Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-02-2022
Ran by scodo (administrator) on SCOTTSOFFICEDES (Dell Inc. XPS 8930) (05-02-2022 09:34:05)
Running from C:\Users\scodo\OneDrive\Desktop
Loaded Profiles: scodo
Platform: Microsoft Windows 10 Home Version 21H1 19043.1466 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\PowerPanel Personal.exe
() [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\ppped.exe
() [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\pppServiceMonitor.exe
(ABBYY SOLUTIONS LIMITED -> ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(CANON INC. -> CANON INC.) C:\Program Files (x86)\Canon\OIPTonerStatus\CnTnrStsTask.exe
(Cyber Power Systems, Inc.) [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\bin\ppuser.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_de0cf7bbf26b8ed4\aesm_service.exe
(Intel Corporation -> Intel® Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2dadf80722c4f751\igfxCUIService.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2dadf80722c4f751\igfxEM.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2dadf80722c4f751\IntelCpHDCPSvc.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2dadf80722c4f751\IntelCpHeciSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_9c788f1d162b1224\RstMwService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes Inc -> Malwarebytes) C:\Users\scodo\OneDrive\Desktop\AdwCleaner.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\scodo\AppData\Local\Microsoft\OneDrive\22.012.0116.0001\FileCoAuth.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Rivet Networks LLC -> Intel Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWM.exe
(Rivet Networks LLC -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtility.exe
(Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe
(Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(Rivet Networks LLC -> Rivet Networks, LLC.) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe
(Rivet Networks LLC -> Rivet Networks, LLC.) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Support.com, Inc. -> SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11102832 2021-08-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617848 2021-08-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [MFNetworkScanUtility] => C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE [486552 2012-09-27] (CANON INC. -> CANON INC.)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1236688 2020-12-04] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5343664 2015-07-20] (Acronis International GmbH -> Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [691056 2015-07-20] (Acronis International GmbH -> Acronis International GmbH)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-01-14] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort11reminder] => C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [Canon Toner Status] => C:\Program Files (x86)\Canon\OIPTonerStatus\CnTnrStsTask.exe [1821240 2014-04-10] (CANON INC. -> CANON INC.)
HKU\S-1-5-21-2087068202-1813543609-1746243882-1002\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [10985776 2022-01-15] (Support.com, Inc. -> SUPERAntiSpyware)
HKU\S-1-5-21-2087068202-1813543609-1746243882-1002\...\Run: [com.squirrel.Teams.Teams] => C:\Users\scodo\AppData\Local\Microsoft\Teams\Update.exe [2459344 2021-12-12] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\...\Print\Monitors\Canon MFNP Port: C:\WINDOWS\system32\CNCENPM6.dll [152064 2013-01-31] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\Canon WSD Language Monitor: C:\WINDOWS\system32\cnnx0_flm.dll [1498112 2014-04-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\CPCA Language Monitor3b: C:\WINDOWS\system32\CNAS0MOK.DLL [1006080 2012-08-09] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\97.0.4692.99\Installer\chrmstp.exe [2022-01-20] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PowerPanel Personal.exe.lnk [2021-11-04]
ShortcutTarget: PowerPanel Personal.exe.lnk -> C:\Program Files (x86)\CyberPower PowerPanel Personal\PowerPanel Personal.exe () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ppuser.exe.lnk [2021-11-04]
ShortcutTarget: ppuser.exe.lnk -> C:\Program Files (x86)\CyberPower PowerPanel Personal\bin\ppuser.exe (Cyber Power Systems, Inc.) [File not signed]
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0B583843-87EB-4120-AF34-B7A74D199A4C} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\Explorer.exe /NoUACCheck
Task: {2B1C3D07-1421-42B3-8B48-F96208F7F9C0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {46B2BE06-14B0-4AF4-81A1-EDD86DCA2312} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {56A776D6-4D80-44CD-91EC-82D92D959752} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22880112 2022-01-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {7A98ECF9-5C18-4D97-9B90-85D9DE5896FD} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108904 2022-01-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {960B4130-C05D-4295-8D7D-9E9B12D3FF2E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108904 2022-01-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {97850CC1-5C15-4892-94D8-EC860846E902} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-03] (Google LLC -> Google LLC)
Task: {9A4EACDA-6210-4E01-ACC0-38BD8ABE899A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22880112 2022-01-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {9FC974D7-76E6-43A5-A36E-974322907CEC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B8A1D95B-F23B-44DF-B82E-B4CC6ACD7E78} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-03] (Google LLC -> Google LLC)
Task: {D19065FF-57A8-43CC-B2DC-31FF2E0A3552} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1172360 2022-01-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {D8BC98FF-CAAF-4A1C-9E33-2E049D231347} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F5124424-0BF7-4855-8CDB-8D4F62DC102E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0cdb6014-279f-4f7f-843d-dc9d6a3aa7a0}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a235eab2-c774-4ff8-bf15-571d48ac6748}: [DhcpNameServer] 192.168.1.1
Edge:
=======
DownloadDir: C:\Users\scodo\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-2087068202-1813543609-1746243882-1002 -> hxxp://www.google.com/
Edge Notifications: HKU\S-1-5-21-2087068202-1813543609-1746243882-1002 -> hxxps://calendar.google.com
Edge DefaultProfile: Default
Edge Profile: C:\Users\scodo\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-04]
Edge DownloadDir: Default -> C:\Users\scodo\Downloads
Edge Notifications: Default -> hxxps://calendar.google.com
Edge HomePage: Default -> hxxp://www.google.com/
Edge StartupUrls: Default -> "hxxp://www.google.com/"
FireFox:
========
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-10-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-2087068202-1813543609-1746243882-1002: SkypeForBusinessPlugin-16.2 -> C:\Users\scodo\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-2087068202-1813543609-1746243882-1002: SkypeForBusinessPlugin64-16.2 -> C:\Users\scodo\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi-x64.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\scodo\AppData\Roaming\mozilla\plugins\npatgpc.dll [2020-08-05]
Chrome:
=======
CHR Profile: C:\Users\scodo\AppData\Local\Google\Chrome\User Data\Default [2022-02-05]
CHR DownloadDir: C:\Users\scodo\OneDrive\Desktop
CHR HomePage: Default -> hxxps://192.168.1.1/login?redirect=%2F
CHR Extension: (Google Drive) - C:\Users\scodo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-20]
CHR Extension: (YouTube) - C:\Users\scodo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-01-03]
CHR Extension: (Cisco Webex Extension) - C:\Users\scodo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2021-11-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\scodo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\scodo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY SOLUTIONS LIMITED -> ABBYY)
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1263424 2014-08-14] (Acronis International GmbH -> Acronis)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [3996664 2020-01-03] (Acronis International GmbH -> Acronis)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12124536 2022-01-31] (Microsoft Corporation -> Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [436256 2021-09-29] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3847712 2021-09-29] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [462880 2021-09-29] (Dell Technologies Inc. -> Dell Technologies Inc.)
S3 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [40656 2020-04-09] (Dell Inc -> )
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe [1024680 2021-09-01] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38600 2021-11-11] (Dell Inc -> )
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
S3 KAPSService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KAPSService.exe [73496 2021-05-25] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 Killer Analytics Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [2360616 2021-05-25] (Rivet Networks LLC -> Rivet Networks)
R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2756896 2021-05-25] (Rivet Networks LLC -> Rivet Networks)
R3 KNDBWM; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [73488 2021-05-25] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7972536 2022-02-05] (Malwarebytes Inc -> Malwarebytes)
R2 PowerPanel Personal Service; C:\Program Files (x86)\CyberPower PowerPanel Personal\ppped.exe [11264 2021-08-03] () [File not signed]
R2 PowerPanel Personal Service Monitor; C:\Program Files (x86)\CyberPower PowerPanel Personal\pppServiceMonitor.exe [1186304 2021-08-03] () [File not signed]
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39968 2021-11-15] (Dell Inc -> Dell Inc.)
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [6847712 2014-09-13] (Acronis International GmbH -> Acronis)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 xTendSoftAPService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendSoftAPService.exe [74016 2021-05-25] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 xTendUtilityService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe [74024 2021-05-25] (Rivet Networks LLC -> Rivet Networks, LLC.)
S2 Dell SupportAssist Remediation; "C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2020-11-08] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 DBUtilDrv2; C:\WINDOWS\System32\drivers\DBUtilDrv2.sys [24968 2022-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [43400 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2022-02-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [296736 2020-01-03] (Acronis International GmbH -> Acronis International GmbH)
R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys [189336 2021-05-25] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220568 2022-02-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2022-02-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [194480 2022-02-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69040 2022-02-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-02-05] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [156792 2022-02-05] (Malwarebytes Inc -> Malwarebytes)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 tib; C:\WINDOWS\system32\DRIVERS\tib.sys [1058632 2020-01-03] (Acronis International GmbH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [248648 2020-01-03] (Acronis International GmbH -> Acronis International GmbH)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz145; \??\C:\WINDOWS\temp\cpuz145\cpuz145_x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-02-05 09:25 - 2022-02-05 09:25 - 000194480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2022-02-05 09:25 - 2022-02-05 09:25 - 000156792 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2022-02-05 09:25 - 2022-02-05 09:25 - 000069040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2022-02-05 09:01 - 2022-02-05 09:01 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-02-05 09:01 - 2022-02-05 09:01 - 000220568 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-02-05 09:01 - 2022-02-05 09:01 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-02-05 09:01 - 2022-02-05 09:01 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-02-05 09:01 - 2022-02-05 09:01 - 000002043 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-02-05 09:01 - 2022-02-05 09:01 - 000002031 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-02-05 09:01 - 2022-02-05 09:01 - 000000000 ____D C:\Users\scodo\AppData\Local\mbam
2022-02-05 09:01 - 2022-02-05 09:01 - 000000000 ____D C:\Program Files\Malwarebytes
2022-02-05 08:14 - 2022-02-05 09:23 - 000000000 ____D C:\AdwCleaner
2022-02-04 12:14 - 2022-02-04 12:14 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2022-02-04 06:42 - 2022-02-04 12:18 - 001605886 _____ C:\WINDOWS\ntbtlog.txt
2022-02-03 18:21 - 2022-02-03 18:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2022-02-03 18:07 - 2022-02-03 18:07 - 000003656 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2022-02-03 08:50 - 2022-02-03 08:50 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2087068202-1813543609-1746243882-1002
2022-02-03 08:50 - 2022-02-03 08:50 - 000002432 _____ C:\Users\scodo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-02-02 16:51 - 2022-02-02 16:51 - 000024968 _____ (Dell) C:\WINDOWS\system32\Drivers\DBUtilDrv2.sys
2022-02-02 15:10 - 2022-02-05 09:34 - 000000000 ____D C:\FRST
2022-02-02 15:07 - 2022-02-02 15:07 - 002299904 _____ (Farbar) C:\Users\scodo\Downloads\FRST64.exe
2022-01-22 12:47 - 2022-01-22 12:47 - 000090576 _____ C:\Users\scodo\Downloads\9292250-ReturnBendCxC-Wrot-638 (2).pdf
2022-01-22 12:46 - 2022-01-22 12:46 - 000090576 _____ C:\Users\scodo\Downloads\9292250-ReturnBendCxC-Wrot-638 (1).pdf
2022-01-22 12:42 - 2022-01-22 12:42 - 000090576 _____ C:\Users\scodo\Downloads\9292250-ReturnBendCxC-Wrot-638.pdf
2022-01-22 12:05 - 2022-01-22 12:05 - 000525768 _____ C:\Users\scodo\Downloads\Wrot_Cast_Consolidated_Price_List_183_ Effective_May_17_2021.xlsx
2022-01-21 10:25 - 2022-01-21 10:25 - 000217332 _____ C:\Users\scodo\Downloads\Square D™ QO™ and QOB Miniature Circuit Breakers_QO260CP.pdf
2022-01-21 10:03 - 2022-01-21 10:03 - 000116881 _____ C:\Users\scodo\Downloads\QO™ Load Centers_QOC20U100F.pdf
2022-01-20 09:55 - 2022-01-20 09:55 - 000041110 _____ C:\Users\scodo\Downloads\social-security-statement.pdf
2022-01-14 13:36 - 2022-01-14 13:36 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-14 13:35 - 2022-01-14 13:35 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-14 13:35 - 2022-01-14 13:35 - 000011797 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-01-13 10:16 - 2022-01-13 10:16 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-01-13 10:16 - 2022-01-13 10:16 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-01-13 10:16 - 2022-01-13 10:16 - 000002065 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2022-01-12 09:15 - 2022-01-12 09:15 - 000000000 ___HD C:\$WinREAgent
2022-01-07 10:45 - 2022-01-07 10:45 - 000620244 _____ C:\Users\scodo\Downloads\Annual Statement 2021.pdf
2022-01-06 11:47 - 2022-01-06 11:47 - 000051937 _____ C:\Users\scodo\Downloads\Brokerage Trade Transaction - 2022-01-06T114740.853.pdf
2022-01-06 11:47 - 2022-01-06 11:47 - 000049057 _____ C:\Users\scodo\Downloads\Brokerage Trade Transaction - 2022-01-06T114737.963.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-02-05 09:32 - 2020-01-03 16:18 - 000000000 ____D C:\Program Files (x86)\Google
2022-02-05 09:30 - 2020-11-08 10:19 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-02-05 09:30 - 2019-12-07 04:13 - 000000000 ____D C:\WINDOWS\INF
2022-02-05 09:25 - 2020-11-08 10:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-02-05 09:25 - 2020-11-08 10:11 - 000008192 ___SH C:\DumpStack.log.tmp
2022-02-05 09:25 - 2019-12-30 15:43 - 000000000 ___RD C:\Users\scodo\OneDrive
2022-02-05 09:25 - 2019-12-30 15:41 - 000000000 __SHD C:\Users\scodo\IntelGraphicsProfiles
2022-02-05 09:25 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-02-05 09:25 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-02-05 09:25 - 2019-12-06 13:02 - 000000000 ____D C:\Intel
2022-02-05 09:23 - 2019-12-07 04:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-02-05 09:23 - 2019-12-06 13:01 - 000000000 ____D C:\Program Files\Dell
2022-02-05 09:01 - 2020-01-03 15:51 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-02-05 09:01 - 2019-12-07 04:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-02-05 08:03 - 2020-11-08 10:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-02-04 12:37 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-02-04 12:37 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-02-04 10:48 - 2020-01-07 23:01 - 000000000 ____D C:\Users\scodo\AppData\LocalLow\Temp
2022-02-04 06:39 - 2020-11-08 09:43 - 000000000 ____D C:\Users\scodo
2022-02-04 05:50 - 2020-07-14 13:18 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-02-03 18:07 - 2020-01-03 12:24 - 000000000 ____D C:\Users\scodo\AppData\Roaming\IObit
2022-02-03 18:07 - 2020-01-03 12:24 - 000000000 ____D C:\Users\scodo\AppData\LocalLow\IObit
2022-02-03 18:07 - 2020-01-03 12:24 - 000000000 ____D C:\Program Files (x86)\IObit
2022-02-03 18:06 - 2020-01-03 12:24 - 000000000 ____D C:\ProgramData\IObit
2022-02-03 08:50 - 2021-12-12 09:37 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2087068202-1813543609-1746243882-1002
2022-02-01 21:02 - 2020-01-03 12:24 - 000000000 ____D C:\ProgramData\ProductData
2022-02-01 20:57 - 2020-01-09 14:27 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-02-01 20:57 - 2020-01-03 16:18 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2022-01-26 09:14 - 2020-11-08 10:14 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-26 09:14 - 2020-11-08 10:14 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-01-24 15:09 - 2019-12-30 15:41 - 000000000 ____D C:\Users\scodo\AppData\Local\Packages
2022-01-21 14:27 - 2020-11-08 10:14 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-21 14:27 - 2020-11-08 10:14 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-20 08:56 - 2020-01-03 16:18 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-16 07:27 - 2021-06-15 07:44 - 000000000 ____D C:\Users\scodo\AppData\Roaming\MediaMonkey5
2022-01-14 22:36 - 2020-01-03 16:50 - 000000000 ____D C:\Users\scodo\AppData\Local\Adobe
2022-01-14 22:23 - 2020-11-08 10:11 - 000441600 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-01-14 22:22 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-14 22:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-01-14 22:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-01-14 22:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-14 22:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-14 22:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-01-14 22:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-01-14 13:37 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-14 13:32 - 2019-12-30 18:46 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-01-14 13:31 - 2019-12-30 18:46 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories ========
2020-01-08 11:53 - 2020-01-08 11:53 - 000000135 _____ () C:\Users\scodo\AppData\Roaming\pppe_log.txt
2019-12-30 17:01 - 2020-01-03 12:05 - 000007679 _____ () C:\Users\scodo\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-02-2022
Ran by scodo (05-02-2022 09:34:59)
Running from C:\Users\scodo\OneDrive\Desktop
Microsoft Windows 10 Home Version 21H1 19043.1466 (X64) (2020-11-08 15:14:53)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2087068202-1813543609-1746243882-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2087068202-1813543609-1746243882-503 - Limited - Disabled)
Guest (S-1-5-21-2087068202-1813543609-1746243882-501 - Limited - Disabled)
scodo (S-1-5-21-2087068202-1813543609-1746243882-1002 - Administrator - Enabled) => C:\Users\scodo
WDAGUtilityAccount (S-1-5-21-2087068202-1813543609-1746243882-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\{F9000000-0018-0000-0000-074957833700}) (Version: 9.00.15.58233 - ABBYY) Hidden
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.00.15.58233 - ABBYY)
Acronis True Image 2015 (HKLM-x32\...\{35CFA5F4-EE2D-4B13-AAED-BC643B6874B5}) (Version: 18.0.6613 - Acronis) Hidden
Acronis True Image 2015 (HKLM-x32\...\{35CFA5F4-EE2D-4B13-AAED-BC643B6874B5}Visible) (Version: 18.0.6613 - Acronis)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 21.011.20039 - Adobe)
Canon MF Toolbox 4.9.1.1.mf17 (HKLM-x32\...\{6767DFEE-8909-453A-B553-C7693912B2EB}) (Version: 4.9.1.1.mf17 - CANON INC.)
Canon MF220 Series (HKLM\...\{33A079E0-BF49-4E97-9293-3EDDA6D130A4}) (Version: 4.5.0.0 - CANON INC.)
Cisco Webex Meetings (HKU\S-1-5-21-2087068202-1813543609-1746243882-1002\...\ActiveTouchMeetingClient) (Version: 41.2.4 - Cisco Webex LLC)
CrystalDiskInfo 8.1.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 8.1.0 - Crystal Dew World)
CrystalDiskInfo 8.12.4 (64-bit) (HKLM\...\CrystalDiskInfo_is1) (Version: 8.12.4 - Crystal Dew World)
CyberPower PowerPanel Personal 2.3.0 (HKLM-x32\...\5708-0475-1423-7128) (Version: 2.3.0 - CyberPower Systems, Inc.)
Dell Digital Delivery Services (HKLM-x32\...\{CC5730C7-C867-43BD-94DA-00BB3836906F}) (Version: 4.0.52.0 - Dell Inc.)
Dell Mobile Connect Drivers (HKLM\...\{2D27B76E-8FB1-495B-A61D-FB76349E7E36}) (Version: 3.1.9518 - Screenovate Technologies Ltd.)
Dell SupportAssist (HKLM\...\{E0659C89-D276-4B77-A5EC-A8F2F042E78F}) (Version: 3.10.4.18 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{900D0BCD-0B86-4DAA-B639-89BE70449569}) (Version: 5.4.1.14954 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{ec40a028-983b-4213-af2c-77ed6f6fe1d5}) (Version: 5.4.1.14954 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{E21419F5-2AA6-439C-B2C1-840083A05BC5}) (Version: 5.5.0.16041 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{db72dcd5-bf99-4888-b104-cb605b82ec8a}) (Version: 5.5.0.16041 - Dell Inc.)
Dell Update for Windows Universal (HKLM\...\{41D2D254-D869-4CD8-B440-5DF49083C4BA}) (Version: 4.4.0 - Dell Inc.)
Epson Copy Utility 3.5 (HKLM-x32\...\{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}) (Version: 3.5.0.0 - )
Epson Event Manager (HKLM-x32\...\{8F01524C-0676-4CC1-B4AE-64753C723391}) (Version: 3.01.0005 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON Scan PDF EXtensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.0000 - SEIKO EPSON Corp.)
EPSON WorkForce GT-1500 Scanner Driver Update version 3.0.2.0 (HKLM-x32\...\ScannerDriverUpdateEPSON WorkForce GT-1500_is1) (Version: 3.0.2.0 - Epson America Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 97.0.4692.99 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1932.12.0.1298 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.56.87.0 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{05817e4d-5f15-49b4-afec-7edb31fc7dd6}) (Version: 1.56.87.0 - Intel Corporation) Hidden
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{7EBADAB6-B7AC-4560-85A7-FF345559F193}) (Version: 17.2.6.1027 - Intel Corporation)
ISIS Driver - EPSON GT-1500 v1.0 (HKLM-x32\...\{D41864EF-CC5D-4CF4-B0B9-CA3152164157}) (Version: 1.0 - EMC Captiva)
Killer Ethernet Performance Driver Suite UWD (HKLM\...\{B6A1310A-C2C4-4401-8563-7F8B2BFF7643}) (Version: 2.1.1295 - Rivet Networks)
Malwarebytes version 4.5.2.157 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.2.157 - Malwarebytes)
MasterCook 15 (HKLM-x32\...\{1E492158-401F-434B-957B-477D6B5A46AA}) (Version: 15.00.24 - Valusoft Cosmi)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.13058.0 - Waves Audio Ltd.) Hidden
MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
MediaMonkey 5 (HKLM-x32\...\MediaMonkey 5_is1) (Version: 5 - Ventis Media Inc.)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.14827.20158 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM-x32\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 98.0.1108.43 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 98.0.1108.43 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2087068202-1813543609-1746243882-1002\...\OneDriveSetup.exe) (Version: 22.012.0116.0001 - Microsoft Corporation)
Microsoft Streets & Trips 2013 (HKLM-x32\...\{C82185E8-C27B-4EF4-2013-4444BC2C2B6D}) (Version: 19.0.18.1100 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2087068202-1813543609-1746243882-1002\...\Teams) (Version: 1.4.00.31569 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14827.20088 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14827.20088 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14827.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}) (Version: 1.00.0000 - Nuance Communications, Inc.)
Qualcomm 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{E7086B15-806E-4519-A876-DBA9FDDE9A13}) (Version: 11.0.0.10505 - Qualcomm)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9205.1 - Realtek Semiconductor Corp.)
ScanSoft PaperPort 11 (HKLM-x32\...\{DEA18FF6-D84A-4242-9663-692E5BA56805}) (Version: 11.1.0000 - Nuance Communications, Inc.)
Skype Meetings App (HKLM-x32\...\{BC1D9E47-8927-4AA1-A891-7763BC2475B7}) (Version: 16.2.0.511 - Microsoft Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 8.0.1048 - SUPERAntiSpyware.com)
Toner Status (HKLM-x32\...\{6E9A516A-6189-4502-80FD-51BE28989CEB}) (Version: 1.0.0.0 - CANON INC.)
Windows PC Health Check (HKLM\...\{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-2087068202-1813543609-1746243882-1002\...\ZoomUMX) (Version: 5.8.7 (2058) - Zoom Video Communications, Inc.)
Packages:
=========
Canon Office Printer Utility -> C:\Program Files\WindowsApps\34791E63.CanonOfficePrinterUtility_12.7.0.0_x64__6e5tt8cgb93ep [2020-01-08] (Canon Inc.)
Dell Cinema Guide -> C:\Program Files\WindowsApps\DellInc.DellCinemaGuide_1.0.49.0_x64__htrsf667h5kn2 [2019-12-30] (Dell Inc)
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.3.5.0_x64__htrsf667h5kn2 [2021-11-20] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0.92.0_x64__htrsf667h5kn2 [2021-08-11] (Dell Inc)
Dell Mobile Connect 3.3 -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0 [2021-09-20] (Screenovate Technologies) [Startup Task]
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.10.7.0_x64__htrsf667h5kn2 [2021-11-22] (Dell Inc)
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_4.4.18.0_x86__htrsf667h5kn2 [2021-11-13] (Dell Inc)
Killer Control Center -> C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_3.1021.524.0_x64__rh07ty8m5nkag [2021-10-22] (Rivet Networks LLC) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-12-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-12-30] (Microsoft Corporation) [MS Ad]
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.1817.0_x64__8wekyb3d8bbwe [2021-12-14] (Microsoft Corporation)
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-29] (Microsoft Corporation)
My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_1.92.17.0_x64__htrsf667h5kn2 [2021-11-04] (Dell Inc)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-14] (Netflix, Inc.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-07-30] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2087068202-1813543609-1746243882-1002_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\scodo\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21229.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2087068202-1813543609-1746243882-1002_Classes\CLSID\{3E3AD4BD-346A-460A-80E8-90699B75C00B}\InprocServer32 -> C:\Users\scodo\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\GatewayActiveX-x64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2087068202-1813543609-1746243882-1002_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_b31ddd6f2a24807e\OptaneShellExt.dll [2021-02-09] (Intel® Rapid Storage Technology -> )
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis International GmbH -> Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis International GmbH -> Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis International GmbH -> Acronis)
ContextMenuHandlers1: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll [2014-09-09] (Acronis International GmbH -> Acronis)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-02-05] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_b31ddd6f2a24807e\OptaneShellExt.dll [2021-02-09] (Intel® Rapid Storage Technology -> )
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2dadf80722c4f751\igfxDTCM.dll [2021-01-18] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-02-05] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll [2014-09-09] (Acronis International GmbH -> Acronis)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2021-11-04 12:22 - 2017-09-15 00:35 - 000128512 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\_cffi_backend.cp36-win32.pyd
2021-11-04 12:23 - 2021-11-04 12:23 - 001196032 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\bin\ppbedrv.dll
2021-11-04 12:23 - 2021-11-04 12:23 - 000163840 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\bin\ppbedrvc.dll
2021-11-04 12:22 - 2021-08-03 02:32 - 000023040 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\ClientHandler\AdvancedHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000015360 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\ClientHandler\AppTrayHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000015872 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\ClientHandler\DeviceConfigHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000016896 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\ClientHandler\DevicePropHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000020992 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\ClientHandler\DeviceStatusHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000023552 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\ClientHandler\EnergyHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000024064 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\ClientHandler\EventLogsHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000016384 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\ClientHandler\MenuHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000029696 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\ClientHandler\NotificationHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000017408 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\ClientHandler\RuntimeHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000024064 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\ClientHandler\ScheduleHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000019968 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\ClientHandler\SelfTestHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000017408 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\ClientHandler\SoftwareUpdateHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000019456 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\ClientHandler\SummaryHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000014336 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\ClientHandler\VoltageHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:31 - 000016384 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\ClientModel\DaemonStatus.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:26 - 000015872 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\controllers\BypassEventCount.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:26 - 000017920 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\controllers\DesktopInteractiveServer.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:26 - 000025088 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\controllers\DeviceConfigure.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:26 - 000015360 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\controllers\DeviceLogHelper.cp36-win32.pyd
2021-11-04 12:23 - 2021-11-04 12:23 - 000110592 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\controllers\DeviceMonitor.cp36-win32.pyd
2021-11-04 12:23 - 2021-11-04 12:23 - 000055296 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\controllers\DevicePropertiesFetcher.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:28 - 000024064 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\controllers\EnergyRecorder.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:29 - 000079360 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\controllers\EventAnalyzer.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:29 - 000100864 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\controllers\MobileDataProvider.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:29 - 000024064 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\controllers\TransactionHelper.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:30 - 000055808 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\controllers\WebAppController.cp36-win32.pyd
2021-11-04 12:22 - 2017-09-15 00:35 - 000009728 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\cryptography\hazmat\bindings\_constant_time.pyd
2021-11-04 12:22 - 2017-09-15 00:35 - 002095616 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\cryptography\hazmat\bindings\_openssl.pyd
2021-11-04 12:22 - 2017-09-15 00:35 - 000009728 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\cryptography\hazmat\bindings\_padding.pyd
2021-11-04 12:22 - 2021-08-03 02:33 - 000015360 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\Events\Event.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:33 - 000034816 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\Events\EventsMobile.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:31 - 000045568 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\handler_refactor\AdvancedHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:31 - 000017408 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\handler_refactor\AppTrayHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:31 - 000019456 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\handler_refactor\DeviceConfigHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:31 - 000019456 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\handler_refactor\DevicePropHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:31 - 000015872 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\handler_refactor\DeviceStatusHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:31 - 000015872 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\handler_refactor\EnergyHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:31 - 000017920 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\handler_refactor\EventLogsHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:31 - 000026624 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\handler_refactor\NotificationHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:31 - 000016896 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\handler_refactor\RuntimeHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:31 - 000038400 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\handler_refactor\ScheduleHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:31 - 000016384 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\handler_refactor\SelfTestHandler.cp36-win32.pyd
2021-11-04 12:23 - 2021-11-04 12:23 - 000067072 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\handler_refactor\SoftwareUpdateHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000014848 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\handler_refactor\SummaryHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000015872 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\handler_refactor\VoltageHandler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:34 - 000079360 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\major\AppClient.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:35 - 000093696 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\major\AppServer.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:35 - 000010240 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\major\Command.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:35 - 000015872 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\major\Verification.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:30 - 000096256 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\model_Json\DataSource2.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:30 - 000016896 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\model_Json\DBSession.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:30 - 000034816 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\model_Json\Device.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:30 - 000029696 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\model_Json\DevicePropertiesData.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:31 - 000043520 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\model_Json\DevicePushMessageData.cp36-win32.pyd
2021-11-04 12:23 - 2021-11-04 12:23 - 000033792 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\model_Json\DeviceStatusData.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:31 - 000020480 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\model_Json\DriverTransaction.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:31 - 000015872 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\model_Json\Statement.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:31 - 000014336 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\model_Json\Transaction.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:31 - 000016384 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\model_Json\UpdateStatusData.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:31 - 000036352 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\model_Json\WebAppData.cp36-win32.pyd
2021-11-04 12:22 - 2017-12-07 06:05 - 001751040 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\PyQt5\QtCore.pyd
2021-11-04 12:22 - 2017-12-07 06:05 - 001879040 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\PyQt5\QtGui.pyd
2021-11-04 12:22 - 2017-12-07 06:05 - 000513024 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\PyQt5\QtNetwork.pyd
2021-11-04 12:22 - 2017-12-07 06:05 - 003814400 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\PyQt5\QtWidgets.pyd
2021-11-04 12:22 - 2017-06-21 01:02 - 000111616 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\pywintypes36.dll
2021-11-04 12:22 - 2017-03-13 14:15 - 000033792 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\servicemanager.pyd
2021-11-04 12:22 - 2017-12-07 06:06 - 000084992 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\sip.pyd
2021-11-04 12:22 - 2017-07-05 10:30 - 000013824 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\sqlalchemy\cprocessors.cp36-win32.pyd
2021-11-04 12:22 - 2017-07-05 10:30 - 000014848 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\sqlalchemy\cresultproxy.cp36-win32.pyd
2021-11-04 12:22 - 2017-07-05 10:30 - 000009728 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\sqlalchemy\cutils.cp36-win32.pyd
2021-11-04 12:23 - 2021-11-04 12:23 - 000008192 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\System\buildConfig.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:26 - 000029184 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\System\loggerSetting.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:26 - 000014336 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\System\module.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:26 - 000016384 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\System\settings.cp36-win32.pyd
2021-11-04 12:23 - 2021-11-04 12:23 - 000017920 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\System\systemDefine.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:26 - 000034816 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\System\systemFunction.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:26 - 000021504 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\System\ValueId.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000017408 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\Utility\DataCryptor.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000043520 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\Utility\EmailSender.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000016384 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\Utility\HelpOpener.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000014336 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\Utility\HibernateMac.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000014336 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\Utility\HibernateWin.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:33 - 000017920 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\Utility\i18nTranslater.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000031232 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\Utility\Logger.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000024576 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\Utility\OAuthManagement.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000018944 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\Utility\OSOperator.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:32 - 000020480 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\Utility\RequestImp.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:33 - 000068096 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\Utility\Scheduler.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:33 - 000012800 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\Utility\ShutdownMac.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:33 - 000016384 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\Utility\ShutdownUtil.cp36-win32.pyd
2021-11-04 12:22 - 2021-08-03 02:33 - 000012800 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\Utility\ShutdownWin.cp36-win32.pyd
2021-11-04 12:22 - 2017-03-13 14:15 - 000103424 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\win32api.pyd
2021-11-04 12:22 - 2017-03-13 14:14 - 000021504 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\win32event.pyd
2021-11-04 12:22 - 2017-03-13 14:15 - 000173568 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\win32gui.pyd
2021-11-04 12:22 - 2017-03-13 14:15 - 000046592 _____ () [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\win32service.pyd
2005-09-07 12:03 - 2005-09-07 12:03 - 000036864 _____ (Black Ice Software, Inc.) [File not signed] C:\Program Files (x86)\ScanSoft\PaperPort\blicectr.dll
2020-01-08 12:28 - 2014-04-10 09:19 - 000002048 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\OIPTonerStatus\CnTnrStsTask_EN.dll
2020-01-08 12:27 - 2013-01-31 13:21 - 000152064 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNCENPM6.dll
2008-04-11 12:54 - 2008-04-11 12:54 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\MSVCR71.dll
2020-12-01 00:14 - 2020-12-01 00:14 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Interop.dll
2021-11-04 12:22 - 2017-12-07 06:05 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\imageformats\qgif.dll
2021-11-04 12:22 - 2017-12-07 06:05 - 000033280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\imageformats\qicns.dll
2021-11-04 12:22 - 2017-12-07 06:05 - 000027648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\imageformats\qico.dll
2021-11-04 12:22 - 2017-12-07 06:05 - 000243712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\imageformats\qjpeg.dll
2021-11-04 12:22 - 2017-12-07 06:05 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\imageformats\qtga.dll
2021-11-04 12:22 - 2017-12-07 06:05 - 000327680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\imageformats\qtiff.dll
2021-11-04 12:22 - 2017-12-07 06:05 - 000019968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\imageformats\qwbmp.dll
2021-11-04 12:22 - 2017-12-07 06:05 - 000401408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\imageformats\qwebp.dll
2021-11-04 12:22 - 2017-12-07 06:05 - 001096704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\platforms\qwindows.dll
2021-11-04 12:22 - 2017-12-07 06:05 - 004770816 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\PyQt5\Qt\bin\Qt5Core.dll
2021-11-04 12:22 - 2017-12-07 06:05 - 004964352 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\PyQt5\Qt\bin\Qt5Gui.dll
2021-11-04 12:22 - 2017-12-07 06:05 - 000960000 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\PyQt5\Qt\bin\Qt5Network.dll
2021-11-04 12:22 - 2017-12-07 06:05 - 004460544 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\PyQt5\Qt\bin\Qt5Widgets.dll
2021-11-04 12:22 - 2017-12-07 06:05 - 004770816 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\Qt5Core.dll
2021-11-04 12:22 - 2017-12-07 06:05 - 004964352 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\Qt5Gui.dll
2021-11-04 12:22 - 2017-12-07 06:05 - 000960000 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\Qt5Network.dll
2021-11-04 12:22 - 2017-12-07 06:05 - 004460544 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\CyberPower PowerPanel Personal\Qt5Widgets.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2022-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-31] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-18 23:49 - 2019-03-18 23:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2087068202-1813543609-1746243882-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\scodo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "DellMobileConnectWelcome"
HKLM\...\StartupApproved\Run: => "MFNetworkScanUtility"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKLM\...\StartupApproved\Run32: => "PPort11reminder"
HKLM\...\StartupApproved\Run32: => "IndexSearch"
HKLM\...\StartupApproved\Run32: => "SSBkgdUpdate"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{A71D3F24-83E1-410A-8003-472C26319771}] => (Allow) C:\Users\scodo\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{A064B162-F007-46EE-91E1-3722110F4C50}C:\users\scodo\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\scodo\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{A7015658-1F20-4EB4-872B-FC8D47DD4C91}C:\users\scodo\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\scodo\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{22FF5CFA-5C8F-4A0F-831A-34369EECE935}C:\users\scodo\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe] => (Allow) C:\users\scodo\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{95A5E8C2-83EF-4535-9898-BDC239FF2030}C:\users\scodo\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe] => (Allow) C:\users\scodo\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0C0AD96C-C2B1-4D56-8991-1563F60B85CC}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [{51DC7D9B-114B-4EED-A5B6-42ECB96EA260}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [UDP Query User{9EDD681E-3C8C-420D-BEF0-739C8A5B7C2D}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [TCP Query User{21EC6AF1-43D3-490C-A65A-A89930A84211}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [{4D42C5B1-C318-49DA-97AF-FD0AE72CBDEF}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{DA5EC753-780C-46A5-8D13-7DCE8670A162}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{5222925D-3EB1-460B-849C-85E69585FAB0}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{0D92C352-AAAC-40F0-ACF3-06BAB4DF5750}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{6F3B2C48-DAE7-472A-8A81-F0F072DD5A6C}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{496E6070-A5AD-4B52-A37C-B01E95B11EB6}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{9D82FF59-510B-4FA5-AE28-F6A1AA7E26BB}] => (Allow) C:\Users\scodo\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{8BBB3A4F-963D-4FD9-9A6B-C040EFA596BE}] => (Allow) C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [{74BE710C-209A-40DC-B961-D53227071C4C}] => (Allow) C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [{892F6501-76C0-44E6-8701-CEA4A9287D3E}] => (Allow) C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [{B6323966-ABAB-4E99-B431-0B3BFC6BE352}] => (Allow) C:\Program Files (x86)\MediaMonkey 5\MediaMonkeyEngine.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [{C035682D-3500-4F77-813D-F2D513AD4B52}] => (Allow) C:\Program Files (x86)\MediaMonkey 5\MediaMonkeyEngine.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [{8035AA65-2DFF-4BDE-802E-86F1ED9AE657}] => (Allow) C:\Program Files (x86)\MediaMonkey 5\MediaMonkeyEngine.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [{0554D128-1D9F-4A38-909F-2EDE1A096C6F}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.) [File not signed]
FirewallRules: [{ACB6959A-9082-405B-9F57-9F7ECE2E49E9}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.) [File not signed]
FirewallRules: [TCP Query User{21B9E576-19E9-4548-88C9-AA0D0BBA0B84}C:\users\scodo\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\scodo\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{0BDF7673-B245-4AE1-93B8-13621FB8E6A2}C:\users\scodo\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\scodo\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D5477D0C-9276-4077-B7F4-6FCEB6B66EF1}] => (Allow) C:\Users\scodo\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{AE184C53-41CF-4DFF-B987-ABC4C8B15631}] => (Allow) C:\Users\scodo\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{DC2A4F04-66F8-41BD-9085-F2F0FF7FDD90}] => (Allow) C:\Users\scodo\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{C74C798B-A581-4B29-8143-EAC34D5E1A4D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8628598A-2571-4A0F-B33B-00A652F9D195}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3BD4FA97-4396-4EC2-85E4-10C24FD1CB05}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2E9887B1-2721-4C29-B642-6F3B29149B15}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E4E26AFB-6018-4BA2-82AF-3E43664FD4C9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{56BB7934-8196-49C3-A0C6-457B32887C6B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AE52F23F-2FC5-41B0-B4BD-C120D6FF4873}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\98.0.1108.43\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
23-01-2022 10:51:09 Scheduled Checkpoint
01-02-2022 11:51:51 Scheduled Checkpoint
03-02-2022 18:29:28 Restore Point Created by FRST
04-02-2022 05:56:05 Restore Point Created by FRST
05-02-2022 09:23:22 AdwCleaner_BeforeCleaning_05/02/2022_09:23:21
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/05/2022 08:53:25 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (02/05/2022 08:53:25 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (02/05/2022 08:53:25 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (02/05/2022 08:53:25 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (02/05/2022 08:53:22 AM) (Source: PowerPanel Personal Service) (EventID: 3) (User: )
Description: The instance's SvcRun() method failed
Traceback (most recent call last):
File "C:\Program Files (x86)\Python36-32\lib\site-packages\win32\lib\win32serviceutil.py", line 836, in SvcRun
File "WinService.py", line 169, in SvcDoRun
self.daemon.start()
File "C:\Users\Dev\Downloads\workspace\PowerPanel Personal for Windows test\label\Windows_PPPE\Daemon.py", line 69, in start
SystemExit: 0
%2: %3
Error: (02/04/2022 12:14:01 PM) (Source: PowerPanel Personal Service) (EventID: 3) (User: )
Description: The instance's SvcRun() method failed
Traceback (most recent call last):
File "C:\Program Files (x86)\Python36-32\lib\site-packages\win32\lib\win32serviceutil.py", line 836, in SvcRun
File "WinService.py", line 169, in SvcDoRun
self.daemon.start()
File "C:\Users\Dev\Downloads\workspace\PowerPanel Personal for Windows test\label\Windows_PPPE\Daemon.py", line 69, in start
SystemExit: 0
%2: %3
Error: (02/04/2022 11:26:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: KNDBWM.exe, version: 3.1021.524.1, time stamp: 0x60ab4441
Faulting module name: KNDBWM.exe, version: 3.1021.524.1, time stamp: 0x60ab4441
Exception code: 0xc0000005
Fault offset: 0x000000000007a104
Faulting process id: 0x1a64
Faulting application start time: 0x01d819e3e6a97947
Faulting application path: C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWM.exe
Faulting module path: C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWM.exe
Report Id: 8b143b49-9776-4c2d-96d7-e2ba4d5237be
Faulting package full name:
Faulting package-relative application ID:
Error: (02/04/2022 10:56:15 AM) (Source: PowerPanel Personal Service) (EventID: 3) (User: )
Description: The instance's SvcRun() method failed
Traceback (most recent call last):
File "C:\Program Files (x86)\Python36-32\lib\site-packages\win32\lib\win32serviceutil.py", line 836, in SvcRun
File "WinService.py", line 169, in SvcDoRun
self.daemon.start()
File "C:\Users\Dev\Downloads\workspace\PowerPanel Personal for Windows test\label\Windows_PPPE\Daemon.py", line 69, in start
SystemExit: 0
%2: %3
System errors:
=============
Error: (02/05/2022 09:28:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Dell SupportAssist Remediation service failed to start due to the following error:
The system cannot find the file specified.
Error: (02/05/2022 09:25:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LMS service failed to start due to the following error:
The system cannot find the file specified.
Error: (02/05/2022 09:23:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Content Protection HECI Service service terminated unexpectedly. It has done this 1 time(s).
Error: (02/05/2022 09:23:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Dynamic Application Loader Host Interface Service service terminated unexpectedly. It has done this 1 time(s).
Error: (02/05/2022 09:23:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Dell SupportAssist Remediation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (02/05/2022 09:23:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Acronis Nonstop Backup Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (02/05/2022 09:23:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Dell Hardware Support service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (02/05/2022 09:23:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Dell Data Vault Processor service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
Windows Defender:
================
Date: 2022-02-01 11:50:49
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-01-30 10:05:01
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-01-29 12:19:01
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-01-28 09:58:07
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-01-27 14:25:47
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:
Date: 2022-02-04 12:14:42
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
Date: 2022-02-04 11:06:56
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.357.84.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18900.2
Error code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Date: 2022-02-04 10:56:53
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
Date: 2022-02-04 10:07:40
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.357.84.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18900.2
Error code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Date: 2022-02-04 09:57:38
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
==================== Memory info ===========================
BIOS: Dell Inc. 1.1.18 09/06/2021
Motherboard: Dell Inc. 0T2HR0
Processor: Intel® Core i7-9700 CPU @ 3.00GHz
Percentage of memory in use: 29%
Total physical RAM: 16190.91 MB
Available physical RAM: 11469.82 MB
Total Virtual: 18622.91 MB
Available Virtual: 13619.43 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:223.19 GB) (Free:148.96 GB) NTFS
Drive s: (Audio/Video) (Fixed) (Total:833.84 GB) (Free:652.47 GB) NTFS
Drive t: (Misc Data) (Fixed) (Total:97.66 GB) (Free:59.56 GB) NTFS
\\?\Volume{32f547c6-c831-48bd-b930-186e67c7499a}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.58 GB) NTFS
\\?\Volume{4505f415-94fa-480c-95da-2643ae05f561}\ (Image) (Fixed) (Total:12.32 GB) (Free:0.18 GB) NTFS
\\?\Volume{62156c42-d9ec-43fd-a0fa-4727839d5129}\ (DELLSUPPORT) (Fixed) (Total:1.22 GB) (Free:0.43 GB) NTFS
\\?\Volume{d188605c-5e7d-480f-96f7-ecb1888c371d}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.55 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 0BEC2E74)
Partition: GPT.
==================== End of Addition.txt =======================