This topic is locked
Hi folks. Appears that I caught this off a website two days ago while trying to download an equipment instruction manual (the website address can be forwarded to you if important).
Anyway, almost immediately started getting pop-up windows in lower right corner indicating my computer is infected and I should click on this to remove the infection. It only occurs when I open my browser (Google Chrome) which is what I was using at the time. I have recently opened MS Edge and did not get the same or similar pop-ups. These pop-ups vary in the message and appearance but the intent seems to be identical - alerting me that this pc is infected and I should click on it to fix the problem. Just to be clear I have never clicked on any of these pop-ups
Since the moment when it happened I've run three scans: Superantispyware which found/fixed a lot of issues, MBAM and Windows Security which both turned up nothing. However the problem/infection continues.
I titled this topic as each of the pop-ups contains the same name bestfaustcaptcha.top. I've got a number of screenshots of these pop-ups if that would be helpful.
That's pretty much it. I'll paste the two FRST file scans below.
Thnx in advance for the time.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-01-2022
Ran by scodo (administrator) on SCOTTSOFFICEDES (Dell Inc. XPS 8930) (03-02-2022 08:55:45)
Running from C:\Users\scodo\OneDrive\Desktop\FRST-OlderVersion\FRST-OlderVersion
Loaded Profiles: scodo
Platform: Microsoft Windows 10 Home Version 21H1 19043.1466 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\PowerPanel Personal.exe
() [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\ppped.exe
() [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\pppServiceMonitor.exe
(ABBYY SOLUTIONS LIMITED -> ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(CANON INC. -> CANON INC.) C:\Program Files (x86)\Canon\OIPTonerStatus\CnTnrStsTask.exe
(Cyber Power Systems, Inc.) [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\bin\ppuser.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <8>
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_de0cf7bbf26b8ed4\aesm_service.exe
(Intel Corporation -> Intel® Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2dadf80722c4f751\igfxCUIService.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2dadf80722c4f751\igfxEM.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2dadf80722c4f751\IntelCpHDCPSvc.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2dadf80722c4f751\IntelCpHeciSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_9c788f1d162b1224\RstMwService.exe
(IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Malwarebytes Corporation -> Malwarebytes Corporation) [File not signed] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Malwarebytes Corporation -> Malwarebytes Corporation) [File not signed] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\scodo\AppData\Local\Microsoft\OneDrive\22.012.0116.0001\FileCoAuth.exe
(Microsoft Corporation -> Microsoft) C:\Program Files (x86)\Microsoft Streets & Trips 2013\StreetsOlkShim.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ScreenSketch_10.2008.2277.0_x64__8wekyb3d8bbwe\ScreenSketch.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Rivet Networks LLC -> Intel Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWM.exe
(Rivet Networks LLC -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtility.exe
(Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe
(Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(Rivet Networks LLC -> Rivet Networks, LLC.) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe
(Rivet Networks LLC -> Rivet Networks, LLC.) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Support.com, Inc. -> SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11102832 2021-08-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617848 2021-08-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [MFNetworkScanUtility] => C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE [486552 2012-09-27] (CANON INC. -> CANON INC.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch (No File)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1236688 2020-12-04] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5343664 2015-07-20] (Acronis International GmbH -> Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [691056 2015-07-20] (Acronis International GmbH -> Acronis International GmbH)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-01-14] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort11reminder] => C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [Canon Toner Status] => C:\Program Files (x86)\Canon\OIPTonerStatus\CnTnrStsTask.exe [1821240 2014-04-10] (CANON INC. -> CANON INC.)
HKU\S-1-5-21-2087068202-1813543609-1746243882-1002\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [10985776 2022-01-15] (Support.com, Inc. -> SUPERAntiSpyware)
HKU\S-1-5-21-2087068202-1813543609-1746243882-1002\...\Run: [com.squirrel.Teams.Teams] => C:\Users\scodo\AppData\Local\Microsoft\Teams\Update.exe [2459344 2021-12-12] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2087068202-1813543609-1746243882-1002\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\scodo\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-2087068202-1813543609-1746243882-1002\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\scodo\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-2087068202-1813543609-1746243882-1002\...\RunOnce: [Uninstall 22.002.0103.0004] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\scodo\AppData\Local\Microsoft\OneDrive\22.002.0103.0004"
HKU\S-1-5-21-2087068202-1813543609-1746243882-1002\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-2087068202-1813543609-1746243882-1002\...\MountPoints2: {61fccc5d-8a59-11eb-b98b-004e01b3ca92} - "E:\LaunchU3.exe" -a
HKLM\...\Print\Monitors\Canon MFNP Port: C:\WINDOWS\system32\CNCENPM6.dll [152064 2013-01-31] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\Canon WSD Language Monitor: C:\WINDOWS\system32\cnnx0_flm.dll [1498112 2014-04-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\CPCA Language Monitor3b: C:\WINDOWS\system32\CNAS0MOK.DLL [1006080 2012-08-09] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\97.0.4692.99\Installer\chrmstp.exe [2022-01-20] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PowerPanel Personal.exe.lnk [2021-11-04]
ShortcutTarget: PowerPanel Personal.exe.lnk -> C:\Program Files (x86)\CyberPower PowerPanel Personal\PowerPanel Personal.exe () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ppuser.exe.lnk [2021-11-04]
ShortcutTarget: ppuser.exe.lnk -> C:\Program Files (x86)\CyberPower PowerPanel Personal\bin\ppuser.exe (Cyber Power Systems, Inc.) [File not signed]
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1E504EC6-E987-406C-BCCC-7DB406B21256} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2606D4C6-D8E9-4D45-AC91-910CBD50757A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {360AD7A3-F7D9-41B2-BF90-0B00E98B76F8} - System32\Tasks\SU_AutoUpdate => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4518936 2021-04-25] (IObit CO., LTD -> IObit)
Task: {56A776D6-4D80-44CD-91EC-82D92D959752} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22880112 2022-01-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {5AFC9F8F-997E-4339-AE2E-99A06FF684D8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {68BC6866-95BE-4BB8-AED8-281F9617FDA1} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1060384 2021-11-15] (Dell Inc -> Dell Inc.)
Task: {6914382D-E063-4398-8E0F-AB6E70342128} - System32\Tasks\ASC_SkipUac_scodo => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe /SkipUac (No File)
Task: {7A98ECF9-5C18-4D97-9B90-85D9DE5896FD} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108904 2022-01-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {7DB84940-466C-41FF-86A2-55F39FF52757} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {803AED5A-A644-489F-A6BB-459D4BBCEAC4} - System32\Tasks\ASC_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe /Task (No File)
Task: {960B4130-C05D-4295-8D7D-9E9B12D3FF2E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108904 2022-01-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {97850CC1-5C15-4892-94D8-EC860846E902} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-03] (Google LLC -> Google LLC)
Task: {9A4EACDA-6210-4E01-ACC0-38BD8ABE899A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22880112 2022-01-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {B8A1D95B-F23B-44DF-B82E-B4CC6ACD7E78} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-03] (Google LLC -> Google LLC)
Task: {CFA0FF18-A828-4765-B758-C0A45CE11706} - System32\Tasks\Software Updater Scheduler => C:\Program Files (x86)\IObit\Software Updater\SUInit.exe [1794584 2021-04-14] (IObit CO., LTD -> IObit) <==== ATTENTION
Task: {D19065FF-57A8-43CC-B2DC-31FF2E0A3552} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1172360 2022-01-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {EFB1CC11-9B04-4E02-B5B2-801BD3743A0C} - System32\Tasks\Software Updater SkipUAC(scodo) => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4518936 2021-04-25] (IObit CO., LTD -> IObit) <==== ATTENTION
Task: {F2A8652E-260D-490C-A3F3-CE1F7F1FC315} - System32\Tasks\Uninstaller_SkipUac_scodo => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [7225368 2021-08-24] (IObit CO., LTD -> IObit)
Task: {F5124424-0BF7-4855-8CDB-8D4F62DC102E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0cdb6014-279f-4f7f-843d-dc9d6a3aa7a0}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a235eab2-c774-4ff8-bf15-571d48ac6748}: [DhcpNameServer] 192.168.1.1
Edge:
=======
DownloadDir: C:\Users\scodo\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-2087068202-1813543609-1746243882-1002 -> hxxp://www.google.com/
Edge Notifications: HKU\S-1-5-21-2087068202-1813543609-1746243882-1002 -> hxxps://calendar.google.com
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\scodo\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-01]
Edge DownloadDir: Default -> C:\Users\scodo\Downloads
Edge Notifications: Default -> hxxps://calendar.google.com
Edge HomePage: Default -> hxxp://www.google.com/
Edge StartupUrls: Default -> "hxxp://www.google.com/"
FireFox:
========
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-10-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-2087068202-1813543609-1746243882-1002: SkypeForBusinessPlugin-16.2 -> C:\Users\scodo\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-2087068202-1813543609-1746243882-1002: SkypeForBusinessPlugin64-16.2 -> C:\Users\scodo\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi-x64.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\scodo\AppData\Roaming\mozilla\plugins\npatgpc.dll [2020-08-05]
Chrome:
=======
CHR Profile: C:\Users\scodo\AppData\Local\Google\Chrome\User Data\Default [2022-02-03]
CHR DownloadDir: C:\Users\scodo\OneDrive\Desktop
CHR Notifications: Default -> hxxps://bestfaustcaptcha.top; hxxps://robynbauder.securefilepro.com
CHR HomePage: Default -> hxxps://192.168.1.1/login?redirect=%2F
CHR Extension: (Google Drive) - C:\Users\scodo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-20]
CHR Extension: (YouTube) - C:\Users\scodo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-01-03]
CHR Extension: (Cisco Webex Extension) - C:\Users\scodo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2021-11-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\scodo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\scodo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY SOLUTIONS LIMITED -> ABBYY)
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1263424 2014-08-14] (Acronis International GmbH -> Acronis)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [3996664 2020-01-03] (Acronis International GmbH -> Acronis)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12124536 2022-01-31] (Microsoft Corporation -> Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [436256 2021-09-29] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3847712 2021-09-29] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [462880 2021-09-29] (Dell Technologies Inc. -> Dell Technologies Inc.)
S3 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [40656 2020-04-09] (Dell Inc -> )
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe [1024680 2021-09-01] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [19128 2021-09-29] (Dell Inc -> Dell INC.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38600 2021-11-11] (Dell Inc -> )
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [158232 2021-08-04] (IObit CO., LTD -> IObit)
S3 KAPSService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KAPSService.exe [73496 2021-05-25] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 Killer Analytics Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [2360616 2021-05-25] (Rivet Networks LLC -> Rivet Networks)
R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2756896 2021-05-25] (Rivet Networks LLC -> Rivet Networks)
R3 KNDBWM; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [73488 2021-05-25] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [398184 2012-12-14] (Malwarebytes Corporation -> Malwarebytes Corporation) [File not signed]
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [682344 2012-12-14] (Malwarebytes Corporation -> Malwarebytes Corporation) [File not signed]
R2 PowerPanel Personal Service; C:\Program Files (x86)\CyberPower PowerPanel Personal\ppped.exe [11264 2021-08-03] () [File not signed]
R2 PowerPanel Personal Service Monitor; C:\Program Files (x86)\CyberPower PowerPanel Personal\pppServiceMonitor.exe [1186304 2021-08-03] () [File not signed]
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39968 2021-11-15] (Dell Inc -> Dell Inc.)
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [6847712 2014-09-13] (Acronis International GmbH -> Acronis)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 xTendSoftAPService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendSoftAPService.exe [74016 2021-05-25] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 xTendUtilityService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe [74024 2021-05-25] (Rivet Networks LLC -> Rivet Networks, LLC.)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2020-11-08] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 cpuz145; C:\WINDOWS\temp\cpuz145\cpuz145_x64.sys [49968 2021-07-08] (CPUID -> CPUID)
R3 DBUtilDrv2; C:\WINDOWS\System32\drivers\DBUtilDrv2.sys [24968 2022-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [43400 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [296736 2020-01-03] (Acronis International GmbH -> Acronis International GmbH)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [43896 2020-07-31] (IObit Information Technology -> IObit)
R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37112 2020-07-31] (IObit Information Technology -> IObit)
R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [51128 2020-07-31] (IObit Information Technology -> IObit)
R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys [189336 2021-05-25] (Rivet Networks LLC -> Rivet Networks, LLC.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24176 2012-12-14] (Malwarebytes Corporation -> Malwarebytes Corporation) [File not signed]
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 tib; C:\WINDOWS\system32\DRIVERS\tib.sys [1058632 2020-01-03] (Acronis International GmbH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [248648 2020-01-03] (Acronis International GmbH -> Acronis International GmbH)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-02-03 08:50 - 2022-02-03 08:50 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2087068202-1813543609-1746243882-1002
2022-02-03 08:50 - 2022-02-03 08:50 - 000002432 _____ C:\Users\scodo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-02-02 16:51 - 2022-02-02 16:51 - 000024968 _____ (Dell) C:\WINDOWS\system32\Drivers\DBUtilDrv2.sys
2022-02-02 15:10 - 2022-02-03 08:55 - 000000000 ____D C:\FRST
2022-02-02 15:07 - 2022-02-02 15:07 - 002299904 _____ (Farbar) C:\Users\scodo\Downloads\FRST64.exe
2022-01-22 12:47 - 2022-01-22 12:47 - 000090576 _____ C:\Users\scodo\Downloads\9292250-ReturnBendCxC-Wrot-638 (2).pdf
2022-01-22 12:46 - 2022-01-22 12:46 - 000090576 _____ C:\Users\scodo\Downloads\9292250-ReturnBendCxC-Wrot-638 (1).pdf
2022-01-22 12:42 - 2022-01-22 12:42 - 000090576 _____ C:\Users\scodo\Downloads\9292250-ReturnBendCxC-Wrot-638.pdf
2022-01-22 12:05 - 2022-01-22 12:05 - 000525768 _____ C:\Users\scodo\Downloads\Wrot_Cast_Consolidated_Price_List_183_ Effective_May_17_2021.xlsx
2022-01-21 10:25 - 2022-01-21 10:25 - 000217332 _____ C:\Users\scodo\Downloads\Square D™ QO™ and QOB Miniature Circuit Breakers_QO260CP.pdf
2022-01-21 10:03 - 2022-01-21 10:03 - 000116881 _____ C:\Users\scodo\Downloads\QO™ Load Centers_QOC20U100F.pdf
2022-01-20 09:55 - 2022-01-20 09:55 - 000041110 _____ C:\Users\scodo\Downloads\social-security-statement.pdf
2022-01-14 13:36 - 2022-01-14 13:36 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-14 13:35 - 2022-01-14 13:35 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-14 13:35 - 2022-01-14 13:35 - 000011797 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-01-13 10:16 - 2022-01-13 10:16 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-01-13 10:16 - 2022-01-13 10:16 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-01-13 10:16 - 2022-01-13 10:16 - 000002065 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2022-01-12 09:15 - 2022-01-12 09:15 - 000000000 ___HD C:\$WinREAgent
2022-01-07 10:45 - 2022-01-07 10:45 - 000620244 _____ C:\Users\scodo\Downloads\Annual Statement 2021.pdf
2022-01-06 11:47 - 2022-01-06 11:47 - 000051937 _____ C:\Users\scodo\Downloads\Brokerage Trade Transaction - 2022-01-06T114740.853.pdf
2022-01-06 11:47 - 2022-01-06 11:47 - 000049057 _____ C:\Users\scodo\Downloads\Brokerage Trade Transaction - 2022-01-06T114737.963.pdf
2022-01-05 18:24 - 2022-01-05 18:24 - 000546477 _____ C:\Users\scodo\Downloads\DONALDSON, SCOTT PENNY_2018_TAX RETURN_TAX RETURN.pdf
2022-01-05 18:24 - 2022-01-05 18:24 - 000387081 _____ C:\Users\scodo\Downloads\DONALDSON, SCOTT PENNY_2020_TAX RETURN_TAX RETURN.pdf
2022-01-05 18:23 - 2022-01-05 18:23 - 000556117 _____ C:\Users\scodo\Downloads\DONALDSON, SCOTT PENNY_2019_TAX RETURN_TAX RETURN.pdf
2022-01-05 18:23 - 2022-01-05 18:23 - 000299976 _____ C:\Users\scodo\Downloads\DONALDSON, SCOTT PENNY_2017_TAX RETURN_TAX RETURN(1).pdf
2022-01-05 18:23 - 2022-01-05 18:23 - 000287669 _____ C:\Users\scodo\Downloads\DONALDSON, SCOTT PENNY_2016_TAX RETURN_TAX RETURN.pdf
2022-01-05 12:29 - 2022-01-05 12:29 - 000444460 _____ C:\Users\scodo\Downloads\Important_Information_from_Boyum_Barenscheer.pdf
2022-01-04 13:29 - 2022-01-04 13:29 - 000000648 _____ C:\Users\scodo\Downloads\transcsv.csv
2022-01-04 13:28 - 2022-01-04 13:28 - 000035798 _____ C:\Users\scodo\Downloads\summary.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-02-03 08:53 - 2020-11-08 10:19 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-02-03 08:53 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-02-03 08:53 - 2019-12-07 04:13 - 000000000 ____D C:\WINDOWS\INF
2022-02-03 08:50 - 2021-12-12 09:37 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2087068202-1813543609-1746243882-1002
2022-02-03 08:50 - 2020-11-08 10:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-02-03 08:50 - 2020-01-03 16:18 - 000000000 ____D C:\Program Files (x86)\Google
2022-02-03 08:50 - 2019-12-30 15:43 - 000000000 ___RD C:\Users\scodo\OneDrive
2022-02-03 08:50 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-02-02 15:20 - 2020-11-08 10:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-02-02 15:20 - 2020-11-08 10:11 - 000008192 ___SH C:\DumpStack.log.tmp
2022-02-02 15:20 - 2019-12-30 15:41 - 000000000 __SHD C:\Users\scodo\IntelGraphicsProfiles
2022-02-02 15:20 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-02-02 15:20 - 2019-12-06 13:02 - 000000000 ____D C:\Intel
2022-02-02 15:18 - 2019-12-07 04:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-02-01 21:02 - 2020-01-03 12:24 - 000000000 ____D C:\ProgramData\ProductData
2022-02-01 20:57 - 2020-01-09 14:27 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-02-01 20:57 - 2020-01-03 16:18 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2022-01-28 10:20 - 2020-07-14 13:18 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-28 10:20 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-26 09:14 - 2020-11-08 10:14 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-26 09:14 - 2020-11-08 10:14 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-01-24 15:09 - 2019-12-30 15:41 - 000000000 ____D C:\Users\scodo\AppData\Local\Packages
2022-01-21 14:27 - 2020-11-08 10:14 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-21 14:27 - 2020-11-08 10:14 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-20 08:56 - 2020-01-03 16:18 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-18 11:34 - 2020-11-08 09:43 - 000000000 ____D C:\Users\scodo
2022-01-16 07:27 - 2021-06-15 07:44 - 000000000 ____D C:\Users\scodo\AppData\Roaming\MediaMonkey5
2022-01-14 22:36 - 2020-01-03 16:50 - 000000000 ____D C:\Users\scodo\AppData\Local\Adobe
2022-01-14 22:23 - 2020-11-08 10:11 - 000441600 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-01-14 22:22 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-14 22:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-01-14 22:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-01-14 22:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-14 22:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-14 22:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-01-14 22:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-01-14 13:37 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-14 13:32 - 2019-12-30 18:46 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-01-14 13:31 - 2019-12-30 18:46 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories ========
2020-01-08 11:53 - 2020-01-08 11:53 - 000000135 _____ () C:\Users\scodo\AppData\Roaming\pppe_log.txt
2019-12-30 17:01 - 2020-01-03 12:05 - 000007679 _____ () C:\Users\scodo\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-01-2022
Ran by scodo (03-02-2022 08:56:39)
Running from C:\Users\scodo\OneDrive\Desktop\FRST-OlderVersion\FRST-OlderVersion
Microsoft Windows 10 Home Version 21H1 19043.1466 (X64) (2020-11-08 15:14:53)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2087068202-1813543609-1746243882-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2087068202-1813543609-1746243882-503 - Limited - Disabled)
Guest (S-1-5-21-2087068202-1813543609-1746243882-501 - Limited - Disabled)
scodo (S-1-5-21-2087068202-1813543609-1746243882-1002 - Administrator - Enabled) => C:\Users\scodo
WDAGUtilityAccount (S-1-5-21-2087068202-1813543609-1746243882-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\{F9000000-0018-0000-0000-074957833700}) (Version: 9.00.15.58233 - ABBYY) Hidden
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.00.15.58233 - ABBYY)
Acronis True Image 2015 (HKLM-x32\...\{35CFA5F4-EE2D-4B13-AAED-BC643B6874B5}) (Version: 18.0.6613 - Acronis) Hidden
Acronis True Image 2015 (HKLM-x32\...\{35CFA5F4-EE2D-4B13-AAED-BC643B6874B5}Visible) (Version: 18.0.6613 - Acronis)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 21.011.20039 - Adobe)
Advanced SystemCare (HKLM-x32\...\Advanced SystemCare_is1) (Version: 14.5.0 - IObit)
Canon MF Toolbox 4.9.1.1.mf17 (HKLM-x32\...\{6767DFEE-8909-453A-B553-C7693912B2EB}) (Version: 4.9.1.1.mf17 - CANON INC.)
Canon MF220 Series (HKLM\...\{33A079E0-BF49-4E97-9293-3EDDA6D130A4}) (Version: 4.5.0.0 - CANON INC.)
Cisco Webex Meetings (HKU\S-1-5-21-2087068202-1813543609-1746243882-1002\...\ActiveTouchMeetingClient) (Version: 41.2.4 - Cisco Webex LLC)
CrystalDiskInfo 8.1.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 8.1.0 - Crystal Dew World)
CrystalDiskInfo 8.12.4 (64-bit) (HKLM\...\CrystalDiskInfo_is1) (Version: 8.12.4 - Crystal Dew World)
CyberPower PowerPanel Personal 2.3.0 (HKLM-x32\...\5708-0475-1423-7128) (Version: 2.3.0 - CyberPower Systems, Inc.)
Dell Digital Delivery Services (HKLM-x32\...\{CC5730C7-C867-43BD-94DA-00BB3836906F}) (Version: 4.0.52.0 - Dell Inc.)
Dell Mobile Connect Drivers (HKLM\...\{2D27B76E-8FB1-495B-A61D-FB76349E7E36}) (Version: 3.1.9518 - Screenovate Technologies Ltd.)
Dell SupportAssist (HKLM\...\{E0659C89-D276-4B77-A5EC-A8F2F042E78F}) (Version: 3.10.4.18 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{900D0BCD-0B86-4DAA-B639-89BE70449569}) (Version: 5.4.1.14954 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{ec40a028-983b-4213-af2c-77ed6f6fe1d5}) (Version: 5.4.1.14954 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{E21419F5-2AA6-439C-B2C1-840083A05BC5}) (Version: 5.5.0.16041 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{db72dcd5-bf99-4888-b104-cb605b82ec8a}) (Version: 5.5.0.16041 - Dell Inc.)
Dell Update for Windows Universal (HKLM\...\{41D2D254-D869-4CD8-B440-5DF49083C4BA}) (Version: 4.4.0 - Dell Inc.)
Epson Copy Utility 3.5 (HKLM-x32\...\{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}) (Version: 3.5.0.0 - )
Epson Event Manager (HKLM-x32\...\{8F01524C-0676-4CC1-B4AE-64753C723391}) (Version: 3.01.0005 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON Scan PDF EXtensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.0000 - SEIKO EPSON Corp.)
EPSON WorkForce GT-1500 Scanner Driver Update version 3.0.2.0 (HKLM-x32\...\ScannerDriverUpdateEPSON WorkForce GT-1500_is1) (Version: 3.0.2.0 - Epson America Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 97.0.4692.99 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1932.12.0.1298 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.56.87.0 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{05817e4d-5f15-49b4-afec-7edb31fc7dd6}) (Version: 1.56.87.0 - Intel Corporation) Hidden
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{7EBADAB6-B7AC-4560-85A7-FF345559F193}) (Version: 17.2.6.1027 - Intel Corporation)
IObit Software Updater (HKLM-x32\...\IObit Software Updater_is1) (Version: 4.0.0.99 - IObit)
IObit Uninstaller 11 (HKLM-x32\...\IObitUninstall) (Version: 11.0.1.14 - IObit)
ISIS Driver - EPSON GT-1500 v1.0 (HKLM-x32\...\{D41864EF-CC5D-4CF4-B0B9-CA3152164157}) (Version: 1.0 - EMC Captiva)
Killer Ethernet Performance Driver Suite UWD (HKLM\...\{B6A1310A-C2C4-4401-8563-7F8B2BFF7643}) (Version: 2.1.1295 - Rivet Networks)
Malwarebytes Anti-Malware version 1.70.0.1100 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.70.0.1100 - Malwarebytes Corporation)
MasterCook 15 (HKLM-x32\...\{1E492158-401F-434B-957B-477D6B5A46AA}) (Version: 15.00.24 - Valusoft Cosmi)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.13058.0 - Waves Audio Ltd.) Hidden
MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
MediaMonkey 5 (HKLM-x32\...\MediaMonkey 5_is1) (Version: 5 - Ventis Media Inc.)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.14827.20158 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM-x32\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 97.0.1072.76 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 97.0.1072.76 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2087068202-1813543609-1746243882-1002\...\OneDriveSetup.exe) (Version: 22.012.0116.0001 - Microsoft Corporation)
Microsoft Streets & Trips 2013 (HKLM-x32\...\{C82185E8-C27B-4EF4-2013-4444BC2C2B6D}) (Version: 19.0.18.1100 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2087068202-1813543609-1746243882-1002\...\Teams) (Version: 1.4.00.31569 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14827.20088 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14827.20088 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14827.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}) (Version: 1.00.0000 - Nuance Communications, Inc.)
Qualcomm 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{E7086B15-806E-4519-A876-DBA9FDDE9A13}) (Version: 11.0.0.10505 - Qualcomm)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9205.1 - Realtek Semiconductor Corp.)
ScanSoft PaperPort 11 (HKLM-x32\...\{DEA18FF6-D84A-4242-9663-692E5BA56805}) (Version: 11.1.0000 - Nuance Communications, Inc.)
Skype Meetings App (HKLM-x32\...\{BC1D9E47-8927-4AA1-A891-7763BC2475B7}) (Version: 16.2.0.511 - Microsoft Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 8.0.1048 - SUPERAntiSpyware.com)
Toner Status (HKLM-x32\...\{6E9A516A-6189-4502-80FD-51BE28989CEB}) (Version: 1.0.0.0 - CANON INC.)
Windows PC Health Check (HKLM\...\{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-2087068202-1813543609-1746243882-1002\...\ZoomUMX) (Version: 5.8.7 (2058) - Zoom Video Communications, Inc.)
Packages:
=========
Canon Office Printer Utility -> C:\Program Files\WindowsApps\34791E63.CanonOfficePrinterUtility_12.7.0.0_x64__6e5tt8cgb93ep [2020-01-08] (Canon Inc.)
Dell Cinema Guide -> C:\Program Files\WindowsApps\DellInc.DellCinemaGuide_1.0.49.0_x64__htrsf667h5kn2 [2019-12-30] (Dell Inc)
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.3.5.0_x64__htrsf667h5kn2 [2021-11-20] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0.92.0_x64__htrsf667h5kn2 [2021-08-11] (Dell Inc)
Dell Mobile Connect 3.3 -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0 [2021-09-20] (Screenovate Technologies) [Startup Task]
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.10.7.0_x64__htrsf667h5kn2 [2021-11-22] (Dell Inc)
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_4.4.18.0_x86__htrsf667h5kn2 [2021-11-13] (Dell Inc)
Killer Control Center -> C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_3.1021.524.0_x64__rh07ty8m5nkag [2021-10-22] (Rivet Networks LLC) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-12-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-12-30] (Microsoft Corporation) [MS Ad]
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.1817.0_x64__8wekyb3d8bbwe [2021-12-14] (Microsoft Corporation)
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-29] (Microsoft Corporation)
My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_1.92.17.0_x64__htrsf667h5kn2 [2021-11-04] (Dell Inc)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-14] (Netflix, Inc.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-07-30] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2087068202-1813543609-1746243882-1002_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\scodo\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21229.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2087068202-1813543609-1746243882-1002_Classes\CLSID\{3E3AD4BD-346A-460A-80E8-90699B75C00B}\InprocServer32 -> C:\Users\scodo\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\GatewayActiveX-x64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2087068202-1813543609-1746243882-1002_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_b31ddd6f2a24807e\OptaneShellExt.dll [2021-02-09] (Intel® Rapid Storage Technology -> )
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis International GmbH -> Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis International GmbH -> Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis International GmbH -> Acronis)
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2021-03-25] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll [2014-09-09] (Acronis International GmbH -> Acronis)
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2021-03-25] (IObit Information Technology -> IObit)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll [2012-12-14] (Malwarebytes Corporation -> Malwarebytes Corporation) [File not signed]
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_b31ddd6f2a24807e\OptaneShellExt.dll [2021-02-09] (Intel® Rapid Storage Technology -> )
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2021-03-25] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2dadf80722c4f751\igfxDTCM.dll [2021-01-18] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll [2012-12-14] (Malwarebytes Corporation -> Malwarebytes Corporation) [File not signed]
ContextMenuHandlers6: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll [2014-09-09] (Acronis International GmbH -> Acronis)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2021-11-04 12:22 - 2017-09-15 00:35 - 000128512 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\_cffi_backend.cp36-win32.pyd
2021-11-04 12:23 - 2021-11-04 12:23 - 001196032 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\bin\ppbedrv.dll
2021-11-04 12:23 - 2021-11-04 12:23 - 000163840 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\bin\ppbedrvc.dll
2021-11-04 12:22 - 2021-08-03 02:32 - 000023040 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\ClientHandler\AdvancedHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000015360 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\ClientHandler\AppTrayHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000015872 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\ClientHandler\DeviceConfigHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000016896 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\ClientHandler\DevicePropHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000020992 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\ClientHandler\DeviceStatusHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000023552 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\ClientHandler\EnergyHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000024064 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\ClientHandler\EventLogsHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000016384 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\ClientHandler\MenuHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000029696 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\ClientHandler\NotificationHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000017408 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\ClientHandler\RuntimeHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000024064 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\ClientHandler\ScheduleHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000019968 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\ClientHandler\SelfTestHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000017408 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\ClientHandler\SoftwareUpdateHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000019456 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\ClientHandler\SummaryHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000014336 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\ClientHandler\VoltageHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:31 - 000016384 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\ClientModel\DaemonStatus.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:26 - 000015872 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\controllers\BypassEventCount.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:26 - 000017920 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\controllers\DesktopInteractiveServer.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:26 - 000025088 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\controllers\DeviceConfigure.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:26 - 000015360 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\controllers\DeviceLogHelper.cp36-win32.pyd
2021-11-04 12:23 - 2021-11-04 12:23 - 000110592 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\controllers\DeviceMonitor.cp36-win32.pyd
2021-11-04 12:23 - 2021-11-04 12:23 - 000055296 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\controllers\DevicePropertiesFetcher.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:28 - 000024064 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\controllers\EnergyRecorder.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:29 - 000079360 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\controllers\EventAnalyzer.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:29 - 000100864 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\controllers\MobileDataProvider.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:29 - 000024064 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\controllers\TransactionHelper.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:30 - 000055808 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\controllers\WebAppController.cp36-win32.pyd
2021-11-04 12:22 - 2017-09-15 00:35 - 000009728 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\cryptography\hazmat\bindings\_constant_time.pyd
2021-11-04 12:22 - 2017-09-15 00:35 - 002095616 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\cryptography\hazmat\bindings\_openssl.pyd
2021-11-04 12:22 - 2017-09-15 00:35 - 000009728 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\cryptography\hazmat\bindings\_padding.pyd
2021-11-04 12:22 - 2021-08-03 02:33 - 000015360 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\Events\Event.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:33 - 000034816 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\Events\EventsMobile.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:31 - 000045568 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\handler_refactor\AdvancedHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:31 - 000017408 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\handler_refactor\AppTrayHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:31 - 000019456 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\handler_refactor\DeviceConfigHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:31 - 000019456 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\handler_refactor\DevicePropHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:31 - 000015872 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\handler_refactor\DeviceStatusHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:31 - 000015872 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\handler_refactor\EnergyHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:31 - 000017920 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\handler_refactor\EventLogsHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:31 - 000026624 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\handler_refactor\NotificationHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:31 - 000016896 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\handler_refactor\RuntimeHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:31 - 000038400 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\handler_refactor\ScheduleHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:31 - 000016384 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\handler_refactor\SelfTestHandler.cp36-win32.pyd
2021-11-04 12:23 - 2021-11-04 12:23 - 000067072 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\handler_refactor\SoftwareUpdateHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000014848 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\handler_refactor\SummaryHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000015872 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\handler_refactor\VoltageHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:34 - 000079360 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\major\AppClient.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:35 - 000093696 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\major\AppServer.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:35 - 000010240 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\major\Command.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:35 - 000015872 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\major\Verification.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:30 - 000096256 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\model_Json\DataSource2.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:30 - 000016896 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\model_Json\DBSession.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:30 - 000034816 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\model_Json\Device.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:30 - 000029696 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\model_Json\DevicePropertiesData.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:31 - 000043520 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\model_Json\DevicePushMessageData.cp36-win32.pyd
2021-11-04 12:23 - 2021-11-04 12:23 - 000033792 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\model_Json\DeviceStatusData.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:31 - 000020480 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\model_Json\DriverTransaction.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:31 - 000015872 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\model_Json\Statement.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:31 - 000014336 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\model_Json\Transaction.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:31 - 000016384 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\model_Json\UpdateStatusData.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:31 - 000036352 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\model_Json\WebAppData.cp36-win32.pyd
2021-11-04 12:22 - 2017-12-07 06:05 - 001751040 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\PyQt5\QtCore.pyd
2021-11-04 12:22 - 2017-12-07 06:05 - 001879040 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\PyQt5\QtGui.pyd
2021-11-04 12:22 - 2017-12-07 06:05 - 000513024 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\PyQt5\QtNetwork.pyd
2021-11-04 12:22 - 2017-12-07 06:05 - 003814400 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\PyQt5\QtWidgets.pyd
2021-11-04 12:22 - 2017-06-21 01:02 - 000111616 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\pywintypes36.dll
2021-11-04 12:22 - 2017-03-13 14:15 - 000033792 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\servicemanager.pyd
2021-11-04 12:22 - 2017-12-07 06:06 - 000084992 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\sip.pyd
2021-11-04 12:22 - 2017-07-05 10:30 - 000013824 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\sqlalchemy\cprocessors.cp36-win32.pyd
2021-11-04 12:22 - 2017-07-05 10:30 - 000014848 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\sqlalchemy\cresultproxy.cp36-win32.pyd
2021-11-04 12:22 - 2017-07-05 10:30 - 000009728 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\sqlalchemy\cutils.cp36-win32.pyd
2021-11-04 12:23 - 2021-11-04 12:23 - 000008192 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\System\buildConfig.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:26 - 000029184 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\System\loggerSetting.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:26 - 000014336 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\System\module.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:26 - 000016384 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\System\settings.cp36-win32.pyd
2021-11-04 12:23 - 2021-11-04 12:23 - 000017920 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\System\systemDefine.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:26 - 000034816 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\System\systemFunction.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:26 - 000021504 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\System\ValueId.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000017408 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\Utility\DataCryptor.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000043520 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\Utility\EmailSender.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000016384 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\Utility\HelpOpener.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000014336 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\Utility\HibernateMac.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000014336 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\Utility\HibernateWin.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:33 - 000017920 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\Utility\i18nTranslater.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000031232 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\Utility\Logger.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000024576 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\Utility\OAuthManagement.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000018944 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\Utility\OSOperator.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000020480 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\Utility\RequestImp.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:33 - 000068096 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\Utility\Scheduler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:33 - 000012800 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\Utility\ShutdownMac.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:33 - 000016384 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\Utility\ShutdownUtil.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:33 - 000012800 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\Utility\ShutdownWin.cp36-win32.pyd
2021-11-04 12:22 - 2017-03-13 14:15 - 000103424 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\win32api.pyd
2021-11-04 12:22 - 2017-03-13 14:14 - 000021504 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\win32event.pyd
2021-11-04 12:22 - 2017-03-13 14:15 - 000173568 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\win32gui.pyd
2021-11-04 12:22 - 2017-03-13 14:15 - 000046592 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\win32service.pyd
2005-09-07 12:03 - 2005-09-07 12:03 - 000036864 _____ (Black Ice Software, Inc.) [File not signed] C:\Program Files (x86)\ScanSoft\PaperPort\blicectr.dll
2020-01-08 12:28 - 2014-04-10 09:19 - 000002048 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\OIPTonerStatus\CnTnrStsTask_EN.dll
2020-01-08 12:27 - 2013-01-31 13:21 - 000152064 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNCENPM6.dll
2020-01-03 15:51 - 2012-12-14 16:49 - 000508264 _____ (Malwarebytes Corporation -> Malwarebytes Corporation) [File not signed] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
2020-01-03 15:51 - 2012-12-14 16:49 - 001091432 _____ (Malwarebytes Corporation -> Malwarebytes Corporation) [File not signed] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll
2020-01-03 15:51 - 2012-12-14 16:49 - 000093544 _____ (Malwarebytes Corporation -> Malwarebytes Corporation) [File not signed] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
2020-01-03 15:51 - 2012-12-14 16:49 - 002171240 _____ (Malwarebytes Corporation -> Malwarebytes Corporation) [File not signed] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
2008-04-11 12:54 - 2008-04-11 12:54 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\MSVCR71.dll
2020-04-17 14:05 - 2020-04-17 14:05 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll
2020-04-17 14:05 - 2020-04-17 14:05 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll
2020-12-01 00:14 - 2020-12-01 00:14 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Interop.dll
2021-11-04 12:22 - 2017-12-07 06:05 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\imageformats\qgif.dll
2021-11-04 12:22 - 2017-12-07 06:05 - 000033280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\imageformats\qicns.dll
2021-11-04 12:22 - 2017-12-07 06:05 - 000027648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\imageformats\qico.dll
2021-11-04 12:22 - 2017-12-07 06:05 - 000243712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\imageformats\qjpeg.dll
2021-11-04 12:22 - 2017-12-07 06:05 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\imageformats\qtga.dll
2021-11-04 12:22 - 2017-12-07 06:05 - 000327680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\imageformats\qtiff.dll
2021-11-04 12:22 - 2017-12-07 06:05 - 000019968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\imageformats\qwbmp.dll
2021-11-04 12:22 - 2017-12-07 06:05 - 000401408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\imageformats\qwebp.dll
2021-11-04 12:22 - 2017-12-07 06:05 - 001096704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\platforms\qwindows.dll
2021-11-04 12:22 - 2017-12-07 06:05 - 004770816 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\PyQt5\Qt\bin\Qt5Core.dll
2021-11-04 12:22 - 2017-12-07 06:05 - 004964352 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\PyQt5\Qt\bin\Qt5Gui.dll
2021-11-04 12:22 - 2017-12-07 06:05 - 000960000 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\PyQt5\Qt\bin\Qt5Network.dll
2021-11-04 12:22 - 2017-12-07 06:05 - 004460544 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\PyQt5\Qt\bin\Qt5Widgets.dll
2021-11-04 12:22 - 2017-12-07 06:05 - 004770816 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\Qt5Core.dll
2021-11-04 12:22 - 2017-12-07 06:05 - 004964352 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\Qt5Gui.dll
2021-11-04 12:22 - 2017-12-07 06:05 - 000960000 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\Qt5Network.dll
2021-11-04 12:22 - 2017-12-07 06:05 - 004460544 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\Qt5Widgets.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
SearchScopes: HKU\S-1-5-21-2087068202-1813543609-1746243882-1002 -> DefaultScope {207C416D-9F08-4EA0-A815-7DD0E992EC54} URL =
SearchScopes: HKU\S-1-5-21-2087068202-1813543609-1746243882-1002 -> {207C416D-9F08-4EA0-A815-7DD0E992EC54} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2020-01-31] (IObit Information Technology -> IObit)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2022-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-31] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-18 23:49 - 2019-03-18 23:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2087068202-1813543609-1746243882-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\scodo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "DellMobileConnectWelcome"
HKLM\...\StartupApproved\Run: => "MFNetworkScanUtility"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKLM\...\StartupApproved\Run32: => "PPort11reminder"
HKLM\...\StartupApproved\Run32: => "IndexSearch"
HKLM\...\StartupApproved\Run32: => "SSBkgdUpdate"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{A71D3F24-83E1-410A-8003-472C26319771}] => (Allow) C:\Users\scodo\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{A064B162-F007-46EE-91E1-3722110F4C50}C:\users\scodo\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\scodo\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{A7015658-1F20-4EB4-872B-FC8D47DD4C91}C:\users\scodo\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\scodo\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{22FF5CFA-5C8F-4A0F-831A-34369EECE935}C:\users\scodo\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe] => (Allow) C:\users\scodo\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{95A5E8C2-83EF-4535-9898-BDC239FF2030}C:\users\scodo\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe] => (Allow) C:\users\scodo\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0C0AD96C-C2B1-4D56-8991-1563F60B85CC}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [{51DC7D9B-114B-4EED-A5B6-42ECB96EA260}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [UDP Query User{9EDD681E-3C8C-420D-BEF0-739C8A5B7C2D}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [TCP Query User{21EC6AF1-43D3-490C-A65A-A89930A84211}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [{4D42C5B1-C318-49DA-97AF-FD0AE72CBDEF}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{DA5EC753-780C-46A5-8D13-7DCE8670A162}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{5222925D-3EB1-460B-849C-85E69585FAB0}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{0D92C352-AAAC-40F0-ACF3-06BAB4DF5750}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{6F3B2C48-DAE7-472A-8A81-F0F072DD5A6C}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{496E6070-A5AD-4B52-A37C-B01E95B11EB6}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{9D82FF59-510B-4FA5-AE28-F6A1AA7E26BB}] => (Allow) C:\Users\scodo\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{8BBB3A4F-963D-4FD9-9A6B-C040EFA596BE}] => (Allow) C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [{74BE710C-209A-40DC-B961-D53227071C4C}] => (Allow) C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [{892F6501-76C0-44E6-8701-CEA4A9287D3E}] => (Allow) C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [{B6323966-ABAB-4E99-B431-0B3BFC6BE352}] => (Allow) C:\Program Files (x86)\MediaMonkey 5\MediaMonkeyEngine.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [{C035682D-3500-4F77-813D-F2D513AD4B52}] => (Allow) C:\Program Files (x86)\MediaMonkey 5\MediaMonkeyEngine.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [{8035AA65-2DFF-4BDE-802E-86F1ED9AE657}] => (Allow) C:\Program Files (x86)\MediaMonkey 5\MediaMonkeyEngine.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [{0554D128-1D9F-4A38-909F-2EDE1A096C6F}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.) [File not signed]
FirewallRules: [{ACB6959A-9082-405B-9F57-9F7ECE2E49E9}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.) [File not signed]
FirewallRules: [TCP Query User{21B9E576-19E9-4548-88C9-AA0D0BBA0B84}C:\users\scodo\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\scodo\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{0BDF7673-B245-4AE1-93B8-13621FB8E6A2}C:\users\scodo\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\scodo\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D5477D0C-9276-4077-B7F4-6FCEB6B66EF1}] => (Allow) C:\Users\scodo\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{AE184C53-41CF-4DFF-B987-ABC4C8B15631}] => (Allow) C:\Users\scodo\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{DC2A4F04-66F8-41BD-9085-F2F0FF7FDD90}] => (Allow) C:\Users\scodo\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{C74C798B-A581-4B29-8143-EAC34D5E1A4D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8628598A-2571-4A0F-B33B-00A652F9D195}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3BD4FA97-4396-4EC2-85E4-10C24FD1CB05}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2E9887B1-2721-4C29-B642-6F3B29149B15}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E4E26AFB-6018-4BA2-82AF-3E43664FD4C9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{56BB7934-8196-49C3-A0C6-457B32887C6B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EB981644-9C9E-4E30-BD4E-A532AB86862A}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\97.0.1072.76\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
14-01-2022 13:33:04 Windows Modules Installer
23-01-2022 10:51:09 Scheduled Checkpoint
01-02-2022 11:51:51 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/02/2022 03:20:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: KNDBWM.exe, version: 3.1021.524.1, time stamp: 0x60ab4441
Faulting module name: KNDBWM.exe, version: 3.1021.524.1, time stamp: 0x60ab4441
Exception code: 0xc0000005
Fault offset: 0x000000000007a104
Faulting process id: 0x1af4
Faulting application start time: 0x01d81872484221d5
Faulting application path: C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWM.exe
Faulting module path: C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWM.exe
Report Id: 7d351f97-0218-42ac-9872-2aaa3e48154a
Faulting package full name:
Faulting package-relative application ID:
Error: (02/02/2022 03:18:33 PM) (Source: PowerPanel Personal Service) (EventID: 3) (User: )
Description: The instance's SvcRun() method failed
Traceback (most recent call last):
File "C:\Program Files (x86)\Python36-32\lib\site-packages\win32\lib\win32serviceutil.py", line 836, in SvcRun
File "WinService.py", line 169, in SvcDoRun
self.daemon.start()
File "C:\Users\Dev\Downloads\workspace\PowerPanel Personal for Windows test\label\Windows_PPPE\Daemon.py", line 69, in start
SystemExit: 0
%2: %3
Error: (02/01/2022 08:57:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: KNDBWM.exe, version: 3.1021.524.1, time stamp: 0x60ab4441
Faulting module name: KNDBWM.exe, version: 3.1021.524.1, time stamp: 0x60ab4441
Exception code: 0xc0000005
Fault offset: 0x000000000007a104
Faulting process id: 0x1aa0
Faulting application start time: 0x01d817d83228072c
Faulting application path: C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWM.exe
Faulting module path: C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWM.exe
Report Id: 5b7aa924-ec3d-4431-a69a-e6cdca8a621d
Faulting package full name:
Faulting package-relative application ID:
Error: (02/01/2022 08:55:26 PM) (Source: PowerPanel Personal Service) (EventID: 3) (User: )
Description: The instance's SvcRun() method failed
Traceback (most recent call last):
File "C:\Program Files (x86)\Python36-32\lib\site-packages\win32\lib\win32serviceutil.py", line 836, in SvcRun
File "WinService.py", line 169, in SvcDoRun
self.daemon.start()
File "C:\Users\Dev\Downloads\workspace\PowerPanel Personal for Windows test\label\Windows_PPPE\Daemon.py", line 69, in start
SystemExit: 0
%2: %3
Error: (02/01/2022 07:57:58 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/31/2022 02:59:15 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on Audio/Video (S:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)
Error: (01/31/2022 02:59:14 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on Misc Data (T:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)
Error: (01/24/2022 03:43:40 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on Audio/Video (S:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)
System errors:
=============
Error: (02/02/2022 03:20:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LMS service failed to start due to the following error:
The system cannot find the file specified.
Error: (02/01/2022 08:57:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LMS service failed to start due to the following error:
The system cannot find the file specified.
Error: (01/27/2022 04:28:22 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone.
Error: (01/27/2022 04:27:30 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NFFX4SZZ23L-Microsoft.549981C3F5F10.
Error: (01/25/2022 04:21:54 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NFFX4SZZ23L-Microsoft.549981C3F5F10.
Error: (01/25/2022 04:21:53 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone.
Error: (01/23/2022 01:01:59 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone.
Error: (01/21/2022 02:38:55 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone.
Windows Defender:
================
Date: 2022-02-01 11:50:49
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-01-30 10:05:01
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-01-29 12:19:01
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-01-28 09:58:07
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-01-27 14:25:47
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
==================== Memory info ===========================
BIOS: Dell Inc. 1.1.18 09/06/2021
Motherboard: Dell Inc. 0T2HR0
Processor: Intel® Core™ i7-9700 CPU @ 3.00GHz
Percentage of memory in use: 36%
Total physical RAM: 16190.91 MB
Available physical RAM: 10232.52 MB
Total Virtual: 18622.91 MB
Available Virtual: 11766.94 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:223.19 GB) (Free:147.48 GB) NTFS
Drive s: (Audio/Video) (Fixed) (Total:833.84 GB) (Free:652.47 GB) NTFS
Drive t: (Misc Data) (Fixed) (Total:97.66 GB) (Free:59.56 GB) NTFS
\\?\Volume{32f547c6-c831-48bd-b930-186e67c7499a}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.58 GB) NTFS
\\?\Volume{4505f415-94fa-480c-95da-2643ae05f561}\ (Image) (Fixed) (Total:12.32 GB) (Free:0.18 GB) NTFS
\\?\Volume{62156c42-d9ec-43fd-a0fa-4727839d5129}\ (DELLSUPPORT) (Fixed) (Total:1.22 GB) (Free:0.43 GB) NTFS
\\?\Volume{d188605c-5e7d-480f-96f7-ecb1888c371d}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.55 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 0BEC2E74)
Partition: GPT.
==================== End of Addition.txt =======================
Sign In
Create Account
