Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-09-2021 Ran by erine (22-09-2021 10:33:42) Running from C:\Users\erine\Desktop Windows 10 Home Version 20H2 19042.1165 (X64) (2020-11-01 09:09:41) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= (If an entry is included in the fixlist, it will be removed.) Administrator (S-1-5-21-3707107645-3133845480-1438675409-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3707107645-3133845480-1438675409-503 - Limited - Disabled) erine (S-1-5-21-3707107645-3133845480-1438675409-1001 - Administrator - Enabled) => C:\Users\erine Guest (S-1-5-21-3707107645-3133845480-1438675409-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-3707107645-3133845480-1438675409-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.007.20091 - Adobe Systems Incorporated) Amazon Kindle (HKU\S-1-5-21-3707107645-3133845480-1438675409-1001\...\Amazon Kindle) (Version: 1.28.0.57030 - Amazon) Avid Link (HKLM\...\{852D24C6-60A0-4822-B05D-A005A6CD2F87}) (Version: 20.3.0.1213 - Avid Technology, Inc.) Cisco Webex Meetings (HKU\S-1-5-21-3707107645-3133845480-1438675409-1001\...\ActiveTouchMeetingClient) (Version: 41.1.3 - Cisco Webex LLC) Comcast Business VoiceEdge Companion (HKLM-x32\...\B14ACF74-0DA5-4DEC-813B-6E5902DC6DAB_is1) (Version: 4.1.0 - Comcast Business) Coolmuster Android Assistant (HKU\S-1-5-21-3707107645-3133845480-1438675409-1001\...\Coolmuster Android Assistant) (Version: 4.3.497 - Coolmuster) Dell Digital Delivery Service (HKLM-x32\...\{66E2407E-9001-483E-B2AA-7AEF97567143}) (Version: 3.6.1005.0 - Dell Products, LP) Dell Mobile Connect Drivers (HKLM\...\{913C378B-00FC-429C-BCC4-E7B2EC6679C7}) (Version: 1.2.6266 - Screenovate Technologies Ltd.) Dell SupportAssist (HKLM\...\{9EF0AEB0-9AD2-40E6-8667-D7520C508941}) (Version: 3.10.3.3 - Dell Inc.) Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{900D0BCD-0B86-4DAA-B639-89BE70449569}) (Version: 5.4.1.14954 - Dell Inc.) Hidden Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{ec40a028-983b-4213-af2c-77ed6f6fe1d5}) (Version: 5.4.1.14954 - Dell Inc.) Dell SupportAssist Remediation (HKLM\...\{795931D8-2EBF-4969-A678-4219B161F676}) (Version: 5.4.3.15135 - Dell Inc.) Hidden Dell SupportAssist Remediation (HKLM-x32\...\{555298fa-14a9-48f2-a7a0-9602f31785da}) (Version: 5.4.3.15135 - Dell Inc.) Dell Update for Windows 10 (HKLM\...\{41D2D254-D869-4CD8-B440-5DF49083C4BA}) (Version: 4.3.0 - Dell Inc.) Dropbox (HKLM-x32\...\Dropbox) (Version: 131.4.3968 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.503.1 - Dropbox, Inc.) Hidden Dynamic Application Loader Host Interface Service (HKLM\...\{90BC69B6-C3DD-45E3-B2EE-354635A0329B}) (Version: 1.0.0.0 - Intel Corporation) Hidden Ensemble Anthem (HKLM-x32\...\{DAC7A13A-4B6E-4697-8F4E-EA9836F34EBC}) (Version: 2.7.0 - Ensemble Video) Express Rip CD Ripper Software (HKLM-x32\...\ExpressRip) (Version: 3.00 - NCH Software) G*Power 3.1.9.7 (HKLM-x32\...\{FA3666A9-FF30-4777-B906-305B1EF0486E}) (Version: 3.1.97 - Franz Faul, Uni Kiel, Germany) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 93.0.4577.82 - Google LLC) GoTo Opener (HKLM-x32\...\{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 - LogMeIn, Inc.) GoToMeeting 10.17.0.19796 (HKU\S-1-5-21-3707107645-3133845480-1438675409-1001\...\GoToMeeting) (Version: 10.17.0.19796 - LogMeIn, Inc.) HLM 8.00 for Windows (Student) (HKLM-x32\...\{9E3FCEEE-3163-4946-A8AB-C97F4F70DD12}) (Version: 8.00 - SSI, Inc.) IBM SPSS Statistics (HKLM\...\{DC8AD675-36E2-44AD-8FB9-FA069BEAC190}) (Version: 28.0.0.0 - IBM Corp) IBM SPSS Statistics 27 (HKLM\...\{8EAD21F8-AD8B-4C6F-ABE6-92357CAB043E}) (Version: 27.0.0.0 - IBM Corp) Intel(R) Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2110.15.0.2210 - Intel Corporation) Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.61.251.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{69bc85f1-55f9-44f2-b5df-3840fe07854c}) (Version: 1.61.251.0 - Intel Corporation) Hidden iSkysoft iTransfer ( Version 4.3.1 ) (HKLM-x32\...\{84A89F3A-B59A-4324-8598-3611853769C8}_is1) (Version: 4.3.1 - iSkysoft) LeapFrog Connect 2 (HKLM-x32\...\LeapFrogConnect2) (Version: 4.0.22.435 - LeapFrog) LeapFrogConnect2 (HKLM-x32\...\{E713461D-C80C-4E84-B53D-B351E9FD8EBA}) (Version: 4.0.22.435 - LeapFrog) Hidden LeapStart (HKLM-x32\...\{86F8863C-5B13-4809-B154-A6F2F75A680C}) (Version: 4.0.24.437 - LeapFrog) Hidden Malwarebytes version 4.4.6.132 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.6.132 - Malwarebytes) Mendeley Desktop 1.19.4 (HKLM-x32\...\Mendeley Desktop) (Version: 1.19.4 - Mendeley Ltd.) Meraki Systems Manager Agent (HKLM\...\{573BE5A2-40E9-4C53-A744-CD352DBCC0C1}) (Version: 3.1.1 - Meraki) Meraki Systems Manager Agent (HKLM-x32\...\{BCD00ACA-E928-48E3-BE0E-342F052BDA5C}) (Version: 1.0.98 - Meraki) Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.14326.20404 - Microsoft Corporation) Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.14326.20404 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 93.0.961.52 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 93.0.961.52 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3707107645-3133845480-1438675409-1001\...\OneDriveSetup.exe) (Version: 21.170.0822.0002 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-3707107645-3133845480-1438675409-1001\...\Teams) (Version: 1.4.00.22472 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{7B981965-2FBC-433C-B4B3-E183EE97CD29}) (Version: 2.83.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation) Minecraft Launcher (HKLM-x32\...\{733C3ACB-432D-4880-B0E1-660000D7974D}) (Version: 1.0.0.0 - Mojang) Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 92.0 (x64 en-US)) (Version: 92.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.3 - Mozilla) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14326.20404 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20238 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20404 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden OptaneDowngradeGuard (HKLM\...\{86B0E6C1-32E0-42CC-BC4F-BF3C0730CECB}) (Version: 18.0.0.0 - Intel Corporation) Hidden Origin (HKLM-x32\...\Origin) (Version: 10.5.68.39605 - Electronic Arts, Inc.) Paradox Launcher v2 (HKLM\...\{F0072197-FCF6-41BF-9D38-832B145922DC}) (Version: 2.0.0.0 - Paradox Interactive) Positive Grid USB Audio Device Driver v4.80.0 (HKLM-x32\...\Software_PositiveGrid_PositiveGrid_UsbAudio_Driver_Setup) (Version: 4.80.0 - Positive Grid) QT5.10.1 (HKLM-x32\...\{D648CC39-D39C-445B-AEB7-213632704032}) (Version: 1.0.0.0 - LeapFrog) Hidden Qualcomm WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm) Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9155.1 - Realtek Semiconductor Corp.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.18362.31252 - Realtek Semiconductor Corp.) RstDowngradeGuard (HKLM\...\{13C2A26E-7AD4-4D82-BB4F-DEA6E871B958}) (Version: 18.0.0.0 - Intel Corporation) Hidden Sibelius (HKLM\...\{6E8787BE-2DCD-4212-BCE3-62F0D1890CB5}) (Version: 20.3.0.2503 - Avid Technology) Sibelius OpenType Fonts (HKLM-x32\...\{797B694A-E317-4405-A512-76A91A50243F}) (Version: 20.1.0 - Avid) SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.98.0213 - Electronic Arts) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.22654 - Microsoft Corporation) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2}) (Version: 2.58.0.0 - Microsoft Corporation) Use the entry named LeapFrog Connect2 to uninstall QT5.10.1 (HKLM-x32\...\QT5.10.1) (Version: - LeapFrog) VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN) Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden WatchGuard Mobile VPN with SSL client 11.7.3 (HKLM-x32\...\Mobile VPN with SSL client_is1) (Version: - WatchGuard) Zoom (HKU\S-1-5-21-3707107645-3133845480-1438675409-1001\...\ZoomUMX) (Version: 5.7.8 (1247) - Zoom Video Communications, Inc.) Zoom Outlook Plugin (HKLM-x32\...\{2C9A4261-9CAB-4FF1-AC5A-AC436FBB4F48}) (Version: 5.4.58474 - Zoom) Packages: ========= Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2110.1.0_x86__kgqvnymyfvs32 [2021-09-17] (king.com) Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.3.0.0_x64__htrsf667h5kn2 [2021-08-05] (Dell Inc) Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0.92.0_x64__htrsf667h5kn2 [2021-08-10] (Dell Inc) Dell Mobile Connect 3.3 -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0 [2021-09-19] (Screenovate Technologies) [Startup Task] Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.10.6.0_x64__htrsf667h5kn2 [2021-09-22] (Dell Inc) Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_4.3.12.0_x86__htrsf667h5kn2 [2021-08-12] (Dell Inc) Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2018-12-02] (Fitbit) Golden Farm -> C:\Program Files\WindowsApps\4ACEF246.GoldenFarm_2.4.16.0_x86__05g3z837ka020 [2021-08-14] (ПлейМи8) Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt [2021-07-22] (INTEL CORP) [Startup Task] Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-17] (INTEL CORP) Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1020.0_x64__8j3eq9eme6ctt [2021-09-22] (INTEL CORP) LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2018-12-02] (LinkedIn) LiquidText -> C:\Program Files\WindowsApps\LiquidText.LiquidText_2.0.10.0_x64__rx5mtpcf576t0 [2021-09-21] (LiquidText) Media Suite Essentials for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.MediaSuiteEssentialsforDell_2.6.4028.0_x86__mcezb6ze687jp [2020-03-26] (CYBERLINK CORPORATION.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-09] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-09] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-04] (Microsoft Studios) [MS Ad] MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-26] (Microsoft Corporation) My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_1.91.7.0_x64__htrsf667h5kn2 [2021-08-05] (Dell Inc) Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-15] (Netflix, Inc.) Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-02-27] (Microsoft Corporation) Power Media Player for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerMediaPlayerforDell_14.2.3708.0_x86__mcezb6ze687jp [2021-07-15] (CYBERLINK CORPORATION.) Power2Go for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.Power2GoforDell_11.0.3920.0_x86__mcezb6ze687jp [2020-08-12] (CYBERLINK CORPORATION.) [Startup Task] PowerDirector for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerDirectorforDell_15.0.4409.0_x64__mcezb6ze687jp [2018-12-02] (CYBERLINK CORPORATION.) SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_3.1.995.0_x64__rh07ty8m5nkag [2021-08-14] (Rivet Networks LLC) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0 [2021-09-21] (Spotify AB) [Startup Task] Township -> C:\Program Files\WindowsApps\PLRWORLDWIDESALES.TOWNSHIP_2021.852.1.0_x64__1feq88045d2v2 [2021-09-01] (Playrix) Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation) Waves MaxxAudio Pro for Dell -> C:\Program Files\WindowsApps\WavesAudio.WavesMaxxAudioProforDell_1.1.131.0_x64__fh4rh281wavaa [2018-12-02] (Waves Audio) Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2019-03-13] (Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3707107645-3133845480-1438675409-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6} CustomCLSID: HKU\S-1-5-21-3707107645-3133845480-1438675409-1001_Classes\CLSID\{04271989-C4D2-88A2-3539-1A94673CEAB1} -> [OneDrive - erikson.edu] => C:\Users\erine\OneDrive - erikson.edu [2020-05-18 12:16] CustomCLSID: HKU\S-1-5-21-3707107645-3133845480-1438675409-1001_Classes\CLSID\{04271989-C4D2-E4DB-C5EA-728D92C7BD4B} -> [erikson.edu] => C:\Users\erine\erikson.edu [2019-10-04 15:11] CustomCLSID: HKU\S-1-5-21-3707107645-3133845480-1438675409-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\erine\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21140.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3707107645-3133845480-1438675409-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\erine\AppData\Local\GoToMeeting\18705\G2MOutlookAddin64.dll => No File CustomCLSID: HKU\S-1-5-21-3707107645-3133845480-1438675409-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\erine\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll => No File CustomCLSID: HKU\S-1-5-21-3707107645-3133845480-1438675409-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\erine\Dropbox [2019-01-04 18:11] ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_b31ddd6f2a24807e\OptaneShellExt.dll [2021-02-09] (Intel(R) Rapid Storage Technology -> ) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-05-28] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_b31ddd6f2a24807e\OptaneShellExt.dll [2021-02-09] (Intel(R) Rapid Storage Technology -> ) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\cui_component.inf_amd64_0219cc1c7085a93f\igfxDTCM.dll [2018-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-05-28] (Malwarebytes Corporation -> Malwarebytes) ==================== Codecs (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Drivers32: [vidc.i420] => C:\WINDOWS\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.) HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\erine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Erin (erikson.edu) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1" ==================== Loaded Modules (Whitelisted) ============= 2019-05-23 15:57 - 2019-02-21 11:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll 2020-12-01 01:14 - 2020-12-01 01:14 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Interop.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== HKU\S-1-5-21-3707107645-3133845480-1438675409-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE HKU\S-1-5-21-3707107645-3133845480-1438675409-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE SearchScopes: HKU\S-1-5-21-3707107645-3133845480-1438675409-1001 -> DefaultScope {76BA70CC-4A17-4886-9A3D-AB84718B94D9} URL = SearchScopes: HKU\S-1-5-21-3707107645-3133845480-1438675409-1001 -> {76BA70CC-4A17-4886-9A3D-AB84718B94D9} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-05-28] (Microsoft Corporation -> Microsoft Corporation) BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-05-28] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation) (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-3707107645-3133845480-1438675409-1001\...\sharepoint.com -> hxxps://erikson-files.sharepoint.com ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2018-04-11 18:38 - 2018-04-11 18:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3707107645-3133845480-1438675409-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg DNS Servers: 192.168.12.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) HKLM\...\StartupApproved\StartupFolder: => "Avid Link.lnk" HKLM\...\StartupApproved\Run: => "WavesSvc" HKLM\...\StartupApproved\Run32: => "Dropbox" HKLM\...\StartupApproved\Run32: => "iSkysoft Helper Compact.exe" HKLM\...\StartupApproved\Run32: => "LeapFrog Connect 2 Launcher" HKU\S-1-5-21-3707107645-3133845480-1438675409-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk" HKU\S-1-5-21-3707107645-3133845480-1438675409-1001\...\StartupApproved\Run: => "CiscoMeetingDaemon" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{82FE4774-7537-40D4-8C40-CB1E04F8B9DB}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\27\stats.com (International Business Machines Corporation -> IBM Corp.) FirewallRules: [{91265713-1BBB-4EFD-918E-8AC3F172D293}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\27\WinWrapIDE.exe (International Business Machines Corporation -> IBM Corp.) FirewallRules: [{D41C67E6-5EF9-4387-8E7A-C0CFF6A70183}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\27\stats.exe (International Business Machines Corporation -> IBM Corp.) FirewallRules: [{FCB196ED-7F09-493B-851D-F7D005EA342D}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\27\stats.com (International Business Machines Corporation -> IBM Corp.) FirewallRules: [{797D1683-93F2-436A-AE46-8A6C03D3A99F}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\27\WinWrapIDE.exe (International Business Machines Corporation -> IBM Corp.) FirewallRules: [{4ECB768A-7AEF-40C0-9735-7184D93F5FCD}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\27\stats.exe (International Business Machines Corporation -> IBM Corp.) FirewallRules: [{8069A8E5-D2BD-483C-BFDE-58870785C960}] => (Allow) C:\Program Files\Avid\Avid Link\AvidAppManHelper.exe (Avid Technology, Inc. -> Avid Technology, Inc.) FirewallRules: [{4FEEDD4D-FF92-4455-AB6E-544F7BE57D8D}] => (Allow) C:\Program Files\Avid\Avid Link\Avid Link.exe (Avid Technology, Inc. -> Avid Technology, Inc.) FirewallRules: [{68C5941B-BF1D-4ADB-A299-5AB0E491DF27}] => (Allow) C:\Program Files\Avid\Avid Link\jre\bin\java.exe FirewallRules: [{AB8C8466-A433-4B37-B535-F8F64B6B4F1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\dowser.exe (Paradox Interactive Ab (Publ) -> ) FirewallRules: [{2E5D5CE8-C96E-46E3-ADF3-4AF738FB6404}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\dowser.exe (Paradox Interactive Ab (Publ) -> ) FirewallRules: [{1BB45BF6-C2F6-4DB2-A81E-1BA2C8322294}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe (Electronic Arts -> Electronic Arts Inc.) FirewallRules: [{27D0D49B-7299-46BD-B764-15D687BF7D06}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe (Electronic Arts -> Electronic Arts Inc.) FirewallRules: [{EEE394CF-2D2F-483E-8613-AD38FBEBEC2A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gary Grigsby's War in the East\autorun.exe (Slitherine Ltd -> Matrix Publishing Ltd.) FirewallRules: [{0EA081DF-F331-4613-A022-4BE8354C329D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gary Grigsby's War in the East\autorun.exe (Slitherine Ltd -> Matrix Publishing Ltd.) FirewallRules: [UDP Query User{0AADBF99-E49A-470A-84C3-A445CF235D41}C:\users\erine\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\erine\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{AC25FB74-84CA-4847-B09F-F7143197E990}C:\users\erine\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\erine\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{ABA2EB13-5D2C-455F-A3AE-5BE0DF5C195F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hearts of Iron IV\dowser.exe (Paradox Interactive AB (publ) -> ) FirewallRules: [{8DE8C12E-51DB-4280-989B-EEFF1931C5C4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hearts of Iron IV\dowser.exe (Paradox Interactive AB (publ) -> ) FirewallRules: [{4BEC8F64-4607-4E9B-A209-00688A19FDB0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Steel Division 2\SteelDivision2.exe (Eugen Systems -> ) FirewallRules: [{97DA9C1D-F386-4B7A-A99C-1440A2C154F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Steel Division 2\SteelDivision2.exe (Eugen Systems -> ) FirewallRules: [{E93034E9-9443-476F-964D-6C5070F1ADD7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stellaris\dowser.exe (Paradox Interactive AB (publ) -> ) FirewallRules: [{B6622C3D-3707-43DA-B5A6-8599CDF72043}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stellaris\dowser.exe (Paradox Interactive AB (publ) -> ) FirewallRules: [{C6E35B94-22E1-4229-A500-6FC32A0EBC45}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\dowser.exe (Paradox Interactive AB (publ) -> ) FirewallRules: [{C18BFC5B-68EE-4237-8C85-1EA1B0C4C2BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\dowser.exe (Paradox Interactive AB (publ) -> ) FirewallRules: [{6764EA49-E091-42EE-B6F3-3BE87A88721A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stellaris\stellaris.exe (Paradox Interactive AB (publ) -> Paradox Interactive) FirewallRules: [{E4D706BE-7FF3-478D-AF73-1B17D9A2BF77}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stellaris\stellaris.exe (Paradox Interactive AB (publ) -> Paradox Interactive) FirewallRules: [{B985B362-BDB3-493B-A206-970E2D1323DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game Dev Tycoon\nw.exe (Greenheart Games Pty. Ltd. -> ) FirewallRules: [{2477E48C-20B1-4E19-9D7B-CCB9553EBC99}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game Dev Tycoon\nw.exe (Greenheart Games Pty. Ltd. -> ) FirewallRules: [{0B9FD753-8363-40B2-8B92-99E6F08055CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Victoria 2\victoria2.exe () [File not signed] FirewallRules: [{699FC05B-C7B0-4A70-9C5C-EB0CC7F720B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Victoria 2\victoria2.exe () [File not signed] FirewallRules: [{8C1F622C-3C47-4EE0-8AA2-9323509AE855}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\eu4.exe (Paradox Interactive AB (publ) -> Paradox Interactive) FirewallRules: [{F249F148-5AD5-4D87-9EC1-35DAFD5ADFCE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\eu4.exe (Paradox Interactive AB (publ) -> Paradox Interactive) FirewallRules: [{557977B2-27B4-4457-9E98-F49B3A008420}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings II\CK2game.exe (Paradox Interactive AB (publ) -> Paradox Interactive) FirewallRules: [{906D40C6-E3B1-4580-AA51-BA445A074AF9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings II\CK2game.exe (Paradox Interactive AB (publ) -> Paradox Interactive) FirewallRules: [{B5A938DB-9C46-4F71-A42E-1CB98406DA81}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{B8486867-0FE5-4ACA-946A-D213304AA51C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{DDE83877-17D5-4FDF-AAA5-2D3FE2B62307}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Darkest Hour A HOI Game\Darkest Hour Launcher.exe (Witold Budziszewski) [File not signed] FirewallRules: [{6922417B-4AB2-4EC0-A47B-58C9593DAA1B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Darkest Hour A HOI Game\Darkest Hour Launcher.exe (Witold Budziszewski) [File not signed] FirewallRules: [{714773E4-E0B5-4EA0-80E8-F0D156B1F696}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hearts of Iron IV\hoi4.exe (Paradox Interactive AB (publ) -> Paradox Interactive) FirewallRules: [{269078E5-3A6D-4519-8182-0AA78896E999}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hearts of Iron IV\hoi4.exe (Paradox Interactive AB (publ) -> Paradox Interactive) FirewallRules: [{4CA29012-B83A-4ECA-BE17-0B6F76173FC8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{80C230DC-C372-422C-A7C1-0295487EB577}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{3062A725-8B8C-4737-B938-5159C1F8BAD8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16040.11001.20108.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{4A20DCD7-4621-4B9E-9666-2E2CD79C6839}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{6DAE79D6-5676-41DA-BCDD-E6C03E7C3FA7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{035DEDDF-E79A-4167-A583-3A47054DA3F7}] => (Allow) C:\Users\erine\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [TCP Query User{52931BB2-AD5A-4E2A-8DE6-182F3D8DC90A}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [UDP Query User{AB766514-604C-4DBA-B002-D77B73A1E6E6}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [TCP Query User{5EF13515-3723-47F2-ABCA-E745246AB2D4}C:\program files (x86)\coolmuster\coolmuster android assistant\4.3.497\bin\androidassistserver.exe] => (Allow) C:\program files (x86)\coolmuster\coolmuster android assistant\4.3.497\bin\androidassistserver.exe (UUMART LIMITED -> AndroidAssistServer) [File not signed] FirewallRules: [UDP Query User{58E11E2C-C253-47C7-B49D-DA8F227979B3}C:\program files (x86)\coolmuster\coolmuster android assistant\4.3.497\bin\androidassistserver.exe] => (Allow) C:\program files (x86)\coolmuster\coolmuster android assistant\4.3.497\bin\androidassistserver.exe (UUMART LIMITED -> AndroidAssistServer) [File not signed] FirewallRules: [{50E43B59-7084-4D0D-AF62-5B4802508B2C}] => (Block) C:\program files (x86)\coolmuster\coolmuster android assistant\4.3.497\bin\androidassistserver.exe (UUMART LIMITED -> AndroidAssistServer) [File not signed] FirewallRules: [{E2F0F573-400B-4772-9EBA-FA4DF606A905}] => (Block) C:\program files (x86)\coolmuster\coolmuster android assistant\4.3.497\bin\androidassistserver.exe (UUMART LIMITED -> AndroidAssistServer) [File not signed] FirewallRules: [TCP Query User{B7C35C69-7505-49A3-B2A1-BDC75CE23223}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{113914F1-ED21-4DF8-BFBD-47BFD1943831}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{1EE83D3B-715B-4A07-926A-99F07DC5D87F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe (Paradox Interactive AB (publ) -> ) FirewallRules: [{6914C75B-8A33-4BCF-B2B6-B5154E370D8B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe (Paradox Interactive AB (publ) -> ) FirewallRules: [{60087F19-41E9-4B83-92BF-42AE0E96B285}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ultimate General Civil War\Ultimate General Civil War.exe () [File not signed] FirewallRules: [{1343FBE2-EFFA-4694-83C4-0CE004845964}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ultimate General Civil War\Ultimate General Civil War.exe () [File not signed] FirewallRules: [{D6308340-01AB-4E9A-BC95-11D14026AC64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ultimate General Civil War\UGCWReporter.exe () [File not signed] FirewallRules: [{F0C93BA6-F6E2-4424-AB6F-549AA0FC9D16}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ultimate General Civil War\UGCWReporter.exe () [File not signed] FirewallRules: [{5D4C5A9A-4F5F-4CF0-AD0C-B53668077E2A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{38F9008D-0333-4593-8D78-237A27B56288}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{03D065CB-622F-4E20-8916-59BD6A83C25A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{3447EA05-5783-4ED3-A145-4B43571A4077}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{7D391528-ED0B-4F09-8452-1B86A3F8EB2B}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe FirewallRules: [UDP Query User{2AADF3EC-9353-4232-8BE2-A03C5781AFD4}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe FirewallRules: [{28640029-1CB6-4D5C-81DE-C33AEC9B3847}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DoorKickers2\DoorKickers2.exe (KillHouse Games) [File not signed] FirewallRules: [{DCB7C2BF-466C-4C00-8EAE-986689CBAD46}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DoorKickers2\DoorKickers2.exe (KillHouse Games) [File not signed] FirewallRules: [{C3F05293-542D-4C51-B121-6B5474AD6FEB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{02CABF53-34E9-488A-B187-CED93CD9B622}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{DACE35D2-C9F0-4EB3-BE17-105B184B48BA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{BC9A486B-FA76-4F4A-9C74-A35561D69EED}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{35F2DB8B-1539-4BF6-8E5E-E0C5FC99605A}] => (Allow) C:\Users\erine\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{8FAD2BBC-9476-47FB-9E15-346CDBAEB1BD}] => (Allow) C:\Users\erine\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{BED2FFDD-8169-4996-B79C-C8212D6212CD}] => (Allow) C:\Users\erine\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{B6049CDA-5875-4617-8BF7-9A052CCCEC06}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{B30F5F60-7015-4799-91EB-778700102F8B}C:\program files\ibm\spss statistics\stats.exe] => (Allow) C:\program files\ibm\spss statistics\stats.exe (International Business Machines Corporation -> IBM Corp.) FirewallRules: [UDP Query User{A9FFD051-8FCD-44A3-B952-F3AF195157F7}C:\program files\ibm\spss statistics\stats.exe] => (Allow) C:\program files\ibm\spss statistics\stats.exe (International Business Machines Corporation -> IBM Corp.) FirewallRules: [{CEB8091C-CE29-4B1B-B89B-4FA0EF24556F}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) FirewallRules: [{BCF0346C-9AA7-40EC-9DCA-DFC1B31F2051}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{D79B315C-64F6-49A7-8C52-FAE75805F7D6}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\93.0.961.52\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{B7ECE8BB-8957-4159-B2DB-DE026CE96113}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.) FirewallRules: [{8D4CA353-B546-48D8-A235-1E2D885A2337}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.) FirewallRules: [{40394BF5-5196-4947-AE3B-3EDF46B64C8F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{A5E8B12E-FA20-4482-8BAC-49D0E2880C85}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{63221326-276E-4796-8B87-150213399625}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{0BF43371-7FCC-4158-AE9E-B3D9A440C2FC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{E5ADA3B3-A36D-4E54-94F2-7889FDB3F8CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{6F6AA52A-28E5-4C70-98A7-7D3D2B0DF0C1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{0CA07BD8-3AD6-4374-B338-87F089463A35}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{8C2CF675-8869-479A-B613-C094EB2F2CF9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) ==================== Restore Points ========================= 07-09-2021 20:41:19 Scheduled Checkpoint 16-09-2021 05:16:01 Scheduled Checkpoint 21-09-2021 14:08:47 Windows Modules Installer 21-09-2021 18:20:17 Restore Operation ==================== Faulty Device Manager Devices ============ Name: DCP-L2540DW Description: DCP-L2540DW Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ======================== Application errors: ================== Error: (09/22/2021 02:19:36 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: NT AUTHORITY) Description: Application or service 'Intel(R) Dynamic Application Loader Host Interface Service' could not be restarted. Error: (09/22/2021 02:19:36 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: NT AUTHORITY) Description: Application or service 'Intel(R) Management and Security Application Local Management Service' could not be restarted. Error: (09/22/2021 01:45:59 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid. . Operation: Executing Asynchronous Operation Context: Current State: DoSnapshotSet Error: (09/22/2021 01:37:49 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program mcafee-security.exe version 2.1.67.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 2b50 Start Time: 01d7af7babf2cf9f Termination Time: 4294967295 Application Path: C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.67.0_x64__wafk5atnkzcwy\mcafee-security.exe Report Id: 725dfc50-c2f2-4226-89f4-6d6dd0bacae6 Faulting package full name: 5A894077.McAfeeSecurity_2.1.67.0_x64__wafk5atnkzcwy Faulting package-relative application ID: App Hang type: Quiesce Error: (09/22/2021 01:18:19 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress. . Error: (09/22/2021 01:18:19 AM) (Source: VSS) (EventID: 13) (User: ) Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] Error: (09/22/2021 01:06:54 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid. . Operation: Executing Asynchronous Operation Context: Current State: DoSnapshotSet Error: (09/22/2021 12:00:10 AM) (Source: System Restore) (EventID: 8204) (User: ) Description: System restore ended unexpectedly because of power loss or a program error. Additional information: (Scheduled Checkpoint). System errors: ============= Error: (09/22/2021 04:21:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Origin Web Helper Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (09/22/2021 04:21:11 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (60000 milliseconds) while waiting for the Origin Web Helper Service service to connect. Error: (09/22/2021 02:39:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Origin Web Helper Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (09/22/2021 02:39:26 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (60000 milliseconds) while waiting for the Origin Web Helper Service service to connect. Error: (09/22/2021 01:26:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Origin Web Helper Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (09/22/2021 01:26:59 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (60000 milliseconds) while waiting for the Origin Web Helper Service service to connect. Error: (09/22/2021 01:17:59 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-0OR6TUF) Description: The server {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} did not register with DCOM within the required timeout. Error: (09/22/2021 12:04:46 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: The Dell Digital Delivery Service service hung on starting. Windows Defender: ================ Date: 2021-09-21 18:03:01 Description: Microsoft Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/Mp3Rocket&threatid=228684&enterprise=0 Name: PUA:Win32/Mp3Rocket Severity: Low Category: Potentially Unwanted Software Path: file:_F:\mp3rocket.exe Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection Process Name: C:\Windows\explorer.exe Security intelligence Version: AV: 1.349.1181.0, AS: 1.349.1181.0, NIS: 1.349.1181.0 Engine Version: AM: 1.1.18500.10, NIS: 1.1.18500.10 Date: 2021-09-19 15:15:17 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2021-09-18 13:34:30 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2021-09-17 18:05:25 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2021-09-16 14:05:30 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2021-09-21 13:21:48 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.349.1082.0 Update Source: Microsoft Update Server Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.18500.10 Error code: 0x80240022 Error description: The program can't check for definition updates. Date: 2021-09-17 05:06:35 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.349.890.0 Update Source: Microsoft Update Server Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.18500.10 Error code: 0x80070102 Error description: The wait operation timed out. Date: 2021-09-17 05:06:35 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.349.890.0 Update Source: Microsoft Update Server Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.18500.10 Error code: 0x80070102 Error description: The wait operation timed out. CodeIntegrity: =============== Date: 2021-09-22 02:06:46 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\Installer\MSI307B.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2021-06-27 03:15:28 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== BIOS: Dell Inc. 2.19.0 07/14/2021 Motherboard: Dell Inc. 0H4VK7 Processor: Intel(R) Core(TM) i5-8400 CPU @ 2.80GHz Percentage of memory in use: 54% Total physical RAM: 12110.39 MB Available physical RAM: 5482.63 MB Total Virtual: 13966.39 MB Available Virtual: 5645.01 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:917.19 GB) (Free:660.36 GB) NTFS Drive f: (ErinsPassport) (Fixed) (Total:465.73 GB) (Free:424.74 GB) NTFS \\?\Volume{0dc063a1-69be-4be6-ab33-f9d07fccda34}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.5 GB) NTFS \\?\Volume{98dc49b9-304f-4b24-a15e-39dc3c620e5c}\ (Image) (Fixed) (Total:11.52 GB) (Free:0.23 GB) NTFS \\?\Volume{792f05df-4929-4744-8772-a75e1c906fe3}\ (DELLSUPPORT) (Fixed) (Total:1.07 GB) (Free:0.21 GB) NTFS \\?\Volume{afe7b3d6-a805-42cc-8e1f-b11ce3a3cae9}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.56 GB) FAT32 ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 32F8F15B) Partition: GPT. ========================================================== Disk: 1 (MBR Code: Windows XP) (Size: 465.7 GB) (Disk ID: 0004A183) Partition 1: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS) ==================== End of Addition.txt =======================