A Problem I Haven't Seen Before

nightowl_80 · Mar 11, 2023

I am running a laptop, and I thought I had a virus ran all the READ ME FIRST steps and it didn't find anything. With that being said I am having a weird problem, after a few days on the laptop the laptop turns off and turns into a brick, nothing I can do to turn it back on. After a couple of months I try again and it magically turns on. However this time I am getting alot of programs not responding. Any advice or guidence?

plodr · Mar 12, 2023

The fact that it won't turn on sounds like a heat problem. It needs time to cool down. Have you opened it up and cleaned it out?

nightowl_80 · Mar 12, 2023

Yes, I read online that it would be a battery problem, and there is not one sign of dust in that machine. Also it’s not a battery problem

the mekanic · Mar 12, 2023

Make, model, OS please.

nightowl_80 · Mar 12, 2023

Asus X553MA Win 10 64 home

Oh My! · Apr 19, 2023

Do you still need assistance?

nightowl_80 · Apr 19, 2023

It hasn’t been solved yet, someone asked for make a model, I did so and haven’t been told anything else

Oh My! · Apr 19, 2023

Yes, I saw that.

Can you provide an update on what you are currently experiencing?

nightowl_80 · Apr 19, 2023

Not trying be rude but, my OP tells that

the mekanic · Apr 19, 2023

Is this your laptop?
https://www.asus.com/laptops/for-home/everyday-use/x553ma/techspec/

Oh My! · Apr 19, 2023

I understand that but it has been over a month since posting that. Things could have changed since then and we need to make sure we are starting with the most current information.

I would like us to start with this.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------

Download Farbar Recover Scan Tool for 64 bit systems and save it to your Desktop. <<< Important

If your computer language is other than English right click on the FRST64 icon and rename it to FRST64english

Right click on the icon and select Run as administrator

Note: If you receive any warning about the download it is a false positive and you can ignore it. Click on More info to get the Run anyway option

Click Yes to the disclaimer

Click Scan and allow the program to run

Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen

2 Notepad documents should now be open on your desktop.

Please copy and paste the contents of each report in separate reply windows

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:

FRST.txt

Addition.txt

nightowl_80 · Apr 19, 2023

the mekanic said: ↑

Is this your laptop?
https://www.asus.com/laptops/for-home/everyday-use/x553ma/techspec/
Click to expand...

yes it is, and the repots will come tonight or tomorrow morning

the mekanic · Apr 20, 2023

This is a really old machine. Materials fatigue over time. You need to rule out hardware. Or simply reseating the RAM may help. Lots of diagnostic tools here:
https://www.majorgeeks.com/files/details/ultimate_boot_cd_(ubcd).html

You can make a bootable USB, as well as a CD.

nightowl_80 · Apr 21, 2023

So I just put windows 11 on it last summer, trying to see if that would resolve the issue

Oh My! · Apr 21, 2023

Since the mekanic is replying I will step back and allow that to play out first. I will monitor the topic in case it is necessary to check for malicious software on the system.

Gary

the mekanic · Apr 21, 2023

Your processor is Intel 4th generation. Unless something has changed, it does not support Windows 11.

nightowl_80 · Apr 21, 2023

Now that you mention it, I think I got to the final stage of installing windows 11 and it said it couldn’t, thanks, I guess I updated it to windows 10

the mekanic · Apr 22, 2023

If the machine boots to Windows, can you install and run this? Let's get a look at the hard drive status.
https://www.majorgeeks.com/files/details/hard_disk_sentinel.html

nightowl_80 · Apr 23, 2023

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-04-2023 01
Ran by tripl_000 (23-04-2023 18:02:21)
Running from C:\Users\tripl_000\Downloads
Microsoft Windows 10 Home Version 22H2 19045.2846 (X64) (2022-12-20 05:19:10)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3709181692-2258053305-2263726531-500 - Administrator - Disabled)
Brigette (S-1-5-21-3709181692-2258053305-2263726531-1001 - Administrator - Enabled) => C:\Users\Brigette
DefaultAccount (S-1-5-21-3709181692-2258053305-2263726531-503 - Limited - Disabled)
Guest (S-1-5-21-3709181692-2258053305-2263726531-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3709181692-2258053305-2263726531-1003 - Limited - Enabled)
tripl_000 (S-1-5-21-3709181692-2258053305-2263726531-1004 - Administrator - Enabled) => C:\Users\tripl_000
WDAGUtilityAccount (S-1-5-21-3709181692-2258053305-2263726531-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0034 - ASUS)
Better-CrewLink 2.2.5 (HKU\S-1-5-21-3709181692-2258053305-2263726531-1001\...\03ceac78-9166-585d-b33a-90982f435933) (Version: 2.2.5 - OhMyGuus)
Discord (HKU\S-1-5-21-3709181692-2258053305-2263726531-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 112.0.5615.137 - Google LLC)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3408 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.0.0.1002 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{2D6248C0-4693-4CAB-9922-F05E4015F62A}) (Version: 1.1.1.1 - Intel Corporation) Hidden
Intel(R) Trusted Execution Engine Driver (HKLM\...\{6307E820-0317-4DCE-AAE0-7B6CAD867055}) (Version: 1.0.0.1064 - Intel Corporation) Hidden
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.16130.20394 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 112.0.1722.48 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 112.0.1722.48 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3709181692-2258053305-2263726531-1001\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3709181692-2258053305-2263726531-1004\...\OneDriveSetup.exe) (Version: 23.076.0409.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29325 (HKLM-x32\...\{33628a12-6787-4b9f-95a1-92449f69fae0}) (Version: 14.28.29325.2 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26405 (HKLM-x32\...\{ec9c2282-a836-48a6-9e41-c2f0bf8d678b}) (Version: 14.14.26405.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 x86 Additional Runtime - 14.14.26405 (HKLM-x32\...\{2BCACFA1-2BE1-373C-9051-76A9661D9FC4}) (Version: 14.14.26405 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.14.26405 (HKLM-x32\...\{644544A0-318A-344C-964C-4DBE2FB5F864}) (Version: 14.14.26405 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29325 (HKLM\...\{26AF0C35-55EC-4025-8D83-349E8FB1419F}) (Version: 14.28.29325 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29325 (HKLM\...\{7D0362D5-C699-4403-BC09-0C1DAD1D93AB}) (Version: 14.28.29325 - Microsoft Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.0.2 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20394 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13929.20386 - Microsoft Corporation) Hidden
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.27040 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.25.108.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8117 - Realtek Semiconductor Corp.)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StreamElements OBS.Live (HKLM-x32\...\StreamElements OBS.Live) (Version: 20.12.23.684 - StreamElements)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 4.13.1 - Tweaking.com)
WebAdvisor by McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.810 - McAfee, LLC)
Windows Driver Package - ASUS (ATP) Mouse (03/18/2014 6.0.0.35) (HKLM\...\DAA6E0EEB715139C1CEA332C78AB4609FB3C211B) (Version: 03/18/2014 6.0.0.35 - ASUS)
YouTube TV (HKU\S-1-5-21-3709181692-2258053305-2263726531-1004\...\6e756ac064d47f1ee44db5ce50db9807) (Version: 1.0 - Google\Chrome)
Zoom (HKU\S-1-5-21-3709181692-2258053305-2263726531-1001\...\ZoomUMX) (Version: 5.2.3 (45120.0906) - Zoom Video Communications, Inc.)

Packages:
=========
- Games App - -> C:\Program Files\WindowsApps\WildTangentGames.-GamesApp-_1.0.3.28_x86__qt5r5pa5dyg8m [2023-03-12] (WildTangent Games)
ASUS GIFTBOX -> C:\Program Files\WindowsApps\B9ECED6F.ASUSGIFTBOX_3.2.4.0_x64__qmba6cd70vzyy [2023-03-12] (ASUSTeK COMPUTER INC.)
ASUS PhotoDirector -> C:\Program Files\WindowsApps\F5080380.ASUSPhotoDirector_2.1.3706.2_x86__tfv7c950n6xcr [2023-03-12] (CyberLink Corp.)
ASUS PowerDirector -> C:\Program Files\WindowsApps\F5080380.ASUSPowerDirector_1.0.3618.38952_x86__tfv7c950n6xcr [2023-03-12] (CyberLink Corp.)
ASUS WebStorage -> C:\Program Files\WindowsApps\ASUSCloudCorporation.MobileFileExplorer_1.0.24.190_x86__wk4d32h0cvhem [2023-03-12] (ASUS Cloud Corporation)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.49.3.0_x64__6rarf9sa4v8jt [2023-03-30] (Disney)
Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.1.3.0_neutral__3f5azkryzdbc4 [2023-03-12] (Flipboard)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_3.1.10383.1000_x86__8wekyb3d8bbwe [2023-03-12] (Microsoft Corporation)
iHeartRadio -> C:\Program Files\WindowsApps\ClearChannelRadioDigital.iHeartRadio_7.3.7.0_x64__a76a11dkgb644 [2023-03-12] (iHeartMedia.)
Lexmark Printer Home -> C:\Program Files\WindowsApps\58539F3C.LexmarkPrinterHome_3.0.73.0_neutral__xyj5e99tmxdva [2023-04-14] (Lexmark International, Inc.)
LINE -> C:\Program Files\WindowsApps\NAVER.LINEwin8_7.15.0.0_x86__8ptj331gd3tyt [2023-03-12] (LINE Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2023-03-12] (Microsoft Corporation) [MS Ad]
MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2023-03-12] (Microsoft Corporation) [MS Ad]
MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2023-03-12] (Microsoft Corporation) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2023-03-12] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2023-03-12] (MAGIX)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2023-03-12] (Netflix, Inc.)
Skype WiFi -> C:\Program Files\WindowsApps\Microsoft.SkypeWiFi_1.2.0.7_x86__kzf8qxf38zg5c [2023-03-12] (Skype)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-03-23] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0 [2023-04-20] (Spotify AB) [Startup Task]
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.5.10.0_x64__qj0v5chwq8f2g [2023-03-12] (TripAdvisor LLC)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2023-03-12] (Twitter Inc.)
Zinio -> C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e [2023-03-12] (Zinio LLC)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3709181692-2258053305-2263726531-1004_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => -> No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.) [File not signed]
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2013-12-18] (Foxit Corporation -> Foxit Corporation)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSContextMenu.dll [2014-08-20] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
ContextMenuHandlers4: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\tripl_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube TV.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nlmaamaoahjiilibgbafebhafkeccjac

==================== Loaded Modules (Whitelisted) =============

2021-02-08 21:36 - 2021-02-08 21:36 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2021-02-08 21:36 - 2021-02-08 21:36 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3709181692-2258053305-2263726531-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-3709181692-2258053305-2263726531-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-3709181692-2258053305-2263726531-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-3709181692-2258053305-2263726531-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2022-07-20] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-04-20] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2022-07-20] (McAfee, LLC -> McAfee, LLC)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-04-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-04-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-04-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-04-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll No File

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3709181692-2258053305-2263726531-1001\...\sharepoint.com -> hxxps://liveconcorde-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2023-03-12 01:55 - 000000855 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3709181692-2258053305-2263726531-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Brigette\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-3709181692-2258053305-2263726531-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\tripl_000\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img1.jpg
DNS Servers: 192.168.12.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{82E937E9-150D-462A-A1AB-AF484BBE0236}C:\windows\system32\settingsynchost.exe] => (Allow) C:\windows\system32\settingsynchost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{949097E1-7B27-4359-AB9B-DD620392A725}C:\windows\system32\settingsynchost.exe] => (Allow) C:\windows\system32\settingsynchost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{9E7B0A83-40C2-4370-9DD8-BDA735D7286C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DEE1C067-06D2-488C-9BE5-5A8741FA9DC2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{32640DE9-CA46-408D-B225-2DF0515AB491}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{323DD740-464C-40F1-A7BF-B89147F4B9CD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{D31A669D-798B-4268-9282-9011A20A6864}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1A333789-7459-47D1-9CC5-A8FB723ABB83}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{89998D23-040F-4F08-A5DB-883DF8CA22C4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{294AE0FA-FE2A-46BB-8C93-5ACA25D203E0}] => (Allow) C:\Users\Brigette\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{8E538115-8C96-4424-A6AA-99120F09BC6A}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [{20CE3042-0638-4B3F-844D-C6115D3CF092}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [{14B28F79-3538-443A-8059-02A507E3BB7B}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{564A4039-5CE5-402F-8AD0-C0C53DDC38B7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{480C6602-A8F0-4CD4-AA2D-AB8069EA5E9D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{9E6EFAB9-EFA3-4B1E-B67D-E4ECCBA59176}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{01DF0815-250E-4BEF-A399-C43432F6D46B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{C9B70DF6-3CB5-42AC-9DE3-6A0E1C192420}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{284D641B-97E0-4BF9-8954-E4370CDB5014}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.48\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C2EE0997-8A9C-4728-B47E-143DF375C176}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{10E56094-DDA4-463B-AF01-27728A9BAEC8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{B1C13939-2C65-4273-AA4D-70C339BFD071}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{ED1223FB-98D8-4E21-BF5A-8A561F7F7BA5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{EF476F07-699E-453B-AD69-2CB060EFF133}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{4DEC9488-C89B-418F-9535-281605BCEF96}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{90103DC7-B5A9-4524-AD32-26853E586626}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{B4693F86-D574-458A-B922-25F5925983C9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{272D9C58-437D-432A-9E5A-BBC6FA11CB9C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{8686EFA7-832C-4E1B-B3AF-D23F07F2F16B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{4637DE0F-2C50-43F5-B6F3-CFA4981DBCC5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3408.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{2BF03060-9942-4C8F-82B1-7F359ECE1DFC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3408.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{E1110766-1320-41F7-BD32-6B81B9B943FD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3408.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{95C71D75-AEA4-412B-9F67-8395B68D3A92}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3408.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{A6F7B8F8-BD6C-4311-A36F-0767FCBE1F6A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

06-04-2023 04:59:15 Scheduled Checkpoint
12-04-2023 04:44:35 Windows Modules Installer

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (04/05/2023 04:30:41 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on Data (D because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (03/30/2023 03:31:42 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider ProtectionManagement attempted to register query "select * from MSFT_MpEvent" whose target class "MSFT_MpEvent" in //./root/Microsoft/Windows/Defender namespace does not exist. The query will be ignored.

Error: (03/30/2023 03:31:42 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider attempted to register query "select * from MSFT_MpEvent" whose target class "MSFT_MpEvent" in //./root/Microsoft/Windows/Defender namespace does not exist. The query will be ignored.

Error: (03/30/2023 03:31:42 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider ProtectionManagement attempted to register query "select * from MSFT_MpEvent" whose target class "MSFT_MpEvent" in //./root/Microsoft/Windows/Defender namespace does not exist. The query will be ignored.

Error: (03/23/2023 03:44:14 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.

Error: (03/23/2023 03:44:14 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (03/17/2023 08:52:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SearchApp.exe version 10.0.19041.2364 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 250

Start Time: 01d9593c2acf59b5

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

Report Id: 9265668c-4339-4b42-9b1f-63d721d5d817

Faulting package full name: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: CortanaUI

Hang type: Cross-thread

Error: (03/12/2023 02:19:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SearchApp.exe version 10.0.19041.2364 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1b98

Start Time: 01d955177feb2929

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

Report Id: e4429994-821e-4c3b-88a2-e613ea6fe0ca

Faulting package full name: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: ShellFeedsUI

Hang type: Quiesce

System errors:
=============
Error: (04/21/2023 04:27:32 AM) (Source: DCOM) (EventID: 10010) (User: BRIGETTE)
Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.

Error: (04/21/2023 04:27:31 AM) (Source: DCOM) (EventID: 10010) (User: BRIGETTE)
Description: The server Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider did not register with DCOM within the required timeout.

Error: (04/21/2023 02:24:39 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {F3B4E234-7A68-4E43-B813-E4BA55A065F6} did not register with DCOM within the required timeout.

Error: (04/20/2023 05:45:45 AM) (Source: DCOM) (EventID: 10010) (User: BRIGETTE)
Description: The server {ABC01078-F197-4B0B-ADBC-CFE684B39C82} did not register with DCOM within the required timeout.

Error: (04/20/2023 04:30:48 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {F3B4E234-7A68-4E43-B813-E4BA55A065F6} did not register with DCOM within the required timeout.

Error: (04/20/2023 03:42:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (04/20/2023 03:42:05 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.

Error: (04/20/2023 03:40:55 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 3:39:01 AM on ‎4/‎20/‎2023 was unexpected.

Windows Defender:
================
Date: 2023-04-21 04:14:13
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-04-21 02:27:48
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-04-20 05:07:11
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-04-20 04:46:10
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-04-20 04:38:47
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:

Date: 2023-04-23 17:55:43
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.387.1749.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.20200.4
Error code: 0x80070020
Error description: The process cannot access the file because it is being used by another process.

Date: 2023-04-23 17:55:43
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.387.1749.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.20200.4
Error code: 0x80070020
Error description: The process cannot access the file because it is being used by another process.

Date: 2023-04-23 17:55:43
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.387.1749.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.20200.4
Error code: 0x80070020
Error description: The process cannot access the file because it is being used by another process.

Date: 2023-04-20 04:00:27
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.387.968.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.20200.4
Error code: 0x80070020
Error description: The process cannot access the file because it is being used by another process.

Date: 2023-04-20 04:00:27
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.387.968.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.20200.4
Error code: 0x80070020
Error description: The process cannot access the file because it is being used by another process.

CodeIntegrity:
===============
Date: 2023-04-20 04:30:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-03-31 02:05:03
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-03-29 03:46:24
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-03-11 21:03:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. X553MA.209 08/08/2014
Motherboard: ASUSTeK COMPUTER INC. X553MA
Processor: Intel(R) Celeron(R) CPU N2930 @ 1.83GHz
Percentage of memory in use: 69%
Total physical RAM: 3982.55 MB
Available physical RAM: 1207.56 MB
Total Virtual: 5710.55 MB
Available Virtual: 2147.81 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:128.03 GB) (Model: ST500LT012-1DG142) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:258.35 GB) (Free:258.25 GB) (Model: ST500LT012-1DG142) NTFS

\\?\Volume{94ce6727-dc23-48cd-ab8c-874dd0bda2c5}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.52 GB) NTFS
\\?\Volume{8600068b-f199-4f29-9913-0b75eab5b74d}\ (Restore) (Fixed) (Total:20.01 GB) (Free:8.52 GB) NTFS
\\?\Volume{a9d8d7f3-ce61-4844-b66a-92ddd068a41f}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 70B666B0)

Partition: GPT.

==================== End of Addition.txt =======================

nightowl_80 · Apr 23, 2023

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-04-2023 01
Ran by tripl_000 (administrator) on BRIGETTE (ASUSTeK COMPUTER INC. X553MA) (23-04-2023 17:47:06)
Running from C:\Users\tripl_000\Downloads\FRST64.exe
Loaded Profiles: tripl_000
Platform: Microsoft Windows 10 Home Version 22H2 19045.2846 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(C:\Program Files\mcafee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\WebAdvisor\uihost.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MpCopyAccelerator.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <31>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.202\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.202\GoogleCrashHandler64.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\tripl_000\AppData\Local\Microsoft\OneDrive\23.076.0409.0001\Microsoft.SharePoint.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MpCmdRun.exe <3>
(services.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(services.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\NisSrv.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe
(svchost.exe ->) (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <2>
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21374.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.3261.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.3261.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <4>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\OLicenseHeartbeat.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DeviceCensus.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotification.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.2780_none_7df1b05c7ca1f251\TiWorker.exe <2>
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(svchost.exe ->) (Tweaking LLC -> Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-3709181692-2258053305-2263726531-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4282328 2022-06-06] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3709181692-2258053305-2263726531-1001\...\Run: [Discord] => C:\Users\Brigette\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3709181692-2258053305-2263726531-1004\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\tripl_000\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3709181692-2258053305-2263726531-1004\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\tripl_000\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3709181692-2258053305-2263726531-1004\...\RunOnce: [Uninstall 23.071.0402.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\tripl_000\AppData\Local\Microsoft\OneDrive\23.071.0402.0001" (No File)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\112.0.5615.137\Installer\chrmstp.exe [2023-04-20] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {084FD763-48DE-47BF-9C95-04783FACD8CD} - \McAfee\McAfee Idle Detection Task -> No File <==== ATTENTION
Task: {0EA6DC4F-F972-4EA3-99C8-3B774E52A092} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144320 2023-04-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {22692240-7142-42B3-8077-6AD37BE7D5E2} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26301352 2023-04-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {27688765-D940-4D40-B88E-E1DD315856BA} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [5249688 2023-04-12] (Microsoft Windows -> Microsoft Corporation)
Task: {28E3ED3B-3148-4FF3-BBE5-018F17C40C11} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {29424235-DBAF-4C68-9C76-D83E915CA749} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [220816 2019-09-30] (Tweaking LLC -> Tweaking.com)
Task: {34ABDD7D-5EC9-4285-A962-66E3671FBF55} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe (No File)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File)
Task: {4BAC6ADE-9C18-42CD-94E6-F2C2D6D7826C} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-04-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {62D5AA82-2FE3-4068-AAFF-44DE8E8C1A51} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [168840 2023-04-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {67DCB751-8398-478D-9E78-80D8B35054A4} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [109880 2014-01-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {7578F349-A623-43EE-8DCB-EA44E157DD1F} - \Microsoft\Windows\Setup\EOSNotify2 -> No File <==== ATTENTION
Task: {7B6A7138-9115-45FB-BB25-FC008284714E} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19723888 2014-03-27] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {7FB31E36-1453-4430-BDF8-96AA82C1D06E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MpCmdRun.exe [1645864 2023-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8001108E-A8ED-4D2B-8104-15E55779B570} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-04-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {86BF51A1-BCE2-4278-AC0D-DF2D92B0B575} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [158336 2013-01-09] (ASUSTeK Computer Inc. -> ASUSTek Computer INC.)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {948737BE-1336-4A83-9ED5-9025872F0A01} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144320 2023-04-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {A9DC0DC2-64CD-41A2-B675-93E55F297E1B} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [995824 2023-04-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {ABD15A09-4615-4AED-A49C-5C9693A5CA16} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MpCmdRun.exe [1645864 2023-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B3B442DD-82B0-427E-9629-F579D7BA2017} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MpCmdRun.exe [1645864 2023-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B65739ED-D833-410E-AD3E-0A3397BF05A3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26301352 2023-04-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {BF0AFD82-BEA3-47EF-979B-65ABE142C75F} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION
Task: {BF20C129-DF8F-4118-82B7-D63625948DA7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MpCmdRun.exe [1645864 2023-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CC49368C-A866-44D0-8DDA-1B82F84442BF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-20] (Google Inc -> Google Inc.)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {DC4E25BC-90F6-4FFB-94EE-BDF591B0896B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-20] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.12.1
Tcpip\..\Interfaces\{4FBB5D64-AE3F-4ABF-BF36-ADBBC7F7D74F}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{8b0ce054-cd31-44fd-a18f-a4038acb13e2}: [DhcpNameServer] 192.168.12.1

Edge:
=======
Edge Profile: C:\Users\tripl_000\AppData\Local\Microsoft\Edge\User Data\Default [2023-03-11]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2023-04-06] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-12-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] (Foxit Corporation -> )
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] (Foxit Corporation -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-12-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\tripl_000\AppData\Local\Google\Chrome\User Data\Default [2023-04-23]
CHR Extension: (Google Docs Offline) - C:\Users\tripl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\tripl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-09-22]
CHR Extension: (ShowZone) - C:\Users\tripl_000\Downloads\showzone-extension\showzone-extension [2022-12-19]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12512768 2023-04-20] (Microsoft Corporation -> Microsoft Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [856472 2023-04-06] (McAfee, LLC -> McAfee, LLC)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182328 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\NisSrv.exe [3228400 2023-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe [133536 2023-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [69904 2014-03-31] (ASUSTeK Computer Inc. -> ASUS Corporation)
R3 GPIO; C:\WINDOWS\System32\drivers\iaiogpioe.sys [31232 2013-11-10] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [42000 2023-03-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 iaioi2c; C:\WINDOWS\System32\drivers\iaioi2ce.sys [67584 2013-11-10] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-05] (ASUSTeK Computer Inc. -> )
S3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [521128 2017-11-21] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [108464 2017-11-21] (McAfee, Inc. -> McAfee LLC.)
R3 MpKslbc46d8c5; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{859CA22D-B825-4D9E-B25A-BD81F4B48834}\MpKslDrv.sys [211208 2023-04-21] (Microsoft Windows -> Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43368 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2023-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [497920 2023-04-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99608 2023-04-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-04-23 17:47 - 2023-04-23 17:54 - 000019872 _____ C:\Users\tripl_000\Downloads\FRST.txt
2023-04-23 17:46 - 2023-04-23 17:46 - 001440984 _____ C:\Users\tripl_000\Downloads\Unconfirmed 486565.crdownload
2023-04-23 17:45 - 2023-04-23 17:51 - 000000000 ____D C:\FRST
2023-04-23 17:44 - 2023-04-23 17:44 - 002381824 _____ (Farbar) C:\Users\tripl_000\Downloads\FRST64.exe
2023-04-12 04:47 - 2023-04-12 04:47 - 000000000 ___HD C:\$WinREAgent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-04-23 17:57 - 2022-09-22 22:24 - 000000000 ____D C:\Users\tripl_000\AppData\Roaming\Microsoft\Excel
2023-04-23 17:57 - 2018-03-20 18:55 - 000000000 ____D C:\Program Files (x86)\Google
2023-04-23 17:46 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-04-23 17:45 - 2022-09-22 20:22 - 000000000 ___RD C:\Users\tripl_000\OneDrive
2023-04-23 17:44 - 2022-12-21 01:58 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3709181692-2258053305-2263726531-1004
2023-04-23 17:44 - 2022-12-20 00:56 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3709181692-2258053305-2263726531-1004
2023-04-23 17:44 - 2022-12-20 00:03 - 000002437 _____ C:\Users\tripl_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-04-23 17:40 - 2022-12-20 01:02 - 000000000 __SHD C:\Users\tripl_000\IntelGraphicsProfiles
2023-04-23 17:40 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-04-21 02:35 - 2022-12-20 00:14 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-04-21 02:35 - 2019-12-07 04:13 - 000000000 ____D C:\WINDOWS\INF
2023-04-20 05:45 - 2022-12-20 00:03 - 000000000 ____D C:\Users\tripl_000
2023-04-20 05:44 - 2022-12-19 23:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-04-20 04:27 - 2018-03-20 18:56 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-04-20 04:24 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-04-20 04:12 - 2019-11-27 11:30 - 000000000 ____D C:\Program Files\Microsoft Office
2023-04-20 04:09 - 2020-09-22 09:44 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-04-20 03:40 - 2022-12-20 00:17 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-04-20 03:40 - 2022-12-19 23:47 - 000008192 ___SH C:\DumpStack.log.tmp
2023-04-14 04:48 - 2022-12-20 00:44 - 000000000 ____D C:\Users\tripl_000\AppData\Local\PlaceholderTileLogoFolder
2023-04-14 04:48 - 2022-09-22 20:19 - 000000000 ____D C:\Users\tripl_000\AppData\Local\Packages
2023-04-14 04:47 - 2022-12-20 13:24 - 000000000 ____D C:\Users\tripl_000\AppData\Roaming\Foxit Software
2023-04-14 04:06 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2023-04-14 04:04 - 2019-12-07 04:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-04-13 05:45 - 2022-12-19 23:47 - 000435384 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-04-13 05:41 - 2019-12-07 04:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-04-13 05:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-04-13 05:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-04-13 05:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-04-13 05:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-04-13 05:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-04-13 05:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-04-13 05:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-04-13 05:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-04-13 05:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-04-13 05:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-04-12 05:45 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-04-12 05:29 - 2022-12-19 23:51 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-04-12 04:04 - 2020-09-21 16:57 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-04-12 03:54 - 2020-09-21 16:56 - 156112424 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-04-12 03:01 - 2022-12-20 00:17 - 000003714 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-04-12 03:01 - 2022-12-20 00:17 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-04-12 02:55 - 2022-12-20 00:17 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-04-12 02:47 - 2022-12-20 00:17 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-04-12 02:47 - 2022-12-20 00:17 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== Files in the root of some directories ========

2022-09-22 21:00 - 2022-12-19 17:01 - 000000093 _____ () C:\Users\tripl_000\AppData\Roaming\sp_data.sys

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

nightowl_80 · Apr 23, 2023

the mekanic said: ↑

If the machine boots to Windows, can you install and run this? Let's get a look at the hard drive status.
https://www.majorgeeks.com/files/details/hard_disk_sentinel.html
Click to expand...

Okay I installed it, it says 100%, What would you like me to do?

nightowl_80 · Apr 23, 2023

-- General Information --

Application Information
-------------------------
Installed Version . . . . . . . . . . . . . . . : Hard Disk Sentinel 6.10
Registered To . . . . . . . . . . . . . . . . . : Unregistered version, please register.
Current Date And Time . . . . . . . . . . . . . : 4/23/2023 6:19:45 PM
Health Calculation Method . . . . . . . . . . . : Analyse data field (default)

Computer Information
----------------------
Computer Name . . . . . . . . . . . . . . . . . : BRIGETTE
User Name . . . . . . . . . . . . . . . . . . . : tripl_000
Computer Type . . . . . . . . . . . . . . . . . : Mobile
IP Address . . . . . . . . . . . . . . . . . . . : 192.168.12.34
MAC Address . . . . . . . . . . . . . . . . . . : AC-B5-7D-29-DF-B4
System Uptime . . . . . . . . . . . . . . . . . : 3 days, 14 hours, 39 minutes, 59 seconds
System Idle Time . . . . . . . . . . . . . . . . : 0 days, 0 hours, 0 minutes, 0 seconds
System Up Since . . . . . . . . . . . . . . . . : 4/20/2023 3:39:46 AM
CPU Usage . . . . . . . . . . . . . . . . . . . : CPU #1: 13 %, CPU #2: 12 %, CPU #3: 3 %, CPU #4: 4 %
Virtual Memory . . . . . . . . . . . . . . . . . : 5710 MB, Used: 3649 MB (64 %)

System Information
--------------------
Windows Version . . . . . . . . . . . . . . . . : Windows 10 Home 22H2
CPU Type & Speed #1 . . . . . . . . . . . . . . : Intel(R) Celeron(R) CPU N2930 @ 1.83GHz, 1833 MHz
CPU Type & Speed #2 . . . . . . . . . . . . . . : Intel(R) Celeron(R) CPU N2930 @ 1.83GHz, 1833 MHz
CPU Type & Speed #3 . . . . . . . . . . . . . . : Intel(R) Celeron(R) CPU N2930 @ 1.83GHz, 1833 MHz
CPU Type & Speed #4 . . . . . . . . . . . . . . : Intel(R) Celeron(R) CPU N2930 @ 1.83GHz, 1833 MHz
BIOS Manufacturer . . . . . . . . . . . . . . . : AMI
Physical Memory Size . . . . . . . . . . . . . . : 3983 MB, Used: 2824 MB (71 %)
Display Adapter . . . . . . . . . . . . . . . . : Intel(R) HD Graphics
Display Resolution . . . . . . . . . . . . . . . : 1366 x 768 (32 bit)
Printer #1 . . . . . . . . . . . . . . . . . . . : Fax
Printer #2 . . . . . . . . . . . . . . . . . . . : Foxit PhantomPDF Printer
Printer #3 . . . . . . . . . . . . . . . . . . . : Lexmark MX510 Series
Printer #4 . . . . . . . . . . . . . . . . . . . : Microsoft Print to PDF
Printer #5 . . . . . . . . . . . . . . . . . . . : Microsoft XPS Document Writer
Printer #6 . . . . . . . . . . . . . . . . . . . : OneNote (Desktop)
Printer #7 . . . . . . . . . . . . . . . . . . . : S-1-5-21-3709181692-2258053305-2263726531-1004:OneNote
Printer #8 . . . . . . . . . . . . . . . . . . . : S-1-5-21-3709181692-2258053305-2263726531-1004:OneNote for Windows 10
Network Controller #1 . . . . . . . . . . . . . : Realtek PCIe FE Family Controller
Network Controller #2 . . . . . . . . . . . . . : Qualcomm Atheros AR9485 Wireless Network Adapter
Optical Drive . . . . . . . . . . . . . . . . . : E: MATSHITA DVD-RAM UJ8E2 S / 1.00 (CD)

PCI Device Information
------------------------
PCI Bus 0; Device 2; Function 0 . . . . . . . . : Intel(R) HD Graphics
PCI Bus 0; Device 19; Function 0 . . . . . . . . : Intel(R) Pentium(R) processor N- and J-series / Intel(R) Celeron(R) processor N- and J-series AHCI - 0F23
PCI Bus 0; Device 20; Function 0 . . . . . . . . : %1 USB %2 eXtensible Host Controller - %3 (Microsoft);(Intel(R),3.0,1.0)
PCI Bus 0; Device 26; Function 0 . . . . . . . . : Intel(R) Trusted Execution Engine Interface
PCI Bus 0; Device 27; Function 0 . . . . . . . . : High Definition Audio Controller
PCI Bus 0; Device 28; Function 0 . . . . . . . . : Intel(R) Pentium(R) processor N- and J-series / Intel(R) Celeron(R) processor N- and J-series PCI Express - Root Port 1 - 0F48
PCI Bus 0; Device 28; Function 1 . . . . . . . . : Intel(R) Pentium(R) processor N- and J-series / Intel(R) Celeron(R) processor N- and J-series PCI Express - Root Port 2 - 0F4A
PCI Bus 0; Device 28; Function 3 . . . . . . . . : Intel(R) Pentium(R) processor N- and J-series / Intel(R) Celeron(R) processor N- and J-series PCI Express - Root Port 4 - 0F4E
PCI Bus 2; Device 0; Function 0 . . . . . . . . : Qualcomm Atheros AR9485 Wireless Network Adapter
PCI Bus 3; Device 0; Function 0 . . . . . . . . : Realtek PCIE CardReader
PCI Bus 3; Device 0; Function 2 . . . . . . . . : Realtek PCIe FE Family Controller

-- Physical Disk Information - Disk: #0: ST500LT012-1DG142 --

Hard Disk Summary
-------------------
Hard Disk Number . . . . . . . . . . . . . . . . : 0
Interface . . . . . . . . . . . . . . . . . . . : S-ATA Gen3, 6 Gbps
Disk Controller . . . . . . . . . . . . . . . . : Intel(R) Pentium(R) processor N- and J-series / Intel(R) Celeron(R) processor N- and J-series AHCI - 0F23 (AHCI) [VEN: 8086, DEV: 0F23] Version: 9.4.4.1005, 7-9-2013
Disk Location . . . . . . . . . . . . . . . . . : Bus Number 0, Target Id 0, LUN 0
Hard Disk Model ID . . . . . . . . . . . . . . . : ST500LT012-1DG142
Firmware Revision . . . . . . . . . . . . . . . : 0003SDM1
Hard Disk Serial Number . . . . . . . . . . . . : W3P73RAN
Total Size . . . . . . . . . . . . . . . . . . . : 476937 MB
Power State . . . . . . . . . . . . . . . . . . : Active
Device Type . . . . . . . . . . . . . . . . . . : Fixed Disk
Logical Drive(s) . . . . . . . . . . . . . . . . : C: [OS] D: [Data]
Current Temperature . . . . . . . . . . . . . . : 39 °C
Power On Time . . . . . . . . . . . . . . . . . : 177 days, 19 hours
Estimated Remaining Lifetime . . . . . . . . . . : more than 1000 days
Health . . . . . . . . . . . . . . . . . . . . . : #################### 100 % (Excellent)
Performance . . . . . . . . . . . . . . . . . . : #################### 100 % (Excellent)

The hard disk status is PERFECT. Problematic or weak sectors were not found and there are no spin up or data transfer errors.
No actions needed.

ATA Information
-----------------
Hard Disk Cylinders . . . . . . . . . . . . . . : 969021
Hard Disk Heads . . . . . . . . . . . . . . . . : 16
Hard Disk Sectors . . . . . . . . . . . . . . . : 63
ATA Revision . . . . . . . . . . . . . . . . . . : ATA8-ACS version 4
Transport Version . . . . . . . . . . . . . . . : SATA Rev 3.0
Total Sectors . . . . . . . . . . . . . . . . . : 122096646
Bytes Per Sector . . . . . . . . . . . . . . . . : 4096 [Advanced Format]
Multiple Sectors . . . . . . . . . . . . . . . . : 16
Error Correction Bytes . . . . . . . . . . . . . : 4
Unformatted Capacity . . . . . . . . . . . . . . : 476940 MB
Maximum PIO Mode . . . . . . . . . . . . . . . . : 4
Maximum Multiword DMA Mode . . . . . . . . . . . : 2
Highest Possible Transfer Rate . . . . . . . . . : S-ATA Gen3 Signaling Speed (6 Gps)
Negotiated Transfer Rate . . . . . . . . . . . . : S-ATA II Signaling Speed (3 Gps)
Minimum Multiword DMA Transfer Time . . . . . . : 120 ns
Recommended Multiword DMA Transfer Time . . . . : 120 ns
Minimum PIO Transfer Time Without IORDY . . . . : 120 ns
Minimum PIO Transfer Time With IORDY . . . . . . : 120 ns
ATA Control Byte . . . . . . . . . . . . . . . . : Valid
ATA Checksum Value . . . . . . . . . . . . . . . : Valid

Acoustic Management Configuration
-----------------------------------
Acoustic Management . . . . . . . . . . . . . . : Not supported
Acoustic Management . . . . . . . . . . . . . . : Disabled
Current Acoustic Level . . . . . . . . . . . . . : Default (00h)
Recommended Acoustic Level . . . . . . . . . . . : Balanced performance and volume (D0h)

ATA Features
--------------
Read Ahead Buffer . . . . . . . . . . . . . . . : Supported, Enabled
DMA . . . . . . . . . . . . . . . . . . . . . . : Supported
Ultra DMA . . . . . . . . . . . . . . . . . . . : Supported
S.M.A.R.T. . . . . . . . . . . . . . . . . . . . : Supported
Power Management . . . . . . . . . . . . . . . . : Supported
Write Cache . . . . . . . . . . . . . . . . . . : Supported
Host Protected Area . . . . . . . . . . . . . . : Supported
HPA Security Extensions . . . . . . . . . . . . : Supported
Advanced Power Management . . . . . . . . . . . : Supported, Enabled
Advanced Power Management Level . . . . . . . . : Minimum power consumption without standby (128)
Extended Power Management . . . . . . . . . . . : Not supported
Power Up In Standby . . . . . . . . . . . . . . : Supported
48-Bit LBA Addressing . . . . . . . . . . . . . : Supported
Device Configuration Overlay . . . . . . . . . . : Supported
IORDY Support . . . . . . . . . . . . . . . . . : Supported
Read/Write DMA Queue . . . . . . . . . . . . . . : Not supported
NOP Command . . . . . . . . . . . . . . . . . . : Supported
Trusted Computing . . . . . . . . . . . . . . . : Not supported
64-Bit World Wide ID . . . . . . . . . . . . . . : 5000C500783D954D
Streaming . . . . . . . . . . . . . . . . . . . : Not supported
Media Card Pass Through . . . . . . . . . . . . : Not supported
General Purpose Logging . . . . . . . . . . . . : Supported
Error Logging . . . . . . . . . . . . . . . . . : Supported
CFA Feature Set . . . . . . . . . . . . . . . . : Not supported
CFast Device . . . . . . . . . . . . . . . . . . : Not supported
Long Physical Sectors (8) . . . . . . . . . . . : Supported
Long Logical Sectors . . . . . . . . . . . . . . : Not supported
Write-Read-Verify . . . . . . . . . . . . . . . : Supported, Enabled
NV Cache Feature . . . . . . . . . . . . . . . . : Not supported
NV Cache Power Mode . . . . . . . . . . . . . . : Not supported
NV Cache Size . . . . . . . . . . . . . . . . . : Not supported
Free-fall Control . . . . . . . . . . . . . . . : Not supported
Free-fall Control Sensitivity . . . . . . . . . : Not supported
Service Interrupt . . . . . . . . . . . . . . . : Not supported
IDLE IMMEDIATE Command With UNLOAD Feature . . . : Supported
Zoned Capabilities . . . . . . . . . . . . . . . : Not supported
SCT Command Transport . . . . . . . . . . . . . : Supported
SCT Error Recovery Control . . . . . . . . . . . : Not supported
Nominal Media Rotation Rate . . . . . . . . . . : 5400 RPM
Nominal Form Factor . . . . . . . . . . . . . . : 2.5 inch

SSD Features
--------------
Data Set Management . . . . . . . . . . . . . . : Not supported
TRIM Command . . . . . . . . . . . . . . . . . . : Not supported
Deterministic Read After TRIM . . . . . . . . . : Not supported
Read Zeroes After TRIM . . . . . . . . . . . . . : Not supported

S.M.A.R.T. Details
--------------------
Off-line Data Collection Status . . . . . . . . : Never Started
Self Test Execution Status . . . . . . . . . . . : Successfully Completed
Total Time To Complete Off-line Data Collection : 0 seconds
Execute Off-line Immediate . . . . . . . . . . . : Supported
Abort/restart Off-line By Host . . . . . . . . . : Not supported
Off-line Read Scanning . . . . . . . . . . . . . : Not supported
Short Self-test . . . . . . . . . . . . . . . . : Supported
Extended Self-test . . . . . . . . . . . . . . . : Supported
Conveyance Self-test . . . . . . . . . . . . . . : Supported
Selective Self-Test . . . . . . . . . . . . . . : Supported
Save Data Before/After Power Saving Mode . . . . : Supported
Enable/Disable Attribute Autosave . . . . . . . : Supported
Error Logging Capability . . . . . . . . . . . . : Supported
Short Self-test Estimated Time . . . . . . . . . : 1 minutes
Extended Self-test Estimated Time . . . . . . . : 97 minutes
Conveyance Self-test Estimated Time . . . . . . : 2 minutes
Last Short Self-test Result . . . . . . . . . . : Never Started
Last Short Self-test Date . . . . . . . . . . . : Never Started
Last Extended Self-test Result . . . . . . . . . : Never Started
Last Extended Self-test Date . . . . . . . . . . : Never Started
Last Conveyance Self-test Result . . . . . . . . : Never Started
Last Conveyance Self-test Date . . . . . . . . . : Never Started

Security Mode
---------------
Security Mode . . . . . . . . . . . . . . . . . : Supported
Security Erase . . . . . . . . . . . . . . . . . : Supported
Security Erase Time . . . . . . . . . . . . . . : 92 minutes
Security Enhanced Erase Feature . . . . . . . . : Supported
Security Enhanced Erase Time . . . . . . . . . . : 92 minutes
Security Enabled . . . . . . . . . . . . . . . . : No
Security Locked . . . . . . . . . . . . . . . . : No
Security Frozen . . . . . . . . . . . . . . . . : Yes
Security Counter Expired . . . . . . . . . . . . : No
Security Level . . . . . . . . . . . . . . . . . : High
Device Encrypts All User Data . . . . . . . . . : No
Sanitize . . . . . . . . . . . . . . . . . . . . : Not supported
Overwrite . . . . . . . . . . . . . . . . . . . : Not supported
Crypto Scramble . . . . . . . . . . . . . . . . : Not supported
Block Erase . . . . . . . . . . . . . . . . . . : Not supported
Sanitize Antifreeze Lock . . . . . . . . . . . . : Not supported
ACS-3 Commands Allowed By Sanitize . . . . . . . : No

Serial ATA Features
---------------------
S-ATA Compliance . . . . . . . . . . . . . . . . : Yes
S-ATA I Signaling Speed (1.5 Gps) . . . . . . . : Supported
S-ATA II Signaling Speed (3 Gps) . . . . . . . . : Supported
S-ATA Gen3 Signaling Speed (6 Gps) . . . . . . . : Supported
Receipt Of Power Management Requests From Host . : Supported
PHY Event Counters . . . . . . . . . . . . . . . : Supported
Non-Zero Buffer Offsets In DMA Setup FIS . . . . : Not supported
DMA Setup Auto-Activate Optimization . . . . . . : Not supported
Device Initiating Interface Power Management . . : Supported, Disabled
In-Order Data Delivery . . . . . . . . . . . . . : Not supported
Asynchronous Notification . . . . . . . . . . . : Not supported
Software Settings Preservation . . . . . . . . . : Supported, Enabled
Native Command Queuing (NCQ) . . . . . . . . . . : Supported
Queue Length . . . . . . . . . . . . . . . . . . : 32
NCQ Streaming . . . . . . . . . . . . . . . . . : Not supported
NCQ Autosense . . . . . . . . . . . . . . . . . : Not supported
Automatic Partial To Slumber Translations . . . : Not supported
Rebuild Assist . . . . . . . . . . . . . . . . . : Not supported
Hybrid Information . . . . . . . . . . . . . . . : Not supported
Device Sleep (DevSleep) . . . . . . . . . . . . : Not supported
DevSleep To ReducedPwrState . . . . . . . . . . : Not supported

Disk Information
------------------
Disk Family . . . . . . . . . . . . . . . . . . : Momentus Thin 500LT012
Form Factor . . . . . . . . . . . . . . . . . . : 2.5"
Capacity . . . . . . . . . . . . . . . . . . . . : 500 GB (500 x 1,000,000,000 bytes)
Number Of Disks . . . . . . . . . . . . . . . . : 1
Number Of Heads . . . . . . . . . . . . . . . . : 2
Rotational Speed . . . . . . . . . . . . . . . . : 5400 RPM
Rotation Time . . . . . . . . . . . . . . . . . : 11.11 ms
Average Rotational Latency . . . . . . . . . . . : 5.56 ms
Disk Interface . . . . . . . . . . . . . . . . . : Serial-ATA/300
Buffer-Host Max. Rate . . . . . . . . . . . . . : 300 MB/seconds
Buffer Size . . . . . . . . . . . . . . . . . . : 16384 KB
Drive Ready Time (Typical) . . . . . . . . . . . : 3 seconds
Average Seek Time . . . . . . . . . . . . . . . : 12.0 ms
Track To Track Seek Time . . . . . . . . . . . . : 1.5 ms
Full Stroke Seek Time . . . . . . . . . . . . . : ? ms
Width . . . . . . . . . . . . . . . . . . . . . : 69.9 mm (2.8 inch)
Depth . . . . . . . . . . . . . . . . . . . . . : 100.4 mm (4.0 inch)
Height . . . . . . . . . . . . . . . . . . . . . : 7.0 mm (0.3 inch)
Weight . . . . . . . . . . . . . . . . . . . . . : 95 grams (0.2 pounds)
Acoustic (Idle) . . . . . . . . . . . . . . . . : 2.3 Bel
Acoustic (Min Performance And Volume) . . . . . : 2.5 Bel
Acoustic (Max Performance And Volume) . . . . . : 3.0 Bel
Required Power For Spinup . . . . . . . . . . . : 1,200 mA
Power Required (Seek) . . . . . . . . . . . . . : 2.4 W
Power Required (Idle) . . . . . . . . . . . . . : 1.2 W
Power Required (Standby) . . . . . . . . . . . . : 0.4 W
Manufacturer . . . . . . . . . . . . . . . . . . : Seagate Technology
Manufacturer Website . . . . . . . . . . . . . . : http://www.seagate.com/www/en-us/products

S.M.A.R.T.
------------
No. Attribute Thre.. Value Worst Data Status Flags
1 Raw Read Error Rate 6 119 99 00000CE420D0 OK Error-Rate, Performance, Statistical, Critical
3 Spin Up Time 0 99 98 000000000000 OK (Always passing) Statistical, Critical
4 Start/Stop Count 20 93 93 000000001D6C OK Self Preserving, Event Count, Statistical
5 Reallocated Sectors Co.. 36 100 100 000000000000 OK Self Preserving, Event Count, Statistical, Critical
7 Seek Error Rate 30 73 60 00070A54CC3B OK Error-Rate, Performance, Statistical, Critical
9 Power On Time Count 0 96 96 8D80000010AB OK (Always passing) Self Preserving, Event Count, Statistical
10 Spin Retry Count 97 100 100 000000000000 OK Event Count, Statistical, Critical
12 Drive Power Cycle Count 20 98 98 000000000855 OK Self Preserving, Event Count, Statistical
184 End-to-End Error Count 99 100 100 000000000000 OK Self Preserving, Event Count, Statistical
187 Reported Uncorrectable.. 0 100 100 000000000000 OK (Always passing) Self Preserving, Event Count, Statistical
188 Command Timeout 0 100 99 000400040004 OK (Always passing) Self Preserving, Event Count, Statistical
189 High Fly Writes 0 100 100 000000000000 OK (Always passing) Self Preserving, Event Count, Error-Rate, Statistical
190 Airflow Temperature 45 61 52 000027120027 OK Self Preserving, Statistical
191 G-Sense Error Rate 0 100 100 000000000240 OK (Always passing) Self Preserving, Event Count, Statistical
192 Power off Retract Cycl.. 0 100 100 000000000005 OK (Always passing) Self Preserving, Event Count, Statistical
193 Load/Unload Cycle Count 0 22 22 0000000266A3 OK (Always passing) Self Preserving, Event Count, Statistical
194 Disk Temperature 0 39 48 000800000027 OK (Always passing) Self Preserving, Statistical
197 Current Pending Sector.. 0 100 100 000000000000 OK (Always passing) Event Count, Statistical
198 Off-Line Uncorrectable.. 0 100 100 000000000000 OK (Always passing) Event Count
199 Ultra ATA CRC Error Co.. 0 200 200 000000000000 OK (Always passing) Self Preserving, Event Count, Error-Rate, Performanc..
240 Head Flying Hours 0 97 97 894B00000D6D OK (Always passing)
241 Total LBA Written 0 100 253 00043FF94B2F OK (Always passing)
242 Total LBA Read 0 100 253 0004A31E78AF OK (Always passing)
254 Free Fall Event Count 0 100 100 000000000000 OK (Always passing) Self Preserving, Event Count, Statistical

Transfer Rate Information
---------------------------
Total Data Read . . . . . . . . . . . . . . . . : 505 MB, 505 MB since installation (4/23/2023)
Total Data Write . . . . . . . . . . . . . . . . : 153 MB, 153 MB since installation
Average Reads Per Day . . . . . . . . . . . . . : 505.00 MB
Average Writes Per Day . . . . . . . . . . . . . : 153.00 MB
Current Transfer Rate . . . . . . . . . . . . . : 3907 KB/s
Maximum Transfer Rate . . . . . . . . . . . . . : 34375 KB/s
Current Read Rate . . . . . . . . . . . . . . . : 2810 KB/s
Current Write Rate . . . . . . . . . . . . . . . : 1097 KB/s
Current Disk Activity . . . . . . . . . . . . . : 100 %

-- Partition Information --

Logical Drive Total Space Free Space Free Space Used Space
C: OS (Disk: #0) 186.3 GB 128.1 GB 69 % ######--------------
D: Data (Disk: #0) 258.3 GB 258.2 GB 100 % --------------------

-- System Management Information --

Motherboard Information
-------------------------
Manufacturer . . . . . . . . : ASUSTeK COMPUTER INC.
Product . . . . . . . . . . : X553MA 1.0
Serial Number . . . . . . . : BSN12345678901234567
Asset Tag . . . . . . . . . : ATN12345678901234567 MIDDLE
BIOS . . . . . . . . . . . . : American Megatrends Inc. ver. X553MA.209 [08/08/2014]
Memory Module 1 . . . . . . : 4096 MB [1333 MHz] A1_BANK0
Memory Module 2 . . . . . . : -

System Information
--------------------
Manufacturer . . . . . . . . : ASUSTeK COMPUTER INC.
Product . . . . . . . . . . : X553MA 1.0
Serial Number . . . . . . . : EBN0CV037502457
UUID . . . . . . . . . . . . : 89D2DF63-D813-4C07-B67B-184E015C9B03
Chassis . . . . . . . . . . : ASUSTeK COMPUTER INC. ver. 1.0
Chassis Serial Number . . . : EBN0CV037502457
Chassis Asset Tag . . . . . : No Asset Tag

the mekanic · Apr 25, 2023

Going forward, you may attach a file to your post. Less WOT that way. Let's have a look at the event log.

Windows key + R
Type eventvwr and click OK
Click Windows Logs
Under Windows Logs, you're looking for system.

See what you can see. Exporting the logs is another story for later, if need be.

nightowl_80 · Apr 26, 2023

next to system it says 3,955 events. On the right side is a whole bunch of options

the mekanic · Apr 26, 2023

Any red?

nightowl_80 · May 5, 2023

no it says everything is fine. I havent had it become a brick again, so I don't know if the problem is fixed. Does either of you guys see anything wrong with the reports I posted?

the mekanic · May 6, 2023

It was a lot of text. Most of what I absorbed of it seemed nominal. But, my eyes to get tired these days..

Perhaps just a software glitch....

Log in or Sign up

A Problem I Haven't Seen Before

nightowl_80 Private E-2

plodr MajorGeek Super Extraordinaire Moderator Staff Member

nightowl_80 Private E-2

the mekanic Major Mekanical Geek

nightowl_80 Private E-2

Oh My! Malware Expert Staff Member

nightowl_80 Private E-2

Oh My! Malware Expert Staff Member

nightowl_80 Private E-2

the mekanic Major Mekanical Geek

Oh My! Malware Expert Staff Member

nightowl_80 Private E-2

the mekanic Major Mekanical Geek

nightowl_80 Private E-2

Oh My! Malware Expert Staff Member

the mekanic Major Mekanical Geek

nightowl_80 Private E-2

the mekanic Major Mekanical Geek

nightowl_80 Private E-2

nightowl_80 Private E-2

nightowl_80 Private E-2

nightowl_80 Private E-2

the mekanic Major Mekanical Geek

nightowl_80 Private E-2

the mekanic Major Mekanical Geek

nightowl_80 Private E-2

the mekanic Major Mekanical Geek