Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-04-2021 Ran by betha (06-04-2021 17:12:27) Running from C:\Users\betha\Desktop Windows 10 Home Version 2004 19041.867 (X64) (2020-10-17 07:20:46) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1413426085-2912600488-2307700468-500 - Administrator - Disabled) betha (S-1-5-21-1413426085-2912600488-2307700468-1002 - Administrator - Enabled) => C:\Users\betha DefaultAccount (S-1-5-21-1413426085-2912600488-2307700468-503 - Limited - Disabled) Guest (S-1-5-21-1413426085-2912600488-2307700468-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-1413426085-2912600488-2307700468-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4} FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) ABS PDF Install (HKLM-x32\...\{C42DD564-7DCD-4555-A7F3-15C0F46221D0}) (Version: 4.2.2 - Atlas Business Solutions, Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) Avast Premium Security (HKLM-x32\...\Avast Antivirus) (Version: 21.2.2455 - Avast Software) Avast SecureLine VPN (HKLM\...\Avast SecureLine) (Version: 5.10.5430.1950 - Avast Software) Backup and Sync from Google (HKLM\...\{3CBE1074-3A4F-4BA6-95E3-7A660B54FE33}) (Version: 3.55.3625.9414 - Google, Inc.) Chrome Remote Desktop Host (HKLM-x32\...\{D37959D7-227D-481D-95E1-F28C556215AA}) (Version: 90.0.4430.26 - Google LLC) Deepteep (HKU\S-1-5-21-1413426085-2912600488-2307700468-1002\...\Deepteep) (Version: 1188.0.0 - Deepteep) Dell Digital Delivery (HKLM-x32\...\{4B38FF9D-7308-411D-93BF-CCF259B476ED}) (Version: 3.5.2013.0 - Dell Products, LP) Dell Help & Support (HKLM\...\{457EFE69-8F49-43E0-80F9-1DEF4F7690C2}) (Version: 2.5.23.0 - Dell Inc.) Hidden Dell Help & Support (HKLM-x32\...\InstallShield_{457EFE69-8F49-43E0-80F9-1DEF4F7690C2}) (Version: 2.5.23.0 - Dell Inc.) Dell OSD (HKLM-x32\...\Dell OSD_is1) (Version: 1.4.3 - Dell Inc.) Dell SupportAssist (HKLM\...\{C5A70974-2F89-4BE0-90F7-749E62468C4D}) (Version: 3.8.1.23 - Dell Inc.) Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.212 - Dell) Dell SupportAssist Remediation (HKLM\...\{5832D99C-C9C6-437F-861C-43ED6333956F}) (Version: 4.1.0.6828 - Dell Inc.) Hidden Dell SupportAssist Remediation (HKLM-x32\...\{48253a97-70d4-4166-9a2b-80b3bb2fcc75}) (Version: 4.1.0.6828 - Dell Inc.) Dell Update - SupportAssist Update Plugin (HKLM\...\{77C86F54-9452-4EB6-B4C3-8A57FBF72D2B}) (Version: 4.4.0.9836 - Dell Inc.) Hidden Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{d2a00335-3e50-405c-8c5d-32e2a636bbe1}) (Version: 4.4.0.9836 - Dell Inc.) Dell Update (HKLM-x32\...\{5EBBC1DA-975F-44A0-B438-F325BCD45577}) (Version: 3.1.2 - Dell Inc.) Driver Support One (HKLM-x32\...\DSOne) (Version: 1.4.7432.35078 - Asurvio, LP) <==== ATTENTION DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 1.3.6855.212 - PC-Doctor, Inc.) Hidden Epson Event Manager (HKLM-x32\...\{AB8BE3EA-01D3-44B7-8E77-A9601CBDEBDE}) (Version: 3.10.0085 - Seiko Epson Corporation) Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 3.06.00 - Seiko Epson Corporation) Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - Seiko Epson Corporation) Epson ReadyInk Agent (A) (HKLM-x32\...\{A9B4584F-A29E-4880-97E6-1744B4AF2AF8}) (Version: 1.0.2.0 - Seiko Epson Corporation) Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation) Epson Software Updater (HKLM-x32\...\{28C66F35-69BF-4376-BC80-4D5F4808FF3C}) (Version: 4.6.1 - Seiko Epson Corporation) Epson WF-7710_7720 Guide (HKLM-x32\...\UsersGuideEpson WF-7710_7720 Guide_is1) (Version: 1.0 - Epson America,Inc.) EPSON WF-7720 Series Printer Uninstall (HKLM\...\EPSON WF-7720 Series) (Version: - Seiko Epson Corporation) EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation) GlanceGuest version 4.2.0.38 (HKLM-x32\...\{F5AC5408-CC29-47C0-AD53-1BBBF268B364}_is1) (Version: 4.2.0.38 - Glance Networks, Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.114 - Google LLC) GoTo Opener (HKLM-x32\...\{665DF231-32BE-46BA-ABD2-B0D69F8314FF}) (Version: 1.0.494 - LogMeIn, Inc.) Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1058 - Intel Corporation) Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.139.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{fd62de85-bda9-4280-a95b-fa2f86e0dc58}) (Version: 1.48.139.0 - Intel Corporation) Hidden Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{52DA40D6-6EF4-4B28-B501-FC538ECE638C}) (Version: 19.01.1627.3533 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{5a64c890-83f9-4399-b0c9-5e9a80890fdd}) (Version: 21.40.1 - Intel Corporation) Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.12253.1 - Waves Audio Ltd.) Hidden Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.13801.20360 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.68 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 89.0.774.68 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1413426085-2912600488-2307700468-1002\...\OneDriveSetup.exe) (Version: 21.030.0211.0002 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13801.20274 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20274 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20360 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.13801.20274 - Microsoft Corporation) Hidden QuickBooks Runtime Redistributable (HKLM\...\{F2A4F809-2DE6-4D27-888B-4D2BB8DAF20E}) (Version: 1.00.0000 - Intuit Inc.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.21292 - Realtek Semiconductor Corp.) Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 10.19.627.2017 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8895.1 - Realtek Semiconductor Corp.) Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.) SmartByte Drivers and Services (HKLM\...\{CAFD2E75-129F-42AD-8258-0FC494ACBD8E}) (Version: 2.5.719 - Rivet Networks) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation) Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - ) ZipCruncher (HKU\S-1-5-21-1413426085-2912600488-2307700468-1002\...\ZipCruncher) (Version: 995.0.0 - ZipCruncher) Zoom (HKU\S-1-5-21-1413426085-2912600488-2307700468-1002\...\ZoomUMX) (Version: 5.4.3 (58891.1115) - Zoom Video Communications, Inc.) Packages: ========= Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.) Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.2.45.0_x64__htrsf667h5kn2 [2020-10-14] (Dell Inc) Dell Product Registration -> C:\Program Files\WindowsApps\DellInc.DellProductRegistration_3.4.6.0_x64__htrsf667h5kn2 [2018-07-22] (Dell Inc) Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.8.10.0_x64__htrsf667h5kn2 [2021-04-06] (Dell Inc) Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.2028.0_x64__rz1tebttyb220 [2021-03-19] (Dolby Laboratories) Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.3.0_x64__xbfy0k16fey96 [2020-01-16] (Dropbox Inc.) McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.60.0_x64__wafk5atnkzcwy [2021-02-26] (McAfee LLC.) Media Suite Essentials for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.MediaSuiteEssentialsforDell_2.6.4028.0_x86__mcezb6ze687jp [2020-03-27] (CYBERLINK CORPORATION.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-02] (Microsoft Studios) [MS Ad] Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-10-14] (Netflix, Inc.) Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation) Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-29] (Microsoft Corporation) Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2018-02-04] (Plex) Power Media Player for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerMediaPlayerforDell_14.2.3224.0_x86__mcezb6ze687jp [2021-03-09] (CYBERLINK CORPORATION.) Power2Go for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.Power2GoforDell_11.0.3920.0_x86__mcezb6ze687jp [2020-10-14] (CYBERLINK CORPORATION.) [Startup Task] PowerDirector for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerDirectorforDell_15.0.4409.0_x64__mcezb6ze687jp [2018-08-19] (CYBERLINK CORPORATION.) SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_3.1.958.0_x64__rh07ty8m5nkag [2021-01-13] (Rivet Networks LLC) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0 [2021-04-02] (Spotify AB) [Startup Task] SupportAssist Driver Update -> C:\Program Files\WindowsApps\DriverToaster_1.5.0.0_x86__rqs2nt378nwsp [2018-03-27] (Dell Inc.) Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2019-08-08] (Microsoft Corporation) Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2020-12-01] (Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-04-06] (Avast Software s.r.o. -> AVAST Software) ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-04-06] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-04-06] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-03-12] (Google LLC -> Google) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-04-06] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-03-12] (Google LLC -> Google) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_a83a57c91f6fd100\igfxDTCM.dll [2021-01-08] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-04-06] (Avast Software s.r.o. -> AVAST Software) ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\betha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp ==================== Loaded Modules (Whitelisted) ============= 2021-04-06 16:39 - 2021-04-06 16:39 - 000114176 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\_ctypes.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 000172544 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\_elementtree.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 002255872 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\_hashlib.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 000032256 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\_multiprocessing.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 000046080 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\_psutil_windows.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 000047616 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\_socket.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 002824704 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\_ssl.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 000026112 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\_yappi.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 000080896 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\bz2.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 000015872 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\common.time34.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 000007680 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\hashobjs_ext.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 000301568 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\PIL._imaging.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 000168448 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\pyexpat.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 001084416 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\pysqlite2._sqlite.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 000548864 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\pythoncom27.dll 2021-04-06 16:39 - 2021-04-06 16:39 - 000137728 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\pywintypes27.dll 2021-04-06 16:39 - 2021-04-06 16:39 - 000010752 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\select.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 000020992 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\thumbnails_ext.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 000689664 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\unicodedata.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 000119808 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\usb_ext.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 000128512 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\win32api.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 000438784 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\win32com.shell.shell.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 000011776 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\win32crypt.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 000023040 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\win32event.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 000149504 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\win32file.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 000223232 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\win32gui.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 000048128 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\win32inet.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 000029696 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\win32pdh.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 000027648 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\win32pipe.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 000044032 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\win32process.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 000020480 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\win32profile.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 000136192 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\win32security.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 000026624 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\win32ts.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 000034304 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\windows.conditional.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 000037888 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\windows.connectivity.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 000071680 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\windows.device_monitor.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 000103936 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\windows.volumes.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 000019968 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\windows.winwrap.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 001325056 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\wx._controls_.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 001489408 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\wx._core_.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 001007104 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\wx._gdi_.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 000103424 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\wx._html2.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 000916992 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\wx._misc_.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 001039872 _____ () [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\wx._windows_.pyd 2021-04-06 16:39 - 2021-04-06 16:39 - 003043328 _____ (Python Software Foundation) [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\python27.dll 2019-03-07 10:24 - 2019-03-07 10:24 - 000102400 _____ (Rivet Networks) [File not signed] C:\Program Files\Rivet Networks\SmartByte\KillerNetworkServicePS.dll 2020-05-07 19:10 - 2020-05-07 19:10 - 001564160 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Driver Support One\SQLite.Interop.dll 2021-01-09 08:35 - 2021-01-09 08:35 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Interop.dll 2017-02-13 15:54 - 2017-02-13 15:54 - 000132096 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll 2009-10-21 18:39 - 2009-10-21 18:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll 2020-01-16 10:54 - 2019-10-31 01:00 - 000096768 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\EbpD4Fax.dll 2020-01-16 10:54 - 2019-10-31 01:00 - 000212992 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUADRFIL.dll 2020-01-16 10:54 - 2019-10-31 01:00 - 000286720 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXCFG.dll 2020-01-16 10:54 - 2019-10-31 01:00 - 000446464 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXCSR.DLL 2020-01-16 10:54 - 2019-10-31 01:00 - 000393216 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXLDB.dll 2020-01-16 10:54 - 2019-10-31 01:00 - 000651264 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXTIF.dll 2020-01-16 10:54 - 2019-10-31 01:00 - 000421888 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUIMGCDC.dll 2020-01-16 10:54 - 2019-10-31 01:00 - 000278528 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FULEPP.dll 2020-01-16 10:54 - 2019-10-31 01:00 - 000077824 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUSTMMSG.dll 2020-01-16 10:54 - 2019-10-31 01:00 - 000356352 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUSVCCLT.dll 2020-01-16 10:54 - 2019-10-31 01:00 - 000065536 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUUSBHLP.dll 2020-01-16 10:54 - 2019-10-31 01:00 - 000258048 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUVERDLG.dll 2020-01-16 10:54 - 2019-10-31 01:00 - 000073728 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\FUDEVCOM.dll 2020-01-16 10:54 - 2019-10-31 01:00 - 000135168 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\FUDRVUTL.dll 2020-01-16 10:54 - 2019-10-31 01:00 - 000339968 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\FUPRBDEV.dll 2020-01-16 10:54 - 2019-10-31 01:00 - 000286720 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\FUSNMPUT.dll 2020-01-16 10:54 - 2019-10-30 10:00 - 000086016 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUCMNMSG.dll 2020-01-16 10:54 - 2019-10-30 10:00 - 000090112 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUFAXCFGRes.dll 2020-01-16 10:54 - 2019-10-30 10:00 - 000241664 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUFAXRCV.dll 2020-01-16 10:54 - 2019-10-30 10:00 - 000110592 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUFAXSTM.dll 2020-01-16 10:54 - 2019-10-30 10:00 - 000022016 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FULEPPRes.dll 2020-01-16 10:54 - 2019-10-30 10:00 - 000077824 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUPRBDEVRes.dll 2016-09-14 15:31 - 2016-09-14 15:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll 2020-01-16 10:54 - 2019-10-31 01:00 - 000786432 _____ (SEIKO EPSON) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\ENCM.dll 2020-01-16 10:54 - 2019-10-31 01:00 - 000278528 _____ (SEIKO EPSON) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\ENNW.dll 2020-01-16 10:54 - 2019-10-31 01:00 - 000299008 _____ (SEIKO EPSON) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\ENUTIL.dll 2021-04-06 16:39 - 2021-04-06 16:39 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\wxbase30u_net_vc90_x64.dll 2021-04-06 16:39 - 2021-04-06 16:39 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\wxbase30u_vc90_x64.dll 2021-04-06 16:39 - 2021-04-06 16:39 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\wxmsw30u_adv_vc90_x64.dll 2021-04-06 16:39 - 2021-04-06 16:39 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\wxmsw30u_core_vc90_x64.dll 2021-04-06 16:39 - 2021-04-06 16:39 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\wxmsw30u_html_vc90_x64.dll 2021-04-06 16:39 - 2021-04-06 16:39 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\betha\AppData\Local\Temp\_MEI70442\wxmsw30u_webview_vc90_x64.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver" ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== HKU\S-1-5-21-1413426085-2912600488-2307700468-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE SearchScopes: HKU\S-1-5-21-1413426085-2912600488-2307700468-1002 -> DefaultScope {F4E9E35C-F374-43E7-A85F-B9C9F5EF25B8} URL = hxxp://go.deepteep.com/?7A6A55FB3EF22D49979E8F30948415DD=H1xAXFBMX1daU1QNEQQwBw9cQ1lQTV5fXFNBWlFFXl1fUFQJDB0LUyknNy4nNikoW1FCVVFCKldLQVJMQVQlPFpRQlwjOl5aOSwzKVVAX11ZIkNUIEcuVg&q={searchTerms} SearchScopes: HKU\S-1-5-21-1413426085-2912600488-2307700468-1002 -> {75040C58-3643-43CF-9B84-7A441061963F} URL = SearchScopes: HKU\S-1-5-21-1413426085-2912600488-2307700468-1002 -> {F4E9E35C-F374-43E7-A85F-B9C9F5EF25B8} URL = hxxp://go.deepteep.com/?7A6A55FB3EF22D49979E8F30948415DD=H1xAXFBMX1daU1QNEQQwBw9cQ1lQTV5fXFNBWlFFXl1fUFQJDB0LUyknNy4nNikoW1FCVVFCKldLQVJMQVQlPFpRQlwjOl5aOSwzKVVAX11ZIkNUIEcuVg&q={searchTerms} BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-03-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\SysWOW64\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation) ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2017-03-18 15:03 - 2019-01-04 03:27 - 000000827 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ HKU\S-1-5-21-1413426085-2912600488-2307700468-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Dell\Win LTBLUE 1920x1200.jpg DNS Servers: 100.120.200.1 - 75.75.75.75 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{33271572-FA95-402E-8065-C09911D992D5}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) FirewallRules: [{FA8FF2D2-04FD-4F68-8CDB-1286B94CAEE8}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) FirewallRules: [{4BEF4AB1-5A53-4F95-9349-0C76297FA0AF}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) FirewallRules: [{D67611C3-5B14-4F2D-AEEA-F31728AC4A84}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) FirewallRules: [{F8383C2E-7AA6-4128-B94D-E0B38E21E0C8}] => (Allow) C:\Users\betha\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{B3F1CF9B-DC1E-4822-988A-1348A6C16C1E}] => (Allow) C:\Users\betha\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{1BB69708-741E-4661-ACE3-DE660BDFB6B7}] => (Allow) C:\Users\betha\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{33AB3A00-52A4-4BD0-94CE-56DA969C191D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{2BC7B766-5590-4983-87ED-56DD6F8862F7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{FADCCC91-275F-4507-8A39-6DB9FEB396B5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{9526E235-1E0F-48C7-B957-B01C3A63768D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{6C308E27-DB7C-48DF-BAB3-E1EB81E92122}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{ACF48524-36A4-4DA1-8A51-5592DEA09BFD}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\90.0.4430.26\remoting_host.exe (Google LLC -> Google LLC) FirewallRules: [{DBE220E9-2341-4992-B5E9-068ACCDF2618}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{0FF324CB-D2F8-4834-BA90-DF09C5E936A2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{C93B37EA-3C85-4284-962E-D962E661A382}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{92AE108A-09CC-489F-8BA8-6B885FA85025}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{4656C596-4B10-413D-82FE-D6EB550D688D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{6317B6BF-384A-486F-B310-E355084DB63B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{ABDBB239-0165-43A0-BE37-0AF1A25B1C4C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{A3EAA007-8AAB-4C55-B287-5F0C220BB3BB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{B435D829-6722-42E4-A421-34F9962C2253}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{EA5BD369-0FA6-4315-A76F-381F630330C0}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\89.0.774.68\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Restore Points ========================= 18-03-2021 10:39:06 Scheduled Checkpoint 28-03-2021 10:19:18 Scheduled Checkpoint 05-04-2021 10:50:16 Scheduled Checkpoint ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (04/06/2021 04:47:29 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: invcol.exe, version: 0.0.0.0, time stamp: 0x6069d067 Faulting module name: icsvc32.dll, version: 9.5.1.1, time stamp: 0x6069d065 Exception code: 0xc0000005 Fault offset: 0x0000207c Faulting process id: 0x30c8 Faulting application start time: 0x01d72b36d2913713 Faulting application path: C:\WINDOWS\TEMP\inv7CCB_tmp\invcol.exe Faulting module path: C:\WINDOWS\TEMP\inv7CCB_tmp\icsvc32.dll Report Id: 9fc2082f-c99b-459d-b470-ade2e7a96624 Faulting package full name: Faulting package-relative application ID: Error: (04/06/2021 04:47:24 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: invcol.exe, version: 0.0.0.0, time stamp: 0x6069d067 Faulting module name: icsvc32.dll, version: 9.5.1.1, time stamp: 0x6069d065 Exception code: 0xc0000005 Fault offset: 0x0000207c Faulting process id: 0x2ca0 Faulting application start time: 0x01d72b36cee22836 Faulting application path: C:\WINDOWS\TEMP\inv66E2_tmp\invcol.exe Faulting module path: C:\WINDOWS\TEMP\inv66E2_tmp\icsvc32.dll Report Id: 8f0dc985-697f-4c31-a128-578d23abeff7 Faulting package full name: Faulting package-relative application ID: Error: (04/06/2021 04:44:16 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: DeliveryService.exe, version: 3.5.2013.0, time stamp: 0x5d025c33 Faulting module name: KERNELBASE.dll, version: 10.0.19041.804, time stamp: 0xb610d74d Exception code: 0xe0434352 Fault offset: 0x0012a8b2 Faulting process id: 0x2b44 Faulting application start time: 0x01d72b35e01256cd Faulting application path: C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll Report Id: 1fb68522-96f7-4c45-b633-14a4df4e5625 Faulting package full name: Faulting package-relative application ID: Error: (04/06/2021 04:44:14 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: DeliveryService.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.IO.FileNotFoundException at Dell.ClientFulfillmentService.ClientFulfillmentService.RetrieveAppConfig() at Dell.ClientFulfillmentService.ClientFulfillmentService.ProcessAppConfig() at Dell.ClientFulfillmentService.ClientFulfillmentService.InitializeService(System.Object) at System.Threading.TimerQueueTimer.CallCallbackInContext(System.Object) at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.TimerQueueTimer.CallCallback() at System.Threading.TimerQueueTimer.Fire() at System.Threading.TimerQueue.FireNextTimers() at System.Threading.TimerQueue.AppDomainTimerCallback(Int32) Error: (04/06/2021 04:00:31 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: The storage optimizer couldn't complete retrim on OS (C:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A) Error: (04/06/2021 02:11:51 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: The storage optimizer couldn't complete retrim on OS (C:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A) Error: (04/06/2021 01:09:47 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (04/05/2021 12:02:05 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 System errors: ============= Error: (04/06/2021 04:44:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s). Error: (04/06/2021 04:43:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The cpuz136 service failed to start due to the following error: This driver has been blocked from loading Error: (04/06/2021 04:43:49 PM) (Source: Application Popup) (EventID: 875) (User: ) Description: cpuz136_x64.sys Error: (04/06/2021 04:42:49 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: The Dell Digital Delivery Service service hung on starting. Error: (04/06/2021 04:40:58 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-6VQERA5) Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout. Error: (04/06/2021 04:40:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Dell Client Management Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (04/06/2021 04:40:41 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Dell Client Management Service service to connect. Error: (04/06/2021 04:40:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Dell Help & Support service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. CodeIntegrity: =============== Date: 2021-04-06 17:07:17 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. ==================== Memory info =========================== BIOS: Dell Inc. 2.5.0 01/26/2018 Motherboard: Dell Inc. 0FKYCM Processor: Intel(R) Core(TM) i7-7700T CPU @ 2.90GHz Percentage of memory in use: 46% Total physical RAM: 12185.13 MB Available physical RAM: 6506.59 MB Total Virtual: 14041.13 MB Available Virtual: 8231 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:917.6 GB) (Free:854.14 GB) NTFS \\?\Volume{e1c1414a-9f1f-4687-8b5a-6dda6e59cfec}\ () (Fixed) (Total:0.57 GB) (Free:0.07 GB) NTFS \\?\Volume{ab306ad3-2175-4038-a911-36e1eb824cd9}\ (Image) (Fixed) (Total:11.61 GB) (Free:0.17 GB) NTFS \\?\Volume{495d1a6e-ccda-4192-9635-160372e065c1}\ (DELLSUPPORT) (Fixed) (Total:1.12 GB) (Free:0.49 GB) NTFS \\?\Volume{5284cf8a-2ea7-42ad-9fb5-545712fe2f79}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.41 GB) FAT32 ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 0F30B1CE) Partition: GPT. ==================== End of Addition.txt =======================