Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-09-2021 Ran by User (22-09-2021 12:38:25) Running from C:\Users\User\Downloads Windows 10 Home Version 21H1 19043.1237 (X64) (2020-09-11 13:41:52) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= (If an entry is included in the fixlist, it will be removed.) Administrator (S-1-5-21-139916497-3742323812-500074900-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-139916497-3742323812-500074900-503 - Limited - Disabled) Guest (S-1-5-21-139916497-3742323812-500074900-501 - Limited - Disabled) jtxqbdzueqsz (S-1-5-21-139916497-3742323812-500074900-1006 - Limited - Enabled) uhtpffyxya (S-1-5-21-139916497-3742323812-500074900-1002 - Limited - Disabled) User (S-1-5-21-139916497-3742323812-500074900-1001 - Administrator - Enabled) => C:\Users\User WDAGUtilityAccount (S-1-5-21-139916497-3742323812-500074900-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440} AS: ESET Security (Disabled - Up to date) {333C65BB-8923-0EAA-C47E-C486E687BEFD} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B} FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.007.20091 - Adobe Systems Incorporated) Adobe Connect (HKU\S-1-5-21-139916497-3742323812-500074900-1001\...\Adobe Connect App) (Version: 2020.1.5.32 - Adobe Systems Inc.) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 21.4.1 - Advanced Micro Devices, Inc.) ANT Drivers Installer x64 (HKLM\...\{13411D72-7171-440B-978A-ECAA06920C4C}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden Apple Application Support (32-bit) (HKLM-x32\...\{9738288C-21BC-4F54-AB4F-72F059339376}) (Version: 8.6 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{DEB339C1-2687-43AB-816A-8714F3E26846}) (Version: 8.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{74CC99EB-7DC0-4CB0-847A-F8C2FE39690C}) (Version: 14.5.0.7 - Apple Inc.) Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden Clickatell COM-API 2.0.0.42 (HKLM-x32\...\Clickatell COM-API_is1) (Version: 2.0.0.28 - ) CutePDF Writer 3.2 (HKLM\...\CutePDF Writer Installation) (Version: 3.2 - Acro Software Inc.) Dell SupportAssist (HKLM\...\{9EF0AEB0-9AD2-40E6-8667-D7520C508941}) (Version: 3.10.3.3 - Dell Inc.) Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{900D0BCD-0B86-4DAA-B639-89BE70449569}) (Version: 5.4.1.14954 - Dell Inc.) Hidden Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{ec40a028-983b-4213-af2c-77ed6f6fe1d5}) (Version: 5.4.1.14954 - Dell Inc.) Dell Update for Windows 10 (HKLM\...\{41D2D254-D869-4CD8-B440-5DF49083C4BA}) (Version: 4.2.1 - Dell Inc.) DigitalPersona One Touch for Windows RTE (HKLM\...\{56A3C0AF-051E-434D-9106-47B255B3AD4A}) (Version: 1.6.1.965 - DigitalPersona, Inc.) DinoCapture 2.0 (HKLM-x32\...\DinoCapture 2.0) (Version: 1.5.37.A - AnMo Electronics Corporation) Dino-Lite 2xx Driver (HKLM-x32\...\{ECD03DA7-5952-406A-8156-5F0C93618D1F}) (Version: 5.21.2.0 - AnMo Electronics Corporation) DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 3.4.6299.48 - PC-Doctor, Inc.) Hidden Edge3 Driver 1.0.0.3 (HKLM\...\Edge3 Driver_is1) (Version: 1.0.0.3 - Edge3 Driver) Elevated Installer (HKLM-x32\...\{4E108B93-9865-45BF-A565-865AE20AC7FC}) (Version: 6.18.0.0 - Garmin Ltd or its subsidiaries) Hidden ESET Security (HKLM\...\{BEFBE0CD-6723-4D98-8263-9A2C376BC6CD}) (Version: 14.2.24.0 - ESET, spol. s r.o.) Garmin Express (HKLM-x32\...\{D646C2CC-7782-4B95-B1C8-D9503409A40A}) (Version: 6.18.0.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Express (HKLM-x32\...\{ffecb7df-db17-4a27-9f6b-d61ba2d7bcff}) (Version: 6.18.0.0 - Garmin Ltd or its subsidiaries) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 93.0.4577.82 - Google LLC) HP Deskjet 1510 series Basic Device Software (HKLM\...\{D17E60E8-478A-4D4A-8147-21D481B5CA55}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) Intel(R) Chipset Device Software (HKLM-x32\...\{e48a2f61-851a-4155-82f9-af1b04db8c3b}) (Version: 10.0.13 - Intel(R) Corporation) Hidden Intel(R) Computing Improvement Program (HKLM\...\{88B98508-2D8F-46F1-90AD-557BE40C7067}) (Version: 2.4.07642 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.0.1098 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{0e6a18a2-ea36-4041-9f69-0b2cc3f04f88}) (Version: 20.10.1 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{a2caa706-dce2-4c91-8d46-b52a3c260b20}) (Version: 21.10.1 - Intel Corporation) iTunes (HKLM\...\{653C59E1-B78D-4D82-9259-C14DFD9F6EFC}) (Version: 12.11.3.17 - Apple Inc.) Lenovo EasyCamera (HKLM-x32\...\{E8266049-8C7B-4A09-9E11-8BD100E0076A}) (Version: 8.0.1.2379 - GenesysLogic) Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.14326.20404 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 93.0.961.52 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 93.0.961.52 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-139916497-3742323812-500074900-1001\...\OneDriveSetup.exe) (Version: 21.160.0808.0002 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-139916497-3742323812-500074900-1001\...\Teams) (Version: 1.3.00.26064 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{7B981965-2FBC-433C-B4B3-E183EE97CD29}) (Version: 2.83.0.0 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation) MindManager 21 (HKLM\...\{2FDA5D9D-60C0-4014-BB7E-2A74B1D7AF21}) (Version: 21.0.261 - Corel Corporation) Mozilla Firefox 61.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 61.0.2 (x64 en-US)) (Version: 61.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0.2 - Mozilla) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14326.20404 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20238 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20404 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden Pastel Partner Version 12 (HKLM-x32\...\{4FDDC2F0-4F85-4CFF-96FA-8281D5B7201F}) (Version: 12.1.6 - Sage Pastel) Pervasive System Analyzer (HKLM-x32\...\Pervasive System Analyzer) (Version: - ) Pervasive.SQL 9.60 Workgroup for Windows (HKLM-x32\...\{D8C0330E-C815-4C6F-9BFD-0FD570155790}) (Version: 9.60.016.000 - Pervasive Software Inc. ) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.050.0511.2021 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.) Sage Connected Services (HKLM-x32\...\{DF8DA097-ABE2-4A94-8396-D51CD51181C6}) (Version: 1.00.13 - Softline Pastel) TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer) WhatsApp (HKU\S-1-5-21-139916497-3742323812-500074900-1001\...\WhatsApp) (Version: 2.2100.4 - WhatsApp) Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22925 - Microsoft Corporation) Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.) Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software) Zoom (HKU\S-1-5-21-139916497-3742323812-500074900-1001\...\ZoomUMX) (Version: 5.5.4 (13142.0301) - Zoom Video Communications, Inc.) Zwift version 1.0.50 (HKLM-x32\...\{E4DA422A-82AB-44A4-B3A5-0AF60F47B7AB}_is1) (Version: 1.0.50 - Zwift, LLC) Packages: ========= Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.202.400.0_x86__kgqvnymyfvs32 [2021-09-20] (king.com) Classic Cars PREMIUM -> C:\Program Files\WindowsApps\Microsoft.ClassicCarsPREMIUM_1.0.0.0_neutral__8wekyb3d8bbwe [2020-01-03] (Microsoft Corporation) Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.10.6.0_x64__htrsf667h5kn2 [2021-09-13] (Dell Inc) Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_4.2.2.0_x86__htrsf667h5kn2 [2021-09-13] (Dell Inc) Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_6.2.17.0_x86__h6adky7gbf63m [2021-09-14] (Gameloft SE) Facebook -> C:\Program Files\WindowsApps\FACEBOOK.FACEBOOK_2021.312.1.0_neutral__8xx8rvfyw5nnt [2021-04-17] (Facebook Inc) Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.1.3.0_neutral__3f5azkryzdbc4 [2020-04-25] (Flipboard) Garmin Connect Mobile -> C:\Program Files\WindowsApps\Garmin.GarminConnectMobile_3.24.1.0_x64__xpnz26pswwvpm [2018-05-21] (GARMIN INTERNATIONAL INC) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_130.1.323.0_x64__v10z8vjag6ke6 [2021-08-19] (HP Inc.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2020-09-11] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-04] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-04] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-07] (Microsoft Studios) [MS Ad] Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.53.42573.0_x64__8wekyb3d8bbwe [2021-09-20] (Microsoft Corporation) [Startup Task] Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_21.10913.5785.0_x64__8wekyb3d8bbwe [2021-09-22] (Microsoft Corporation) Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.17.1101.0_x64__8wekyb3d8bbwe [2021-08-16] (Microsoft Studios) MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-18] (Microsoft Corporation) MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2017-05-23] (Microsoft Corporation) [MS Ad] MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2017-05-23] (Microsoft Corporation) [MS Ad] MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2017-05-23] (Microsoft Corporation) [MS Ad] Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-03] (Microsoft Corporation) Stunning Cityscapes -> C:\Program Files\WindowsApps\Microsoft.StunningCityscapes_1.0.0.0_neutral__8wekyb3d8bbwe [2020-01-03] (Microsoft Corporation) Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-15] (Twitter Inc.) WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2134.10.0_x64__cv1g1gvanyjgm [2021-09-06] (WhatsApp Inc.) World of Tanks Blitz Assistant -> C:\Program Files\WindowsApps\7458BE2C.WorldofTanksBlitzAssistant_1.9.0.0_x64__x4tje2y229k00 [2018-08-26] (Wargaming Group Limited) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-139916497-3742323812-500074900-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-139916497-3742323812-500074900-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> "C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe" -ToastActivated => No File CustomCLSID: HKU\S-1-5-21-139916497-3742323812-500074900-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2021-08-31] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2021-08-31] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-04-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-02-24] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2021-08-31] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== ==================== Loaded Modules (Whitelisted) ============= 2020-07-27 11:23 - 2020-07-27 11:23 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll 2014-02-26 09:11 - 2014-02-26 09:11 - 000297984 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll 2014-02-26 09:11 - 2014-02-26 09:11 - 000523264 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll 2000-08-29 02:19 - 2000-08-29 02:19 - 000401462 _____ (Microsoft Corporation) [File not signed] C:\PVSW\bin\MSVCP60.dll 2006-02-23 04:48 - 2006-02-23 04:48 - 000786481 _____ (Pervasive Software Inc.) [File not signed] C:\PVSW\bin\pscl2.dll 2006-02-23 04:39 - 2006-02-23 04:39 - 000258099 _____ (Pervasive Software Inc.) [File not signed] C:\PVSW\bin\pscore2.dll 2020-12-01 00:14 - 2020-12-01 00:14 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Interop.dll 2021-07-23 11:36 - 2021-07-23 11:36 - 002122240 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 000414720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 001441792 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 001189888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 000134656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 006184448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 006867456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 000735232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 000120832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5MultimediaQuick.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 001104896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 003668480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 000517120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 000051712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlWorkerScript.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 004228608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 001085440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 000480256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5RemoteObjects.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 000205824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 000127488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 000390656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 095598080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 005587968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 000462848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 000188928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 002878464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 000055808 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 000262144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtMultimedia\declarative_multimedia.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQml\qmlplugin.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 000284160 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 000333824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 000136704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll 2020-07-27 11:23 - 2020-07-27 11:23 - 000091648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll 2021-09-16 12:22 - 2020-09-25 05:31 - 000060416 _____ (飘云阁论坛官方出品) [File not signed] C:\Program Files\MindManager 21\msimg32.dll 2021-09-16 12:22 - 2020-09-25 05:31 - 000074240 _____ (飘云阁论坛官方出品) [File not signed] C:\Program Files\MindManager 21\UxTheme.dll 2021-09-16 12:22 - 2020-09-25 05:31 - 000060928 _____ (飘云阁论坛官方出品) [File not signed] C:\Program Files\MindManager 21\VERSION.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== HKU\S-1-5-21-139916497-3742323812-500074900-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB HKU\S-1-5-21-139916497-3742323812-500074900-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB HKU\S-1-5-21-139916497-3742323812-500074900-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.moneyweb.co.za/ SearchScopes: HKU\S-1-5-21-139916497-3742323812-500074900-1001 -> DefaultScope {1A95DC8F-4A6D-4938-B715-50B59B516306} URL = SearchScopes: HKU\S-1-5-21-139916497-3742323812-500074900-1001 -> {1A95DC8F-4A6D-4938-B715-50B59B516306} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-05-28] (Microsoft Corporation -> Microsoft Corporation) BHO: CmjBrowserHelperObject Object -> {6FE6A929-59D1-4763-91AD-29B61CFFB35B} -> C:\Program Files\MindManager 21\Mm8InternetExplorer.dll [2020-09-18] (Corel Corporation -> Mindjet) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-27] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-27] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-27] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-27] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2017-05-24 22:38 - 000000826 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\PVSW\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Users\User\AppData\Local\Microsoft\WindowsApps;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ HKU\S-1-5-21-139916497-3742323812-500074900-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run: => "RtHDVBg" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run: => "IAStorIcon" HKLM\...\StartupApproved\Run: => "DpTsClnt" HKLM\...\StartupApproved\Run32: => "Dropbox" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "StartCCC" HKLM\...\StartupApproved\Run32: => "MMReminderService" HKLM\...\StartupApproved\Run32: => "Intel Driver & Support Assistant" HKLM\...\StartupApproved\Run32: => "Zwift" HKU\S-1-5-21-139916497-3742323812-500074900-1001\...\StartupApproved\StartupFolder: => "Monitor Ink Alerts - HP Deskjet 1510 series.lnk" HKU\S-1-5-21-139916497-3742323812-500074900-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-139916497-3742323812-500074900-1001\...\StartupApproved\Run: => "Payroll Notification Service" HKU\S-1-5-21-139916497-3742323812-500074900-1001\...\StartupApproved\Run: => "GarminExpress" HKU\S-1-5-21-139916497-3742323812-500074900-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams" HKU\S-1-5-21-139916497-3742323812-500074900-1001\...\StartupApproved\Run: => "Opera Browser Assistant" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{C84790BE-29C4-470E-90B8-19FA43D5724C}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> ) FirewallRules: [{8E5E1601-C1CC-4302-A92F-4F1A0DAF8243}] => (Allow) C:\PVSW\bin\w3dbsmgr.exe (Pervasive Software, Inc. -> ) FirewallRules: [{64BB868C-12A0-4793-BDB0-7BD5661CAA55}] => (Allow) C:\PVSW\bin\w3dbsmgr.exe (Pervasive Software, Inc. -> ) FirewallRules: [{F5746832-B40B-4EE7-A118-435FF6076806}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{48136D34-39AA-433B-A25C-2BA105B91C3B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{06BB2BA1-ED30-4D17-9B69-A83066D930E9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{EDE17428-8AEF-40E9-AEDE-47464C65402F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{AA6D1E5C-CE99-4E32-B2CD-25A7E804575C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{CD94AEF5-3A51-46BD-8149-8E037B5FAC36}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{43EBF6B6-C8BB-4BCF-8360-68AFA6D68BDF}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{06699C44-7CF1-463F-8CEF-E1D399B543A2}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\USBSetup.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{9B51C9FE-5724-4175-A26D-E489B42E83A1}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{42029B5B-566E-4AF5-9EBD-8828EABADB81}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{95C81E23-3011-4BCA-A550-B34FF66B783B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{F6428B82-C586-4D67-A09F-B620BE24E681}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{1ECB4B14-0329-45D4-B86C-CC45605E38DE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [TCP Query User{1B2DB937-570F-438D-BA87-F7E1A2DD5ECF}C:\pvsw\bin\w3dbsmgr.exe] => (Allow) C:\pvsw\bin\w3dbsmgr.exe (Pervasive Software, Inc. -> ) FirewallRules: [UDP Query User{24BB7436-1A9B-419E-8B61-DFE469809EB0}C:\pvsw\bin\w3dbsmgr.exe] => (Allow) C:\pvsw\bin\w3dbsmgr.exe (Pervasive Software, Inc. -> ) FirewallRules: [{70DB26D0-63C4-4580-9034-6C1FB63D209F}] => (Allow) C:\Users\User\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{0054CCAA-E58B-4859-B84B-311F34638E25}] => (Allow) C:\Users\User\AppData\Roaming\Zoom\bin\airhost.exe => No File FirewallRules: [{7F37A510-5E70-47FE-96D7-CC31C6DE5107}] => (Allow) C:\Users\User\AppData\Roaming\Zoom\bin\airhost.exe => No File FirewallRules: [{9EC78667-14FF-4161-BFDB-7EEDBAFE0815}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{FAFC042F-451A-4CF9-B907-9423232F3B10}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{F900E4E5-D29A-45FF-8755-33AED79456DB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{D099BAAC-80BD-45E9-9B9C-24B90EFCFF02}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{626F71A2-42C8-46C1-9A76-4A4843AB7692}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{A5674E7C-4892-4739-8E9D-80F6A76469EF}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> ) FirewallRules: [{F4BA16EE-2631-47AE-BE10-1A7F3697A7AD}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> ) FirewallRules: [{7232E452-5736-494A-A378-6555AAA056C9}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> ) FirewallRules: [{163EFC00-F198-449F-849A-057AA15C1E1C}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> ) FirewallRules: [{6941E0A6-B464-4B90-B09D-50A444E78725}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{036D4D12-620F-4C6B-BCB2-8799B255D1D1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{EA642DCF-F376-4F11-8148-40EAB860B6BF}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\93.0.961.52\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Restore Points ========================= 13-09-2021 15:51:39 Removed SmartByte Drivers and Services. 15-09-2021 10:28:16 Windows Modules Installer 22-09-2021 12:31:12 Removed Java(TM) SE Runtime Environment 6 ==================== Faulty Device Manager Devices ============ Name: Unknown USB Device (Device Descriptor Request Failed) Description: Unknown USB Device (Device Descriptor Request Failed) Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standard USB Host Controller) Service: Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. ==================== Event log errors: ======================== Application errors: ================== Error: (09/22/2021 12:39:51 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: backgroundTaskHost.exe, version: 10.0.19041.546, time stamp: 0x1d3a15e7 Faulting module name: biwinrt.dll, version: 10.0.19041.746, time stamp: 0x57062a91 Exception code: 0xc000027b Fault offset: 0x00000000000053c5 Faulting process id: 0x3ab0 Faulting application start time: 0x01d7af9e0ea651ad Faulting application path: C:\WINDOWS\system32\backgroundTaskHost.exe Faulting module path: C:\Windows\System32\biwinrt.dll Report Id: 1898a5e3-6735-40c9-b2cf-150eb10d30b6 Faulting package full name: Flipboard.Flipboard_2.1.3.0_neutral__3f5azkryzdbc4 Faulting package-relative application ID: App Error: (09/22/2021 12:30:28 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x8007001f, A device attached to the system is not functioning. . Operation: Executing Asynchronous Operation Context: Current State: DoSnapshotSet Error: (09/22/2021 12:12:58 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: Dell) Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code. Error: (09/22/2021 11:57:44 AM) (Source: ESENT) (EventID: 447) (User: ) Description: svchost (4112,D,27) SRUJet: A bad page link (error -327) has been detected in a B-Tree (ObjectId: 15, PgnoRoot: 63) of database C:\WINDOWS\system32\SRU\SRUDB.dat (2642 => 2643, 0). Tag: BtNextBadPgnoNextOrBacklink Fatal: 1 Error: (09/22/2021 11:57:44 AM) (Source: ESENT) (EventID: 544) (User: ) Description: svchost (4112,D,27) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 10829824 (0x0000000000a54000) (database page 2643 (0xA53)) for 4096 (0x00001000) bytes failed verification due to a persisted lost flush detection timestamp mismatch. The read operation will fail with error -1119 (0xfffffba1). The flush state on database page 2643 (0xA53) was 2 while the flush state on flush map page 0 (0x0) was 3. If this condition persists, restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem. Error: (09/22/2021 11:57:39 AM) (Source: ESENT) (EventID: 447) (User: ) Description: svchost (4112,D,27) SRUJet: A bad page link (error -327) has been detected in a B-Tree (ObjectId: 15, PgnoRoot: 63) of database C:\WINDOWS\system32\SRU\SRUDB.dat (2642 => 2643, 0). Tag: BtNextBadPgnoNextOrBacklink Fatal: 1 Error: (09/22/2021 11:57:38 AM) (Source: ESENT) (EventID: 544) (User: ) Description: svchost (4112,D,27) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 10829824 (0x0000000000a54000) (database page 2643 (0xA53)) for 4096 (0x00001000) bytes failed verification due to a persisted lost flush detection timestamp mismatch. The read operation will fail with error -1119 (0xfffffba1). The flush state on database page 2643 (0xA53) was 2 while the flush state on flush map page 0 (0x0) was 3. If this condition persists, restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem. Error: (09/22/2021 11:57:30 AM) (Source: ESENT) (EventID: 447) (User: ) Description: svchost (4112,D,27) SRUJet: A bad page link (error -327) has been detected in a B-Tree (ObjectId: 15, PgnoRoot: 63) of database C:\WINDOWS\system32\SRU\SRUDB.dat (2642 => 2643, 0). Tag: BtNextBadPgnoNextOrBacklink Fatal: 1 System errors: ============= Error: (09/22/2021 12:10:33 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: The Energy Server Service queencreek service hung on starting. Error: (09/22/2021 12:05:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (09/22/2021 12:05:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (60000 milliseconds) while waiting for the Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK service to connect. Error: (09/22/2021 12:05:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The HP Print Scan Doctor Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (09/22/2021 12:05:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (60000 milliseconds) while waiting for the HP Print Scan Doctor Service service to connect. Error: (09/22/2021 12:03:45 PM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY) Description: The password notification DLL C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter failed to load with error 126. Please verify that the notification DLL path defined in the registry, HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages, refers to a correct and absolute path (:\\.) and not a relative or invalid path. If the DLL path is correct, please validate that any supporting files are located in the same directory, and that the system account has read access to both the DLL path and any supporting files. Contact the provider of the notification DLL for additional support. Further details can be found on the web at http://go.microsoft.com/fwlink/?LinkId=245898. Error: (09/22/2021 11:48:44 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: The server {F3B4E234-7A68-4E43-B813-E4BA55A065F6} did not register with DCOM within the required timeout. CodeIntegrity: =============== Date: 2021-09-22 12:29:43 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2021-09-22 12:15:49 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\ebehmoni.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2021-09-22 12:07:25 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== BIOS: Dell Inc. A13 05/27/2019 Motherboard: Dell Inc. Processor: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz Percentage of memory in use: 27% Total physical RAM: 16264.96 MB Available physical RAM: 11718.6 MB Total Virtual: 18696.96 MB Available Virtual: 12732.64 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:930.37 GB) (Free:736.98 GB) NTFS \\?\Volume{0701a8a2-8c4b-4a9c-9512-05155be9c983}\ () (Fixed) (Total:0.77 GB) (Free:0.31 GB) NTFS \\?\Volume{d06ee446-6669-4636-99a6-c35ad2e6135c}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 103FF373) Partition: GPT. ==================== End of Addition.txt =======================