194-3029165324-3130719624-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\themea\img20.jpg
DNS Servers: 10.131.0.1 - 192.168.254.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-3247745194-3029165324-3130719624-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_84F953FEB4B40174043D59B459EAF93F"
HKU\S-1-5-21-3247745194-3029165324-3130719624-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{63D4E386-34DB-4A3E-9DF0-03A5EE4CBAD0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{13E84BE4-9861-4460-9EC5-67E6113D149A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{9709BA26-B5C2-4DE9-8DBC-6ED379A6FD23}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{673870B4-62D9-463E-81A3-A5F8AA6F8B05}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{A9D2C093-3C80-405D-9B38-8C1B151083AD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{16C2FC97-5C84-42E1-B2EF-5DBAE74A3508}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{D8D9112E-EFD0-4291-89D2-1A5AEB58509C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{C14C20BD-149E-4BB6-82FC-30126C69E45D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\111.0.1661.62\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{0BAC1BED-23F5-4956-AF04-C75C0ED4E7BB}C:\users\fredp\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\fredp\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{91509B0A-65AE-4F1D-8FB6-3D3AD8459109}C:\users\fredp\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\fredp\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{03A9AC68-F811-4447-8FC9-ED6EF6DB54D6}] => (Allow) LPort=54925
FirewallRules: [{655A344F-7915-488F-9EB0-2B3BFF541E0B}] => (Allow) LPort=54950
FirewallRules: [{4FD38828-B9B7-4954-AE09-0B6500EEB2A6}] => (Allow) LPort=54955
FirewallRules: [{38D1B3CB-7B07-45BA-BED4-FB87A62F3912}] => (Allow) c:\program files (x86)\pc-faxreceive\brengineprocess.exe (Brother Industries, Ltd. -> Brother Industries, Ltd.)
FirewallRules: [{4A944CEC-A899-40AA-82E6-C46A3ED032F5}] => (Allow) c:\program files (x86)\pc-faxreceive\brengineprocess.exe (Brother Industries, Ltd. -> Brother Industries, Ltd.)
FirewallRules: [{9BAC68D4-F2ED-4548-9AAB-4F6643DEECF3}] => (Allow) C:\Program Files (x86)\Browny02\Brother\BrPrintFinishNotice\BrPrintFinishNotice.exe (Brother Industries, Ltd. -> )
FirewallRules: [{4E655236-DED2-4A04-9857-2291216C1F14}] => (Allow) C:\Program Files (x86)\Browny02\Brother\BrPrintFinishNotice\BrPrintFinishNotice.exe (Brother Industries, Ltd. -> )
FirewallRules: [TCP Query User{B0604404-BA95-4557-BB66-0612903F16A9}C:\program files (x86)\logmein ignition\lmiignition.exe] => (Allow) C:\program files (x86)\logmein ignition\lmiignition.exe (LogMeIn, Inc. -> LogMeIn, Inc.)
FirewallRules: [UDP Query User{91C6244B-3DDF-406D-B428-DAE208A7D660}C:\program files (x86)\logmein ignition\lmiignition.exe] => (Allow) C:\program files (x86)\logmein ignition\lmiignition.exe (LogMeIn, Inc. -> LogMeIn, Inc.)
FirewallRules: [{7CB63A66-C35F-4D5B-8147-65C9E09501D6}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23078.300.1950.927_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> )
FirewallRules: [{0BAF2920-A21F-4A30-8ED6-27233C91DCE1}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23078.300.1950.927_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> )
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:932.68 GB) (Free:610.12 GB) (65%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/06/2023 06:59:32 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-HKKIPON)
Description: Faulting application name: taskmgr.exe, version: 10.0.22621.1344, time stamp: 0xa925d5bc
Faulting module name: Windows.UI.Xaml.dll, version: 10.0.22621.1485, time stamp: 0x821275c1
Exception code: 0xc000027b
Fault offset: 0x00000000005ad05b
Faulting process id: 0x0x4c88
Faulting application start time: 0x0x1d968f416723084
Faulting application path: C:\WINDOWS\system32\taskmgr.exe
Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
Report Id: d6130cc0-c3ee-431b-9087-e9a12c5674a3
Faulting package full name:
Faulting package-relative application ID:
Error: (04/06/2023 06:58:54 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-HKKIPON)
Description: Faulting application name: SearchHost.exe, version: 623.3900.50.0, time stamp: 0x64125ca9
Faulting module name: Windows.UI.Xaml.dll, version: 10.0.22621.1485, time stamp: 0x821275c1
Exception code: 0xc0000409
Fault offset: 0x00000000001c6e45
Faulting process id: 0x0x3bb4
Faulting application start time: 0x0x1d968f481e53493
Faulting application path: C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe
Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
Report Id: 4a359e27-2162-492b-8fb8-05001bcf5ba1
Faulting package full name:
Faulting package-relative application ID:
Error: (04/06/2023 06:52:57 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: The program NetworkInspector.exe version 1.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Error: (04/06/2023 08:22:59 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {2829e5bc-bb6b-40aa-96ef-8dd9f4c6339c}
Error: (04/06/2023 08:15:42 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {2829e5bc-bb6b-40aa-96ef-8dd9f4c6339c}
Error: (04/06/2023 07:38:25 AM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-HKKIPON)
Description: Faulting application name: Widgets.exe, version: 421.20070.1500.0, time stamp: 0x641e44e9
Faulting module name: Widgets.exe, version: 421.20070.1500.0, time stamp: 0x641e44e9
Exception code: 0xc0000409
Fault offset: 0x000000000014da07
Faulting process id: 0x0x2314
Faulting application start time: 0x0x1d9685e0074e035
Faulting application path: C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.8900.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
Faulting module path: C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.8900.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
Report Id: 19fe83d5-81fd-4721-b870-e353fec47011
Faulting package full name: MicrosoftWindows.Client.WebExperience_423.8900.0.0_x64__cw5n1h2txyewy
Faulting package-relative application ID: Widgets
Error: (04/06/2023 05:19:39 AM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-HKKIPON)
Description: Faulting application name: LMIIgnition.exe, version: 1.3.0.5398, time stamp: 0x635964ad
Faulting module name: LMIIgnition.exe, version: 1.3.0.5398, time stamp: 0x635964ad
Exception code: 0xc0000409
Fault offset: 0x003f1b97
Faulting process id: 0x0x1f3c
Faulting application start time: 0x0x1d9688205e59972
Faulting application path: C:\Program Files (x86)\LogMeIn Ignition\LMIIgnition.exe
Faulting module path: C:\Program Files (x86)\LogMeIn Ignition\LMIIgnition.exe
Report Id: bcbcced9-9b6e-45f6-bc7b-bca90f8b59e1
Faulting package full name:
Faulting package-relative application ID:
Error: (04/06/2023 02:15:20 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {2829e5bc-bb6b-40aa-96ef-8dd9f4c6339c}
System errors:
=============
Error: (04/06/2023 08:12:10 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-HKKIPON)
Description: The server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} did not register with DCOM within the required timeout.
Error: (04/06/2023 01:01:36 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Intel(R) Audio Service service terminated with the following service-specific error:
The operation completed successfully.
Error: (04/06/2023 01:01:31 AM) (Source: SNMP) (EventID: 1500) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
Error: (04/06/2023 12:07:46 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-HKKIPON)
Description: The server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} did not register with DCOM within the required timeout.
Error: (04/06/2023 12:06:13 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Intel(R) Audio Service service terminated with the following service-specific error:
The operation completed successfully.
Error: (04/06/2023 12:06:07 AM) (Source: SNMP) (EventID: 1500) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
Error: (04/05/2023 10:41:21 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Intel(R) Audio Service service terminated with the following service-specific error:
The operation completed successfully.
Error: (04/05/2023 10:41:15 PM) (Source: SNMP) (EventID: 1500) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
Windows Defender:
================
Date: 2023-04-04 23:46:39
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-04-04 00:18:58
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-04-01 23:44:47
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
CodeIntegrity:
===============
Date: 2023-04-01 23:48:41
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\win32u.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: Alienware 1.7.0 02/09/2023
Motherboard: Alienware 0FDTJY
Processor: AMD Ryzen 9 6900HX with Radeon Graphics
Percentage of memory in use: 15%
Total physical RAM: 64755.52 MB
Available physical RAM: 54591.08 MB
Total Virtual: 73971.52 MB
Available Virtual: 61672.81 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:932.68 GB) (Free:610.12 GB) (Model: PC801 NVMe SK hynix 1TB) (Protected) NTFS
\\?\Volume{3e2c92b7-2a74-49c0-8cf9-46d1e985e9b6}\ (WINRETOOLS) (Fixed) (Total:1 GB) (Free:0.22 GB) NTFS
\\?\Volume{271e9d6e-def1-4889-bc12-8c71dbdfcf60}\ (Image) (Fixed) (Total:18.36 GB) (Free:0.1 GB) NTFS
\\?\Volume{8e1a14ad-82e4-4bb9-be60-998d2efd1910}\ (DELLSUPPORT) (Fixed) (Total:1.41 GB) (Free:0.47 GB) NTFS
\\?\Volume{be4a5e4d-dde6-4989-bbd5-0c4adf0542c1}\ (ESP) (Fixed) (Total:0.29 GB) (Free:0.16 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 953.9 GB) (Disk ID: 26FFCC7B)
Partition: GPT.
==================== End of Addition.txt =======================