HI All,
My PC seems to be running slowly and when I am using my browser seems to lock up when trying to open a new page.
I have also tried to use Video editing software- NERO as an example but could not get it to run and had to request a refund. I've run the free version of Malwarebytes however if didnt find anything.
Here are my logs:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-10-2022
Ran by steven (administrator) on DESKTOP-T3QOQ8M (Acer Carlos) (21-10-2022 12:07:04)
Running from C:\Users\steve\Desktop
Loaded Profiles: steven
Platform: Microsoft Windows 11 Home Version 22H2 22621.674 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.695.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\106.0.1370.47\msedgewebview2.exe <6>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCopyAccelerator.exe
(explorer.exe ->) (Avanquest Software SAS -> Avanquest Software) C:\Users\steve\AppData\Local\Avanquest\Avanquest Message\AQNotif.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <13>
(explorer.exe ->) (nordvpn s.a. -> TEFINCOM S.A.) C:\Program Files\NordVPN\NordVPN.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_3156b3035fd88b4d\igfxEM.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Nero Apps\Transfer\Transfer.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(services.exe ->) (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(services.exe ->) (CyberLink Corp. -> CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_3156b3035fd88b4d\igfxCUIService.exe
(services.exe ->) (Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_3156b3035fd88b4d\IntelCpHDCPSvc.exe
(services.exe ->) (Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_3156b3035fd88b4d\IntelCpHeciSvc.exe
(services.exe ->) (Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel® Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_8559c34713c70ce4\RstMwService.exe
(services.exe ->) (Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\Sgrm\SgrmBroker.exe
(services.exe ->) (nordvpn s.a. -> TEFINCOM S.A.) C:\Program Files\NordUpdater\NordUpdateService.exe
(services.exe ->) (nordvpn s.a. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(services.exe ->) (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(services.exe ->) (SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(services.exe ->) (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(services.exe ->) (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(svchost.exe ->) (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe
(svchost.exe ->) (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\Shared files\PDStyleAgent\PDStyleAgent.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.119.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.22621.378_none_6b5c1260907d1384\TiWorker.exe
(svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.695.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
(The qBittorrent Project) [File not signed] C:\Program Files\qBittorrent\qbittorrent.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [833824 2019-01-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [320584 2018-02-13] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Endeavors Technologies JukeboxPlayer] => C:\Program Files\Numecent\Application Jukebox Player\JukeboxPlayer.exe [9502048 2018-01-05] (Numecent, Inc. -> Numecent, Inc.)
HKLM-x32\...\Run: [EaseUS FixTool] => C:\Program Files (x86)\EaseUS\EaseUS Tools M\bin\UpdateExe.exe [141448 2020-05-22] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2138272 2016-10-08] (Shenzhen Yi Xing Investment Co., Ltd. -> iSkySoft)
HKLM-x32\...\Run: [DriveSpan] => C:\Program Files (x86)\Nero\Nero Apps\Transfer\Transfer.exe [686216 2022-08-08] (Nero AG -> Nero AG)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [CAMTray] => C:\Program Files (x86)\CyberLink\AppManager\CAMTray.exe [463408 2022-09-13] (CyberLink Corp. -> CyberLink Corp.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1741543102-3776721137-2454621359-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIILE.EXE [283232 2012-02-29] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1741543102-3776721137-2454621359-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIILE.EXE [283232 2012-02-29] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1741543102-3776721137-2454621359-1001\...\Run: [EPLTarget\P0000000000000002] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIILE.EXE [283232 2012-02-29] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1741543102-3776721137-2454621359-1001\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe [253816 2022-08-03] (nordvpn s.a. -> TEFINCOM S.A.)
HKU\S-1-5-21-1741543102-3776721137-2454621359-1001\...\Run: [electron.app.NordPass] => C:\Users\steve\AppData\Local\Programs\nordpass\NordPass.exe [95439360 2021-01-06] (NordPass Team) [File not signed]
HKU\S-1-5-21-1741543102-3776721137-2454621359-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38502416 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1741543102-3776721137-2454621359-1001\...\Run: [Avanquest Message] => C:\Users\steve\AppData\Local\Avanquest\Avanquest Message\AQNotif.exe [602264 2022-09-15] (Avanquest Software SAS -> Avanquest Software)
HKU\S-1-5-21-1741543102-3776721137-2454621359-1001\...\Run: [EPSDNMON] => C:\Program Files (x86)\Epson Software\Download Navigator\EPSDNMON.EXE [346712 2020-07-27] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-1741543102-3776721137-2454621359-1001\...\MountPoints2: {9674c4fe-ccbc-11e8-8391-7c2a317b0e98} - "G:\unlock.exe" autoplay=true
HKU\S-1-5-21-1741543102-3776721137-2454621359-1002\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIILE.EXE [283232 2012-02-29] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1741543102-3776721137-2454621359-1002\...\Run: [MicrosoftEdgeAutoLaunch_E038479F42F6B0F47BDCC365352673C6] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3852232 2022-10-20] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1741543102-3776721137-2454621359-1002\...\MountPoints2: {9674c4fe-ccbc-11e8-8391-7c2a317b0e98} - "G:\unlock.exe" autoplay=true
HKU\S-1-5-21-1741543102-3776721137-2454621359-1003\...\Run: [CiscoMeetingDaemon] => C:\Users\Gillian\AppData\Local\WebEx\ciscowebexstart.exe [4524368 2021-07-09] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-1741543102-3776721137-2454621359-1003\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Gillian\AppData\Local\Microsoft\Teams\Update.exe [2459280 2021-11-16] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1741543102-3776721137-2454621359-1003\...\MountPoints2: {9674c4fe-ccbc-11e8-8391-7c2a317b0e98} - "G:\unlock.exe" autoplay=true
HKLM\...\Print\Monitors\EPSON XP-205 207 Series 64MonitorBE: C:\WINDOWS\system32\E_ILMILE.DLL [120320 2011-04-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [558592 2012-11-12] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe [2022-10-14] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\Users\Hannah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2022-10-10]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0600DD45-FAF2-4131-A006-0B17509B9F78} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\sc.exe start InventorySvc
Task: {08BD09F4-BBD5-4759-9418-2A6680D41823} - System32\Tasks\Microsoft\Windows\PI\SecureBootEncodeUEFI => C:\WINDOWS\system32\SecureBootEncodeUEFI.exe [49152 2022-05-07] (Microsoft Windows -> )
Task: {08D9BE40-BB0A-403B-9B9B-8DF56CFDFEBA} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [64320 2019-07-11] (Acer Incorporated -> Acer)
Task: {1445DA5A-DA8E-41F2-AFBA-F0862C099121} - System32\Tasks\CreateExplorerShellUnelevatedTask => c:\windows\explorer.exe /NoUACCheck
Task: {250E5E38-143A-4CFF-8A87-BCE17AF67852} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {27156927-3772-46EB-A044-69E5FF6FA4B5} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4666896 2022-09-12] (Piriform Software Ltd -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "9dac4439-e6f9-4785-9ff9-123e643f51d6" --version "6.04.10044" --silent
"C:\Windows\System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask" could not be unlocked. <==== ATTENTION
Task: {27CE9D59-9D48-4D29-99BC-64657AEBA494} - System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask
Task: {2C6CA63D-12D0-4E86-B7A9-B92443E7798E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8502776 2022-10-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {30B55E20-BB8F-4C4E-941D-1C60D92EA066} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {36AE74CE-BD1E-43A6-9A88-92EB73F5C0D1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-10] (Google Inc -> Google Inc.)
Task: {38EAA8B5-7C17-4CB8-8436-D01D8928946F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-08-12] (Piriform Software Ltd -> Piriform)
Task: {3CFF56A8-E73D-4284-9CEA-9FF06426F698} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3EBA6565-F658-4FED-8BD4-474758B049CE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {3FBE587A-5B4B-49F9-9621-E4EA5772E8E1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {42890471-71EC-4C97-AD2F-87B84DDB71E7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4314AEC1-20BB-4CAC-A261-A0402DA4F134} - System32\Tasks\CorelUpdateHelperTask-A8920757F59B1BA85897CD3CEDA3D8AB => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3813600 2021-12-03] (Corel Corporation -> Corel Corporation)
Task: {47C00096-32F7-494C-A133-CCA98FFC2435} - System32\Tasks\Acer Collection Application => C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe [479024 2017-12-14] (Acer Incorporated -> )
Task: {4E548EA3-13BC-4316-A9A2-D7CF4FCDE18C} - System32\Tasks\PowerDirectorStyleAgent => C:\Program Files (x86)\CyberLink\Shared files\PDStyleAgent\PDStyleAgent.exe [103032 2022-07-08] (CyberLink Corp. -> CyberLink Corp.)
Task: {4F64DBB4-101F-442A-869A-F59BE3002FA0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {561146FA-04F5-4530-ADC1-48FBA98F6514} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4696880 2018-05-28] (Acer Incorporated -> )
Task: {5BC24D20-38CC-4A0D-9BA0-33411F13A9A9} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {5EA8D87D-8113-4004-BD75-9935DE0373EE} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Nero\Nero Apps\NeroInfo\NeroInfo.exe [3914864 2022-08-08] (Nero AG -> Nero AG)
Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\WINDOWS\system32\MusNotification.exe RebootDialog (No File)
Task: {74C892B5-18A8-4E50-8C75-BE40397E021F} - System32\Tasks\CareCenter\Nero BackItUp_Reg_HKLMWow6432Run => C:\Program Files (x86)\Nero\Nero 2018\Nero BackItup\BackItUp.exe /WinStart (No File)
Task: {79D0BEA1-4B1B-4F00-A18C-C1A88A6FCBB2} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {89590389-45A9-4365-8474-4A5D3800BE9D} - System32\Tasks\CorelUpdateHelperTask-4374451B1A37268CAC5AD55CB8E93C06 => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3813600 2021-12-03] (Corel Corporation -> Corel Corporation)
Task: {8C06097D-BCB8-4C65-8A40-01CD4AC9FE6C} - System32\Tasks\CCleanerSkipUAC - steven => C:\Program Files\CCleaner\CCleaner.exe [32204304 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8DB3FB0F-E6DB-4FFE-83B2-938F7D74B3CF} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3813600 2021-12-03] (Corel Corporation -> Corel Corporation)
Task: {90F2304A-3E30-46CC-B1A9-CDA9E41B86DC} - System32\Tasks\Acer Collection Monitor Application => C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe [417072 2017-12-13] (Acer Incorporated -> Acer Incorporated)
Task: {95D8C6A1-9913-4280-908F-4DFFC2073502} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => C:\WINDOWS\system32\MusNotification.exe Display (No File)
Task: {99623E9F-1E61-4B4C-B0CD-67B8BA5B9560} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2920752 2017-10-30] (Acer Incorporated -> )
Task: {9C315710-0C24-47F7-927E-0AAE08F72DC2} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41264 2017-10-30] (Acer Incorporated -> )
Task: {A0F7A91E-3E93-4DEA-96D7-B1E9A3B6D43F} - System32\Tasks\CareCenter\SecurityHealth_Reg_HKLMRun => C:\Program Files\Windows Defender\MSASCuiL.exe (No File)
Task: {AF9D590B-8B7E-4437-9F30-E8A336DD0967} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-10] (Google Inc -> Google Inc.)
Task: {B0AFD0CE-5196-42EF-AD09-3A755CAC7F40} - System32\Tasks\CLToast => C:\Program Files (x86)\CyberLink\Shared files\CLToast.exe [2317480 2022-03-14] (CyberLink Corp. -> )
Task: {B683611E-D9B6-4005-8FC7-2A00D41F97F7} - System32\Tasks\AcerCMUpdateTask2.5.22250 => C:\Program Files (x86)\Acer\Amundsen\2.5.22250\awc.exe [96904 2022-09-25] (Acer Incorporated -> )
Task: {BC4CEF94-D62F-4D8E-8783-8137C99918FA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8502776 2022-10-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {BEE9753A-4C03-4613-929C-03B89D50D792} - System32\Tasks\Microsoft\Windows\CloudRestore\Restore => {B4BCFA6F-948D-46B8-BF27-E8B1117E23B3} C:\WINDOWS\system32\CloudRestoreLauncher.dll [245760 2022-10-12] (Microsoft Windows -> Microsoft Corporation)
Task: {BF342BB0-ADA7-44F2-925B-A375009F6CEA} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [474368 2018-08-03] (Acer Incorporated -> Acer Incorporated)
Task: {C24246B5-2F68-4EEB-9417-0B250C3F60AA} - System32\Tasks\CLToastRun => C:\Program Files (x86)\CyberLink\Shared files\CLToast.exe [2317480 2022-03-14] (CyberLink Corp. -> )
Task: {C375B8E7-1D4F-4E57-90E7-3BEFD0DFCE06} - System32\Tasks\Microsoft\Windows\WlanSvc\MoProfileManagement => {085EDA12-CF4A-4944-8222-8ADCADE137CB} C:\Windows\System32\WlanMediaManager.dll [897024 2022-10-12] (Microsoft Windows -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
Task: {E254F695-21D1-4CB4-A94D-F66A063F0A75} - System32\Tasks\DashlaneUpgradeCheck => net [Argument = start "Dashlane Upgrade Service"]
Task: {EAB7A5E4-8512-4B60-A2A4-95F1DA20556E} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [215856 2017-09-13] (Acer Incorporated -> TODO: <Company name>)
Task: {EC1E8988-AD5C-4BC1-A0EC-955BD0B9F303} - System32\Tasks\CorelUpdateHelperTask-E710F9D26B744BFC23F8BB83361DCD6E => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3813600 2021-12-03] (Corel Corporation -> Corel Corporation)
Task: {F11C82FC-3260-46B1-8013-754DB6FB21E8} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [65448 2022-10-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {F600DCA5-31C6-4BFA-BF87-A7FB03584C8F} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [447280 2019-09-27] (Acer Incorporated -> Acer Incorporated)
Task: {F87BAE91-2470-40AB-9F94-A437578A5E4D} - System32\Tasks\Microsoft\Windows\Application Experience\SdbinstMergeDbTask => C:\WINDOWS\system32\sdbinst.exe [217088 2022-10-12] (Microsoft Windows -> Microsoft Corporation)
Task: {F89AA82A-D0B2-4311-B091-83BDF56B7DFD} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{47a49dfe-5532-4bd4-b40a-03730b7d6cd7}: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{9272e2bf-6bd5-1513-a95c-605fd4c46776}: [NameServer] 103.86.96.100,103.86.99.100
Edge:
=======
DownloadDir: C:\Users\steve\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\steve\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-20]
Edge DownloadDir: Default -> C:\Users\steve\Downloads
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2019-03-06] [Legacy] [not signed]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-1741543102-3776721137-2454621359-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\steve\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-05-23] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\steve\AppData\Local\Google\Chrome\User Data\Default [2022-10-21]
CHR Notifications: Default -> hxxps://332106553415056.webpush.freshchat.com; hxxps://www.facebook.com; hxxps://www.wondershare.net; hxxps://www.youtube.com
CHR StartupUrls: Default -> "hxxp://google.co.uk/"
CHR Extension: (Adaware Ad Block) - C:\Users\steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmllgdnjnkbapbchnebiedipojhmnjej [2020-06-22]
CHR Extension: (Google Docs Offline) - C:\Users\steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-09-02]
CHR Extension: (Zoom Scheduler) - C:\Users\steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgjfgplpablkjnlkjmjdecgdpfankdle [2022-10-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\steve\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-03-30]
CHR Profile: C:\Users\steve\AppData\Local\Google\Chrome\User Data\System Profile [2022-03-30]
CHR HKLM-x32\...\Chrome\Extension: [cmllgdnjnkbapbchnebiedipojhmnjej]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12477344 2022-10-14] (Microsoft Corporation -> Microsoft Corporation)
S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2017-08-23] (Dashlane -> Dashlane, Inc.)
S3 dcsvc; C:\WINDOWS\system32\dcsvc.dll [802816 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
S3 InventorySvc; C:\WINDOWS\system32\inventorysvc.dll [304480 2022-10-12] (Microsoft Windows -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8765464 2022-10-08] (Malwarebytes Inc. -> Malwarebytes)
S4 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 NordUpdaterService; C:\Program Files\NordUpdater\NordUpdateService.exe [297848 2021-06-07] (nordvpn s.a. -> TEFINCOM S.A.)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [254328 2022-08-03] (nordvpn s.a. -> TEFINCOM S.A.)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S4 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [523568 2019-09-27] (Acer Incorporated -> Acer Incorporated)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [626344 2022-03-14] (CyberLink Corp. -> CyberLink)
R2 SgrmBroker; C:\WINDOWS\system32\Sgrm\SgrmBroker.exe [414632 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 StreamingCore; C:\Program Files\Numecent\Application Jukebox Player\StreamingCore.exe [6788416 2018-01-05] (Numecent, Inc. -> Numecent, Inc.)
R2 TextInputManagementService; C:\WINDOWS\System32\TabSvc.dll [266240 2022-10-12] (Microsoft Windows -> Microsoft Corporation)
S4 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [299824 2017-09-13] (Acer Incorporated -> acer)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [366720 2020-05-29] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe [3170576 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 webthreatdefsvc; C:\WINDOWS\System32\webthreatdefsvc.dll [163840 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S2 webthreatdefusersvc; C:\WINDOWS\System32\webthreatdefusersvc.dll [135168 2022-10-12] (Microsoft Windows -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe [133584 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wuauserv; C:\WINDOWS\system32\wuauserv.dll [137544 2022-10-12] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R2 bfs; C:\WINDOWS\system32\drivers\bfs.sys [91480 2022-10-12] (Microsoft Windows -> Microsoft Corporation)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [42616 2017-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
R3 GeneStor; C:\WINDOWS\System32\drivers\GeneStor.sys [181824 2019-12-27] (GENESYS LOGIC, INC. -> Genesys Logic)
S0 GenPass; C:\WINDOWS\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [62800 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 iVCam; C:\WINDOWS\system32\DRIVERS\iVCam.sys [1089512 2020-04-04] (Shanghai Yitu Information Technology Co., Ltd. -> e2eSoft)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-10-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-05-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsl1dd684b2; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D0A2984F-8AA2-402C-A9B1-A33463F1948D}\MpKslDrv.sys [228632 2022-10-21] (Microsoft Windows -> Microsoft Corporation)
R2 NDivert; C:\Program Files\NordVPN\7.1.1.0\Drivers\NDivert.sys [131472 2022-06-28] (nordvpn s.a. -> Nordvpn S.A.)
S3 nlwt; C:\WINDOWS\system32\DRIVERS\nlwt.sys [39360 2020-10-30] (TEFINCOM S.A. -> WireGuard LLC)
R1 nordlwf; C:\WINDOWS\system32\DRIVERS\nordlwf.sys [38608 2020-10-14] (TEFINCOM S.A. -> TEFINCOM S.A.)
S0 pvscsi; C:\WINDOWS\System32\drivers\pvscsii.sys [45408 2022-05-07] (Microsoft Windows -> VMware, Inc.)
R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [73464 2021-03-08] (Corel Corporation -> Corel Corporation)
S3 RoutePolicy; C:\WINDOWS\System32\drivers\RoutePolicy.sys [98304 2022-05-07] (Microsoft Windows -> )
R0 Sahdad64; C:\WINDOWS\System32\Drivers\Sahdad64.sys [46392 2021-12-14] (Corel Corporation -> Corel Corporation)
R0 Saibad64; C:\WINDOWS\System32\Drivers\Saibad64.sys [38200 2021-12-14] (Corel Corporation -> Corel Corporation)
R1 SaibVdAd64; C:\WINDOWS\System32\Drivers\SaibVdAd64.sys [45880 2021-12-14] (Corel Corporation -> Corel Corporation)
R2 StreamingFSD; C:\WINDOWS\System32\DRIVERS\StreamingFSD.sys [791288 2018-01-08] (Numecent, Inc. -> Numecent, Inc.)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2018-02-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R1 veracrypt; C:\WINDOWS\System32\drivers\veracrypt.sys [831616 2021-03-08] (IDRIX SARL -> IDRIX)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-10-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [25704 2020-09-10] (WDKTestCert user,132375440089837053 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [455968 2022-10-14] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-10-14] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [29592 2022-03-16] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
R2 wtd; C:\WINDOWS\System32\drivers\wtd.sys [118784 2022-10-12] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: DcSvc -> C:\Windows\system32\dcsvc.dll (Microsoft Corporation)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-10-21 12:07 - 2022-10-21 12:08 - 000036764 _____ C:\Users\steve\Desktop\FRST.txt
2022-10-21 12:06 - 2022-10-21 12:06 - 000000000 ____D C:\Users\steve\Desktop\FRST-OlderVersion
2022-10-21 12:04 - 2022-10-21 12:06 - 002373632 _____ (Farbar) C:\Users\steve\Desktop\FRST64.exe
2022-10-21 11:37 - 2022-10-21 11:38 - 000000000 ____D C:\Users\steve\Downloads\The.Stranger.2022.1080p.WEBRip.x265-RARBG
2022-10-21 11:37 - 2022-10-21 11:37 - 000021085 _____ C:\Users\steve\Downloads\The.Stranger.2022.1080p.WEBRip.x265-RARBG-[rarbg.to].torrent
2022-10-21 11:37 - 2022-10-21 11:37 - 000021085 _____ C:\Users\steve\Downloads\The.Stranger.2022.1080p.WEBRip.x265-RARBG-[rarbg.to] (1).torrent
2022-10-21 10:36 - 2022-10-21 10:36 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-10-20 09:38 - 2022-10-21 10:41 - 000003416 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2022-10-20 09:01 - 2022-10-20 09:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2022-10-20 09:01 - 2022-10-20 09:01 - 000000000 ____D C:\Program Files\qBittorrent
2022-10-17 08:10 - 2022-10-17 08:45 - 000000000 ____D C:\Users\steve\Downloads\This.England.S01.720p.WEBRip.DDP5.1.x264-B2B[rartv]
2022-10-17 08:01 - 2022-10-17 08:01 - 028396224 _____ (The qBittorrent project) C:\Users\steve\Downloads\qbittorrent_4.4.5_x64_setup (1).exe
2022-10-17 08:00 - 2022-10-17 08:01 - 028396224 _____ (The qBittorrent project) C:\Users\steve\Downloads\qbittorrent_4.4.5_x64_setup.exe
2022-10-17 08:00 - 2022-10-17 08:00 - 000026103 _____ C:\Users\steve\Downloads\This.England.S01.720p.WEBRip.DDP5.1.x264-B2B[rartv]-[rarbg.to].torrent
2022-10-17 08:00 - 2022-10-17 08:00 - 000026103 _____ C:\Users\steve\Downloads\This.England.S01.720p.WEBRip.DDP5.1.x264-B2B[rartv]-[rarbg.to] (1).torrent
2022-10-12 13:01 - 2022-10-12 13:01 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-10-12 07:47 - 2022-10-12 07:47 - 000327680 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-10-12 07:46 - 2022-10-12 07:46 - 002575632 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2022-10-12 07:46 - 2022-10-12 07:46 - 000296448 _____ C:\WINDOWS\system32\CloudIdWxhExtension.dll
2022-10-12 07:46 - 2022-10-12 07:46 - 000062800 _____ C:\WINDOWS\system32\AppInstallerBackgroundUpdate.exe
2022-10-12 07:45 - 2022-10-12 07:45 - 000046888 _____ C:\WINDOWS\system32\wow64base.dll
2022-10-12 07:44 - 2022-10-12 07:44 - 002088728 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2022-10-12 07:44 - 2022-10-12 07:44 - 000055144 _____ C:\WINDOWS\system32\SFAPE.dll
2022-10-12 07:44 - 2022-10-12 07:44 - 000016565 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-10-12 07:42 - 2022-10-12 07:42 - 000000000 ___HD C:\$WinREAgent
2022-10-10 21:09 - 2022-10-10 21:09 - 000000000 ____D C:\Users\Hannah\Documents\OneNote Notebooks
2022-10-10 18:14 - 2022-10-10 18:14 - 000000020 ___SH C:\Users\Hannah\ntuser.ini
2022-10-09 14:56 - 2022-10-09 14:56 - 000000020 ___SH C:\Users\Gillian\ntuser.ini
2022-10-09 07:49 - 2022-10-09 07:49 - 000002141 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink AudioDirector 365.lnk
2022-10-09 07:49 - 2022-10-09 07:49 - 000002129 _____ C:\Users\Public\Desktop\CyberLink AudioDirector 365.lnk
2022-10-09 07:47 - 2022-10-09 07:47 - 000002137 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink ColorDirector 365.lnk
2022-10-09 07:47 - 2022-10-09 07:47 - 000002125 _____ C:\Users\Public\Desktop\CyberLink ColorDirector 365.lnk
2022-10-09 07:42 - 2022-10-09 07:42 - 000002157 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 365.lnk
2022-10-09 07:42 - 2022-10-09 07:42 - 000002145 _____ C:\Users\Public\Desktop\CyberLink PhotoDirector 365.lnk
2022-10-09 07:36 - 2022-10-09 07:36 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Application Manager.lnk
2022-10-09 07:36 - 2022-10-09 07:36 - 000002296 _____ C:\Users\Public\Desktop\CyberLink Application Manager.lnk
2022-10-09 03:24 - 2022-10-09 03:28 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2022-10-09 03:21 - 2022-10-09 03:23 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2022-10-09 03:21 - 2022-10-09 03:21 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2022-10-09 03:12 - 2022-10-09 03:12 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2022-10-09 03:10 - 2022-10-09 03:10 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-10-09 03:10 - 2022-10-09 03:10 - 000133120 _____ C:\WINDOWS\SysWOW64\stordiag.exe
2022-10-09 03:09 - 2022-10-09 03:09 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-10-09 03:09 - 2022-10-09 03:09 - 000180224 _____ C:\WINDOWS\system32\stordiag.exe
2022-10-09 03:07 - 2022-10-09 03:07 - 000192512 _____ C:\WINDOWS\system32\CloudExperienceHostRedirection.dll
2022-10-09 03:07 - 2022-10-09 03:07 - 000098304 _____ C:\WINDOWS\system32\dplcsp.dll
2022-10-09 03:06 - 2022-10-09 03:06 - 000000020 ___SH C:\Users\steve\ntuser.ini
2022-10-09 03:04 - 2022-10-21 11:38 - 000003506 _____ C:\WINDOWS\system32\Tasks\DashlaneUpgradeCheck
2022-10-09 03:04 - 2022-10-21 10:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-10-09 03:04 - 2022-10-20 13:19 - 000003338 _____ C:\WINDOWS\system32\Tasks\CorelUpdateHelperTask-A8920757F59B1BA85897CD3CEDA3D8AB
2022-10-09 03:04 - 2022-10-17 07:59 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-10-09 03:04 - 2022-10-17 07:59 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-10-09 03:04 - 2022-10-14 17:16 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1741543102-3776721137-2454621359-1003
2022-10-09 03:04 - 2022-10-14 17:16 - 000003384 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1741543102-3776721137-2454621359-1003
2022-10-09 03:04 - 2022-10-14 17:16 - 000003340 _____ C:\WINDOWS\system32\Tasks\CorelUpdateHelperTask-4374451B1A37268CAC5AD55CB8E93C06
2022-10-09 03:04 - 2022-10-14 12:20 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1741543102-3776721137-2454621359-1001
2022-10-09 03:04 - 2022-10-14 12:20 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1741543102-3776721137-2454621359-1001
2022-10-09 03:04 - 2022-10-14 06:56 - 000003338 _____ C:\WINDOWS\system32\Tasks\CorelUpdateHelperTask-E710F9D26B744BFC23F8BB83361DCD6E
2022-10-09 03:04 - 2022-10-10 18:17 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1741543102-3776721137-2454621359-1002
2022-10-09 03:04 - 2022-10-10 18:17 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1741543102-3776721137-2454621359-1002
2022-10-09 03:04 - 2022-10-09 07:49 - 000003622 _____ C:\WINDOWS\system32\Tasks\CLToast
2022-10-09 03:04 - 2022-10-09 07:49 - 000003448 _____ C:\WINDOWS\system32\Tasks\CLToastRun
2022-10-09 03:04 - 2022-10-09 03:05 - 000004302 _____ C:\WINDOWS\system32\Tasks\Software Update Application
2022-10-09 03:04 - 2022-10-09 03:05 - 000003852 _____ C:\WINDOWS\system32\Tasks\ACCAgent
2022-10-09 03:04 - 2022-10-09 03:05 - 000003682 _____ C:\WINDOWS\system32\Tasks\AcerCMUpdateTask2.5.22250
2022-10-09 03:04 - 2022-10-09 03:05 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-10-09 03:04 - 2022-10-09 03:05 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-10-09 03:04 - 2022-10-09 03:05 - 000002820 _____ C:\WINDOWS\system32\Tasks\ACC
2022-10-09 03:04 - 2022-10-09 03:05 - 000002770 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task v2
2022-10-09 03:04 - 2022-10-09 03:05 - 000002766 _____ C:\WINDOWS\system32\Tasks\UbtFrameworkService
2022-10-09 03:04 - 2022-10-09 03:05 - 000002630 _____ C:\WINDOWS\system32\Tasks\Acer Collection Monitor Application
2022-10-09 03:04 - 2022-10-09 03:05 - 000002596 _____ C:\WINDOWS\system32\Tasks\PowerDirectorStyleAgent
2022-10-09 03:04 - 2022-10-09 03:05 - 000002596 _____ C:\WINDOWS\system32\Tasks\Acer Collection Application
2022-10-09 03:04 - 2022-10-09 03:05 - 000002590 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2022-10-09 03:04 - 2022-10-09 03:05 - 000002440 _____ C:\WINDOWS\system32\Tasks\CorelUpdateHelperTaskCore
2022-10-09 03:04 - 2022-10-09 03:05 - 000002328 _____ C:\WINDOWS\system32\Tasks\ACCBackgroundApplication
2022-10-09 03:04 - 2022-10-09 03:05 - 000002256 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - steven
2022-10-09 03:04 - 2022-10-09 03:05 - 000002222 _____ C:\WINDOWS\system32\Tasks\Quick Access
2022-10-09 03:04 - 2022-10-09 03:04 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-10-09 03:04 - 2022-10-09 03:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\Oem
2022-10-09 03:04 - 2022-10-09 03:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\Nero
2022-10-09 03:04 - 2022-10-09 03:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\Intel
2022-10-09 03:04 - 2022-10-09 03:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\CareCenter
2022-10-09 03:04 - 2022-10-09 03:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-10-09 03:04 - 2022-10-09 03:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2022-10-09 03:00 - 2022-10-09 03:04 - 000022863 _____ C:\WINDOWS\diagwrn.xml
2022-10-09 03:00 - 2022-10-09 03:04 - 000022863 _____ C:\WINDOWS\diagerr.xml
2022-10-09 03:00 - 2022-10-09 03:00 - 000000000 ____D C:\Program Files\Reference Assemblies
2022-10-09 03:00 - 2022-10-09 03:00 - 000000000 ____D C:\Program Files\MSBuild
2022-10-09 03:00 - 2022-10-09 03:00 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2022-10-09 03:00 - 2022-10-09 03:00 - 000000000 ____D C:\Program Files (x86)\MSBuild
2022-10-09 02:58 - 2022-10-09 02:58 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2022-10-09 02:58 - 2022-10-09 02:58 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2022-10-09 02:57 - 2022-10-09 02:57 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2022-10-09 02:57 - 2022-10-09 02:57 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2022-10-09 02:57 - 2022-10-09 02:57 - 000000000 ____D C:\WINDOWS\addins
2022-10-09 02:52 - 2022-10-14 17:13 - 000852164 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-10-09 02:39 - 2022-10-10 18:14 - 000000000 ____D C:\Users\Hannah
2022-10-09 02:39 - 2022-10-09 14:56 - 000000000 ____D C:\Users\Gillian
2022-10-09 02:39 - 2022-10-09 03:06 - 000000000 ____D C:\Users\steve
2022-10-09 02:39 - 2022-05-07 06:19 - 000001281 _____ C:\Users\steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk
2022-10-09 02:39 - 2022-05-07 06:19 - 000001281 _____ C:\Users\Hannah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk
2022-10-09 02:39 - 2022-05-07 06:19 - 000001281 _____ C:\Users\Gillian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk
2022-10-09 02:39 - 2022-05-07 06:19 - 000000407 _____ C:\Users\steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk
2022-10-09 02:39 - 2022-05-07 06:19 - 000000407 _____ C:\Users\Hannah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk
2022-10-09 02:39 - 2022-05-07 06:19 - 000000407 _____ C:\Users\Gillian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk
2022-10-09 02:32 - 2022-10-09 02:32 - 000000000 ____D C:\WINDOWS\system32\config\BFS
2022-10-09 02:31 - 2022-10-21 10:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-10-09 02:31 - 2022-10-12 08:51 - 000649968 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-10-08 22:10 - 2022-10-20 09:20 - 000000000 ___DC C:\WINDOWS\Panther
2022-10-08 21:38 - 2022-08-29 14:15 - 008817232 ____N (Intel Corporation) C:\WINDOWS\system32\Drivers\Netwtw08.sys
2022-10-08 21:38 - 2022-08-29 14:15 - 001677376 _____ (Intel Corporation) C:\WINDOWS\system32\IntelIHVRouter08.dll
2022-10-08 21:38 - 2022-08-29 13:54 - 002686148 _____ C:\WINDOWS\system32\Drivers\Netwfw08.dat
2022-10-08 21:38 - 2020-09-10 11:15 - 000025704 _____ (Western Digital Technologies, Inc.) C:\WINDOWS\system32\Drivers\wdcsam64.sys
2022-10-08 21:29 - 2022-10-08 21:29 - 000002069 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 365.lnk
2022-10-08 21:29 - 2022-10-08 21:29 - 000002057 _____ C:\Users\Public\Desktop\CyberLink PowerDirector 365.lnk
2022-10-08 21:16 - 2022-10-08 21:17 - 022794688 _____ C:\Users\steve\Downloads\ApplicationManager_v2107_rv217698(4.1)_STD_APM220714-01.exe
2022-10-08 20:53 - 2022-10-08 20:55 - 000000000 ____D C:\Users\steve\Downloads\Gold.Rush.S13E02.WEBRip.x264-ION10
2022-10-08 20:52 - 2022-10-08 20:56 - 000000000 ____D C:\Users\steve\Downloads\Gold.Rush.S13E01.WEBRip.x264-ION10
2022-10-08 20:47 - 2022-10-08 20:47 - 000000000 ____D C:\ProgramData\NordUpdater
2022-10-08 20:44 - 2022-10-21 10:41 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2022-09-29 14:52 - 2022-09-29 14:52 - 000000000 ____D C:\Users\Hannah\AppData\Roaming\Corel
2022-09-29 14:48 - 2022-09-29 14:48 - 000000000 ____D C:\Users\Hannah\AppData\Local\Wondershare
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-10-21 12:09 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-21 12:08 - 2021-04-21 12:31 - 000000000 ____D C:\Users\steve\AppData\Roaming\qBittorrent
2022-10-21 12:08 - 2020-01-09 09:16 - 000000000 ____D C:\FRST
2022-10-21 11:40 - 2018-10-10 20:54 - 000000000 ____D C:\Program Files (x86)\Google
2022-10-21 10:55 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-10-21 10:44 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-21 10:44 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-10-21 10:43 - 2020-07-04 13:21 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-21 10:43 - 2020-07-04 13:21 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-10-21 10:41 - 2021-02-21 15:25 - 000000000 ____D C:\Program Files\CCleaner
2022-10-21 10:39 - 2018-10-10 22:43 - 000000000 ____D C:\Users\steve\AppData\Local\CrashDumps
2022-10-21 10:35 - 2020-11-09 16:43 - 000012288 ___SH C:\DumpStack.log.tmp
2022-10-20 13:31 - 2022-05-07 06:17 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2022-10-20 13:10 - 2022-09-05 16:47 - 000011214 _____ C:\Users\Gillian\Desktop\Wedding Menu.xlsx
2022-10-20 13:01 - 2018-10-10 20:49 - 000000000 __SHD C:\Users\Gillian\IntelGraphicsProfiles
2022-10-20 09:47 - 2018-10-14 10:38 - 000000000 ____D C:\Users\steve\AppData\Local\ElevatedDiagnostics
2022-10-17 07:54 - 2020-10-30 16:03 - 000000000 ____D C:\Users\steve\AppData\Local\NordVPN
2022-10-17 07:54 - 2020-10-30 16:03 - 000000000 ____D C:\ProgramData\NordVPN
2022-10-14 17:16 - 2020-11-09 15:01 - 000002438 _____ C:\Users\Gillian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-10-14 17:13 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2022-10-14 12:24 - 2018-10-23 21:09 - 000000000 ____D C:\Users\steve\AppData\Local\D3DSCache
2022-10-14 12:20 - 2021-05-13 12:22 - 000002432 _____ C:\Users\steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-10-14 12:20 - 2018-10-10 19:30 - 000000000 ____D C:\Program Files\Microsoft Office
2022-10-14 12:12 - 2018-10-10 21:55 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-10-14 07:09 - 2020-10-30 16:03 - 000000000 ____D C:\Program Files\NordVPN
2022-10-14 07:08 - 2020-10-30 16:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordSec
2022-10-14 00:19 - 2018-10-10 20:55 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-10-14 00:19 - 2018-10-10 20:55 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-10-12 09:28 - 2018-10-10 21:45 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-10-12 09:25 - 2018-10-10 21:45 - 147398024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-10-12 08:54 - 2018-10-10 20:33 - 000000000 __SHD C:\Users\Hannah\IntelGraphicsProfiles
2022-10-12 08:44 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Globalization
2022-10-12 08:43 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\UUS
2022-10-12 08:43 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2022-10-12 08:43 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2022-10-12 08:43 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-10-12 08:42 - 2022-05-07 11:09 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2022-10-12 08:42 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-10-12 08:42 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2022-10-12 08:42 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-10-12 08:42 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-10-12 08:42 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\setup
2022-10-12 08:42 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-10-12 08:42 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-10-12 08:42 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-10-12 08:42 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-10-12 08:40 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-10-12 08:40 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-10-12 08:40 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-10-12 08:40 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-10-12 08:40 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Provisioning
2022-10-12 08:40 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-10-12 08:40 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-10-12 08:39 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\System
2022-10-12 08:27 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-10-12 08:24 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\servicing
2022-10-12 08:18 - 2022-05-07 06:25 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2022-10-12 08:18 - 2022-05-07 06:24 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2022-10-10 18:52 - 2018-10-10 20:33 - 000000000 ____D C:\Users\Hannah\AppData\Local\ConnectedDevicesPlatform
2022-10-10 18:33 - 2018-10-10 20:33 - 000000000 ____D C:\Users\Hannah\AppData\Local\Packages
2022-10-10 18:27 - 2020-09-13 11:46 - 000000000 ____D C:\Users\Hannah\AppData\Local\D3DSCache
2022-10-10 18:17 - 2020-11-09 15:01 - 000002435 _____ C:\Users\Hannah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-10-10 18:15 - 2018-07-12 18:24 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-10-10 15:15 - 2021-10-17 15:05 - 000000000 ____D C:\Users\Gillian\AppData\Local\D3DSCache
2022-10-09 15:16 - 2018-10-10 20:49 - 000000000 ____D C:\Users\Gillian\AppData\Local\Packages
2022-10-09 11:45 - 2020-10-30 16:03 - 000001780 _____ C:\Users\steve\Desktop\NordVPN.lnk
2022-10-09 09:40 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\appcompat
2022-10-09 07:59 - 2022-06-30 20:28 - 000000000 ____D C:\ProgramData\SUPPORTDIR
2022-10-09 07:59 - 2018-07-12 19:13 - 000000000 ____D C:\Program Files (x86)\NSIS Uninstall Information
2022-10-09 07:59 - 2018-07-12 18:31 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-10-09 07:58 - 2018-07-12 19:12 - 000000000 ____D C:\ProgramData\install_clap
2022-10-09 07:58 - 2018-07-12 19:12 - 000000000 ____D C:\ProgramData\install_backup
2022-10-09 07:57 - 2022-04-08 14:07 - 000000000 ____D C:\Program Files\CyberLink
2022-10-09 07:49 - 2022-04-08 14:09 - 000001297 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Notification Center.lnk
2022-10-09 07:46 - 2018-07-12 18:26 - 000000000 ____D C:\ProgramData\Package Cache
2022-10-09 07:41 - 2021-01-29 13:26 - 000000000 ____D C:\Users\steve\AppData\Roaming\NordPass
2022-10-09 07:36 - 2018-07-12 19:13 - 000000000 ____D C:\Program Files (x86)\CyberLink
2022-10-09 05:14 - 2018-10-10 22:17 - 000000000 ____D C:\ProgramData\Packages
2022-10-09 03:29 - 2022-06-15 22:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HandBrake
2022-10-09 03:29 - 2022-05-07 06:24 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2022-10-09 03:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2022-10-09 03:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\spool
2022-10-09 03:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2022-10-09 03:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-10-09 03:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2022-10-09 03:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2022-10-09 03:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Registration
2022-10-09 03:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-10-09 03:29 - 2022-04-21 12:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2022-10-09 03:29 - 2022-04-14 16:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2022-10-09 03:29 - 2022-03-13 16:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2022-10-09 03:29 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2022-10-09 03:29 - 2021-05-25 15:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PaintShop Pro X7
2022-10-09 03:29 - 2021-03-08 15:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VeraCrypt
2022-10-09 03:29 - 2021-02-21 15:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2022-10-09 03:29 - 2020-11-08 21:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Tools M Beta
2022-10-09 03:29 - 2020-11-06 11:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2022-10-09 03:29 - 2019-11-14 10:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cloudpaging Player
2022-10-09 03:29 - 2019-11-14 10:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics
2022-10-09 03:29 - 2019-04-10 16:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2022-10-09 03:29 - 2018-11-10 08:46 - 000000000 ____D C:\WINDOWS\system32\Intel
2022-10-09 03:29 - 2018-10-10 22:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2022-10-09 03:29 - 2018-10-10 18:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Acer
2022-10-09 03:29 - 2018-10-10 17:43 - 000000000 ____D C:\WINDOWS\oem
2022-10-09 03:29 - 2018-07-12 19:13 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 14
2022-10-09 03:29 - 2018-07-12 19:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2022-10-09 03:29 - 2018-07-12 18:54 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2022-10-09 03:29 - 2018-07-12 18:38 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles
2022-10-09 03:28 - 2022-05-07 06:28 - 000000000 ____D C:\WINDOWS\Setup
2022-10-09 03:28 - 2022-05-07 06:24 - 000000000 __RHD C:\Users\Public\Libraries
2022-10-09 03:28 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2022-10-09 03:28 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-10-09 03:28 - 2019-06-29 11:20 - 000000000 ____D C:\Program Files\UNP
2022-10-09 03:28 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2022-10-09 03:28 - 2018-07-12 18:26 - 000000000 ____D C:\Program Files\Intel
2022-10-09 03:27 - 2018-10-10 18:55 - 000000000 ____D C:\Users\steve\AppData\Local\Packages
2022-10-09 03:24 - 2022-08-10 15:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2022-10-09 03:24 - 2022-06-16 08:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iSkysoft
2022-10-09 03:24 - 2022-05-27 07:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty
2022-10-09 03:24 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Resources
2022-10-09 03:24 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Help
2022-10-09 03:24 - 2022-01-06 23:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\inPixio
2022-10-09 03:24 - 2021-12-20 18:44 - 000000000 ____D C:\WINDOWS\system32\Samsung
2022-10-09 03:24 - 2021-03-03 17:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WD Discovery
2022-10-09 03:24 - 2018-10-23 16:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2022-10-09 03:15 - 2022-05-07 06:25 - 000076800 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2022-10-09 03:15 - 2022-05-07 06:24 - 000118784 _____ (Khronos Group) C:\WINDOWS\system32\opencl.dll
2022-10-09 03:05 - 2022-05-07 06:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-10-09 03:04 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Windows Defender
2022-10-09 03:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\OCR
2022-10-09 02:58 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-10-09 02:58 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-10-09 02:58 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-10-09 02:58 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-10-09 02:58 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-10-09 02:58 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-10-09 02:58 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-10-09 02:58 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-10-09 02:56 - 2022-05-07 11:18 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2022-10-09 02:56 - 2022-05-07 11:18 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-10-09 02:56 - 2022-05-07 11:09 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2022-10-09 02:56 - 2022-05-07 11:09 - 000000000 ____D C:\WINDOWS\system32\WCN
2022-10-09 02:56 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2022-10-09 02:56 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\F12
2022-10-09 02:56 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2022-10-09 02:56 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-10-09 02:56 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2022-10-09 02:45 - 2021-03-09 19:26 - 000000000 ____D C:\Users\Gillian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cisco Webex Meetings Desktop App
2022-10-09 02:45 - 2021-03-02 13:59 - 000000000 ____D C:\Users\steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2022-10-09 02:45 - 2021-01-24 17:46 - 000000000 ____D C:\Users\Gillian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2022-10-09 02:45 - 2020-05-23 15:55 - 000000000 ____D C:\Users\steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2022-10-09 02:43 - 2021-01-06 13:49 - 000000000 ____D C:\Users\steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NordSec
2022-10-09 02:37 - 2022-04-04 22:08 - 000000000 ____D C:\WINDOWS\Firmware
2022-10-09 02:32 - 2020-01-10 19:16 - 000000000 __SHD C:\IntelOptaneData
2022-10-08 20:58 - 2018-07-12 19:03 - 000000000 ____D C:\Program Files (x86)\Acer
2022-10-08 20:47 - 2022-03-07 15:36 - 000000000 ____D C:\Program Files\NordUpdater
==================== Files in the root of some directories ========
2022-03-30 13:23 - 2022-03-30 13:23 - 020987948 _____ () C:\Users\steve\AppData\Local\004_Gift_To_Be_Simple.mid-compiled.wav
2022-03-30 13:24 - 2022-03-30 13:24 - 024735788 _____ () C:\Users\steve\AppData\Local\006_Smithwicks_Tavern.mid-compiled.wav
2022-03-30 13:23 - 2022-03-30 13:23 - 009547820 _____ () C:\Users\steve\AppData\Local\105_Ambient_High_Energy.mid-compiled.wav
2022-03-30 13:23 - 2022-03-30 13:23 - 033538092 _____ () C:\Users\steve\AppData\Local\106_Sweetly_Remembering.mid-compiled.wav
2022-03-30 16:52 - 2022-03-30 17:08 - 010846252 _____ () C:\Users\steve\AppData\Local\119_Club_Med.mid-compiled.wav
==================== FLock ==============================
2022-05-07 06:24 C:\WINDOWS\system32\WebThreatDefSvc
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-10-2022
Ran by steven (21-10-2022 12:11:39)
Running from C:\Users\steve\Desktop
Microsoft Windows 11 Home Version 22H2 22621.674 (X64) (2022-10-09 02:06:27)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1741543102-3776721137-2454621359-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1741543102-3776721137-2454621359-503 - Limited - Disabled)
Gillian (S-1-5-21-1741543102-3776721137-2454621359-1003 - Limited - Enabled) => C:\Users\Gillian
Guest (S-1-5-21-1741543102-3776721137-2454621359-501 - Limited - Disabled)
Hannah (S-1-5-21-1741543102-3776721137-2454621359-1002 - Limited - Enabled) => C:\Users\Hannah
steven (S-1-5-21-1741543102-3776721137-2454621359-1001 - Administrator - Enabled) => C:\Users\steve
WDAGUtilityAccount (S-1-5-21-1741543102-3776721137-2454621359-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3038 - Acer Incorporated)
Acer Collection (HKLM-x32\...\{8CD449EA-BBA0-477F-AFF9-9AF6E8C50EF2}) (Version: 1.01.3011 - Acer Incorporated)
Acer Configuration Manager (HKLM-x32\...\{8CB1A03C-9849-4744-AD56-341A18F9E3E2}) (Version: 2.5.22250 - Acer)
Acer Jumpstart (HKLM-x32\...\{353B4583-ED04-4DF2-A1D6-A5A3EF5C4EBF}) (Version: 3.2.18270.20 - Acer)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.03.3005 - Acer Incorporated)
Adobe Photoshop Lightroom 5.6 64-bit (HKLM\...\{D19E99C2-6D9D-4075-B446-B4387EAF70A5}) (Version: 5.6.0 - Adobe Systems Incorporated)
App Explorer (HKU\S-1-5-21-1741543102-3776721137-2454621359-1002\...\Host App Service) (Version: 0.273.3.707 - SweetLabs) <==== ATTENTION
App Explorer (HKU\S-1-5-21-1741543102-3776721137-2454621359-1003\...\Host App Service) (Version: 0.273.3.727 - SweetLabs) <==== ATTENTION
Avanquest Message (HKU\S-1-5-21-1741543102-3776721137-2454621359-1001\...\{20573C69-4A68-4BEF-A23D-365CB66924CE}) (Version: 2.16.0 - Avanquest Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
calibre 64bit (HKLM\...\{4267BC3E-35CF-4F1A-AD0F-4A4B746C19D5}) (Version: 5.40.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 6.04 - Piriform)
Cisco Webex Meetings (HKU\S-1-5-21-1741543102-3776721137-2454621359-1003\...\ActiveTouchMeetingClient) (Version: 41.7.4 - Cisco Webex LLC)
Cloudpaging Player (HKLM\...\{23F6FB7C-C1E2-491B-91A1-0441D5191BC7}) (Version: 9.0.4.21424 - Numecent, Inc.)
Corel AfterShot 3 - ICA x64 (HKLM\...\{FE875B02-11A1-4D1E-B57A-8DE2C00C0B51}) (Version: 3.7 - Corel Corporation) Hidden
Corel AfterShot 3 - IPM Content x64 (HKLM\...\{3E064BED-C9D8-4BEF-A2EE-8D67E99C3932}) (Version: 3.6 - Corel Corporation) Hidden
Corel AfterShot 3 - IPM x64 (HKLM\...\{5059B47C-4D7B-46E9-9D7A-1E2FCF5DDBED}) (Version: 3.7.0.446 - Corel Corporation) Hidden
Corel AfterShot 3(64-bit) (HKLM\...\_{FE875B02-11A1-4D1E-B57A-8DE2C00C0B51}) (Version: 3.7.0.446 - Corel Corporation)
Corel PaintShop Pro X7 (HKLM-x32\...\_{176F50D6-6857-49CE-B731-65F757EE3F0D}) (Version: 17.0.0.199 - Corel Corporation)
Corel PaintShop Pro X7 (HKLM-x32\...\{17196252-8555-4E35-9C06-F743143D76D4}) (Version: 17.0.0.199 - Corel Corporation) Hidden
Corel Update Manager (HKLM\...\{B6C0FB43-0C9B-46E6-93E4-DF171ED80C53}) (Version: 2.15.656 - Corel corporation) Hidden
CyberLink Application Manager (HKLM-x32\...\{D25D3E15-CABD-420c-B62C-70C1C5EE63FD}) (Version: 4.1.2107.0 - CyberLink Corp.)
CyberLink AudioDirector 365 (HKLM-x32\...\{D60A6FFA-B98B-4941-A079-1A42D73BEF3E}) (Version: 13.0.2106.0 - CyberLink Corp.)
CyberLink ColorDirector 365 (HKLM-x32\...\{B808A1BC-2753-42F7-9543-F46BA2CD08E2}) (Version: 11.0.2031.0 - CyberLink Corp.)
CyberLink PhotoDirector 14 (HKLM-x32\...\{EF76B1BC-DB92-4A4F-8411-849406461806}) (Version: 14.0.0922.0 - CyberLink Corp.)
CyberLink PowerDirector 365 (HKLM-x32\...\{1C2ACE6C-5C3C-45d7-8CF0-149DD8514825}) (Version: 21.0.2123.0 - CyberLink Corp.)
CyberLink PowerDirector Content Pack Premium 2 (HKLM-x32\...\{CF520E54-7DB7-4402-B581-FC0D6734D0C6}) (Version: 2 - CyberLink Corp.)
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.8216.01 - CyberLink Corp.)
CyberLink Screen Recorder 4 (HKLM-x32\...\{6819D136-7F3F-4A0D-96C1-368BE830BFDA}) (Version: 4.3.0.19614 - CyberLink Corp.)
CyberLink Shape Transitions Pack (HKLM-x32\...\{A49D8AB7-695A-4D72-BACB-A406008387BF}) (Version: 1.0 - CyberLink Corp.)
CyberLink Travel Pack 2012 (HKLM-x32\...\{66D6469F-58C2-4CFA-B562-E1632065D89A}) (Version: 2 - CyberLink Corp.)
Dashlane Upgrade Service (HKLM-x32\...\Dashlane Upgrade Service) (Version: 2.1.17.0 - Dashlane, Inc.)
EaseUS Tools M Beta 0.7.1 (HKLM-x32\...\D72C2F7D-B75E-4641-AFBE-199B95066617_is1) (Version: - EaseUS)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.4.3 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
EPSON Printer Finder (HKLM-x32\...\{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}) (Version: 1.0.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{14898485-6509-496B-8C30-D5DB8C1C8639}) (Version: 4.6.3 - Seiko Epson Corporation)
EPSON XP-205 207 Series Printer Uninstall (HKLM\...\EPSON XP-205 207 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 106.0.5249.119 - Google LLC)
HandBrake 1.5.1 (HKLM-x32\...\HandBrake) (Version: 1.5.1 - )
IBM SPSS Statistics 26 (HKLM\...\{1AC22BAE-DC13-4991-9910-AE3743A4592D}) (Version: 26.0.0.0 - IBM Corp)
ICA (HKLM-x32\...\{176F50D6-6857-49CE-B731-65F757EE3F0D}) (Version: 17.0.0.199 - Corel Corporation) Hidden
inPixio Photo 11 (HKLM-x32\...\{813DB0CA-56D4-4388-AD08-4306C2E042CF}) (Version: 11.0.0 - inPixio)
InPixio Photo Studio Ultimate Resource Pack version 11.1 (HKLM-x32\...\{19015B20-34CB-4C46-9388-7F7E3678C6A8}_is1) (Version: 11.1 - InPixio)
Intel® Chipset Device Software (HKLM\...\{C844CC39-BC28-46CA-8239-3F37D8FE2A59}) (Version: 10.1.17541.8066 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1808.12.0.1102 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{B4F59074-915E-4DFE-BFD6-1B415B37AE2F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{ED204DD8-2982-4B22-B077-0F70024D5FEB}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Driver (HKLM\...\{4B1DEC5C-ED0A-4DD1-ADB2-FD1117FF94D7}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4973 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.0.2.1086 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{64A94A93-B0C4-4B16-8CDC-FDB06E8CC306}) (Version: 16.0.2.1086 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel® Wireless Bluetooth® (HKLM-x32\...\{00000040-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.40.0 - Intel Corporation)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{2D79E334-B178-45B9-A2A6-7A60A084C268}) (Version: 16.8.0.1000 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{18ec79fd-8f83-4e12-bfa5-80c9872cc56b}) (Version: 20.40.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{F70E0149-0BD0-4933-ADD0-1DC74D8F513B}) (Version: 20.40.0.1365 - Intel Corporation) Hidden
IPM_PSP_COM (HKLM-x32\...\{174F9DF8-AC60-486A-8FF4-A22831D48E0D}) (Version: 17.0.0.199 - Corel Corporation) Hidden
IPM_PSP_COM64 (HKLM\...\{17704FA2-B1D2-4D5C-A23D-BDA0D2BC9CC7}) (Version: 17.0.0.199 - Corel Corporation) Hidden
iPod Support (HKLM\...\{57D75376-1F31-4182-8EC8-31A6785ABF29}) (Version: 120.7.3.55 - Apple Inc.)
iSkysoft DVD Creator(Build 6.2.8) (HKLM-x32\...\iSkysoft DVD Creator_is1) (Version: - iSkysoft Software)
iSkysoft Helper Compact 2.5.2 (HKLM-x32\...\{9BF12010-8799-41A5-A671-E9CFDE9E79F3}_is1) (Version: 2.5.2 - iSkysoft)
MAGIX Fastcut (Editing templates 1) (HKLM\...\{397087AF-DB1A-4B60-84A7-436DC262CEC2}) (Version: 1.1.0.0 - MAGIX Software GmbH) Hidden
MAGIX Fastcut (Editing templates 1) (HKLM\...\MX.{397087AF-DB1A-4B60-84A7-436DC262CEC2}) (Version: 1.1.0.0 - MAGIX Software GmbH)
MAGIX Fastcut (Editing templates 2) (HKLM\...\{B4E4BC18-102D-46D0-9A40-C42F9E7D6337}) (Version: 1.1.0.0 - MAGIX Software GmbH) Hidden
MAGIX Fastcut (Editing templates 2) (HKLM\...\MX.{B4E4BC18-102D-46D0-9A40-C42F9E7D6337}) (Version: 1.1.0.0 - MAGIX Software GmbH)
MAGIX Fastcut (HKLM\...\{79BB86DF-723E-416A-81F2-E4F88FB71936}) (Version: 1.0.0.85 - MAGIX Software GmbH) Hidden
MAGIX Fastcut (HKLM\...\MX.{79BB86DF-723E-416A-81F2-E4F88FB71936}) (Version: 1.0.0.85 - MAGIX Software GmbH)
Malwarebytes version 4.5.14.210 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.14.210 - Malwarebytes)
Microsoft .NET Host - 6.0.4 (x64) (HKLM\...\{E8F68286-7C62-4E7D-A28F-277FFEBC2B9D}) (Version: 48.19.39076 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.4 (x64) (HKLM\...\{51701D62-C986-4508-B423-5EFE6FF708B7}) (Version: 48.19.39076 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.4 (x64) (HKLM\...\{BA6DD641-C766-473C-B70A-451F96F4D88B}) (Version: 48.19.39076 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 106.0.1370.52 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 106.0.1370.47 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.15629.20208 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1741543102-3776721137-2454621359-1001\...\OneDriveSetup.exe) (Version: 22.196.0918.0001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1741543102-3776721137-2454621359-1002\...\OneDriveSetup.exe) (Version: 22.196.0918.0001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1741543102-3776721137-2454621359-1003\...\OneDriveSetup.exe) (Version: 22.196.0918.0001 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1741543102-3776721137-2454621359-1003\...\Teams) (Version: 1.4.00.29469 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{6A2A8076-135F-4F55-BB02-DED67C8C6934}) (Version: 4.67.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{9F513024-FFAD-4466-8CF0-5348389196B8}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{C521A8D8-511F-43DF-B789-7DD0B3F7363B}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.26.28720 (HKLM-x32\...\{86380aef-fd23-4fc3-8723-a98ccad8f2c6}) (Version: 14.26.28720.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 (HKLM-x32\...\{2d507699-404c-4c8b-a54a-38e352f32cdd}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.26.28720 (HKLM-x32\...\{2F69FB2B-2C48-491C-B249-22C1BDCE1117}) (Version: 14.26.28720 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.26.28720 (HKLM-x32\...\{31C9EB3A-5F0C-49E7-8E6C-D404E48F433D}) (Version: 14.26.28720 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 (HKLM\...\{38624EB5-356D-4B08-8357-C33D89A5C0C5}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 (HKLM\...\{C96241EA-9900-4FE8-85B3-1E238D509DF6}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.4 (x64) (HKLM\...\{A0EC4CD9-836A-4D8B-BBD7-D5BC3902465C}) (Version: 48.19.39090 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.4 (x64) (HKLM-x32\...\{73e5de3a-8f61-4a4a-ac84-0d7d5c9b9b5f}) (Version: 6.0.4.31115 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MyEpson Portal (HKLM-x32\...\{3361D415-BA35-4143-B301-661991BA6219}) (Version: 1.1.2.2 - SEIKO EPSON CORPORATION) Hidden
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version: - SEIKO EPSON Corporation)
Nero Info (HKLM-x32\...\Nero Info) (Version: 24.5.1.12 - Nero AG)
Nero SharedVideoCodecs (HKLM-x32\...\{2432E589-6256-4513-B0BF-EFA8E325D5F0}) (Version: 1.0.19014 - Nero AG) Hidden
Nero WiFi+Transfer (HKLM-x32\...\WiFi+Transfer) (Version: 1.0.5.3 - Nero AG)
NordPass (HKU\S-1-5-21-1741543102-3776721137-2454621359-1001\...\285d85e1-fc76-5a0e-ba2d-20241a7fe9d2) (Version: 2.15.11 - NordPass Team)
NordUpdater (HKLM\...\{6E35DB82-3D19-4DD6-B8CB-F082815FDE18}_is1) (Version: 1.3.0.73 - Nord Security)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 7.1.1.0 - Nord Security)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NordVPN network TUN (HKLM\...\{BD0E4F38-D3F6-452D-A32E-B14D721839AC}) (Version: 1.0.1 - NordVPN)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
PSPPContent (HKLM-x32\...\{17289BF4-5826-447B-A20A-738044D0B3E5}) (Version: 17.0.0.199 - Corel Corporation) Hidden
PSPPHelp (HKLM-x32\...\{1735F0DE-B173-4116-BABC-653A12FB9238}) (Version: 17.0.0.199 - Corel Corporation) Hidden
PSPPro64 (HKLM\...\{17511557-C430-486A-AB5A-87A8134B2613}) (Version: 17.0.0.199 - Corel Corporation) Hidden
qBittorrent 4.4.5 (HKLM-x32\...\qBittorrent) (Version: 4.4.5 - The qBittorrent project)
Quick Access Service (HKLM\...\{AB25551C-74EF-4BAB-9989-891517FCF9FF}) (Version: 3.00.3009 - Acer Incorporated)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.23.1003.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8383 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.3.9 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.3.9 - VS Revo Group, Ltd.)
Setup (HKLM-x32\...\{17088A4E-3CF3-4F12-926D-2A9E8085B8EC}) (Version: 17.0.0.199 - Corel Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}) (Version: 2.54.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.24-Update7 - IDRIX)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-6) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-7) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WD Security (HKLM-x32\...\{327CA54B-8D15-4BE2-A4D2-868194BF7B97}) (Version: 2.0.0.76 - Western Digital Technologies, Inc.) Hidden
WD Security (HKLM-x32\...\{9629d8ce-7cc4-4142-b7f8-2c003f1c6613}) (Version: 2.0.0.76 - Western Digital Technologies, Inc.)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22925 - Microsoft Corporation)
Windows PC Health Check (HKLM\...\{77ACFAF7-E5AB-410D-BA14-BBEBF89422DE}) (Version: 3.1.2109.29003 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinX HD Video Converter Deluxe 5.6.0 (HKLM-x32\...\WinX HD Video Converter Deluxe_is1) (Version: - Digiarty Software, Inc.)
Wondershare Filmora 11(Build 11.4.7.358) (HKLM\...\Wondershare Filmora 11_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Zoom (HKU\S-1-5-21-1741543102-3776721137-2454621359-1001\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.)
Zoom (HKU\S-1-5-21-1741543102-3776721137-2454621359-1003\...\ZoomUMX) (Version: 5.4.9 (59931.0110) - Zoom Video Communications, Inc.)
Packages:
=========
Acer Collection -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCollection_1.1.3013.0_x64__48frkmn4z8aw4 [2018-10-21] (Acer Incorporated)
Acer Product Registration -> C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3040.0_x64__48frkmn4z8aw4 [2022-10-14] (Acer Incorporated)
Amazon Alexa -> C:\Program Files\WindowsApps\57540AMZNMobileLLC.AmazonAlexa_3.24.1213.0_x64__22t9g3sebte08 [2022-05-26] (AMZN Mobile LLC.) [Startup Task]
Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_2.5.1.0_neutral__yxz26nhyzhsrt [2022-10-14] (Microsoft Corp.)
Evernote -> C:\Program Files\WindowsApps\Evernote.Evernote_10.47.7.0_x64__q4d96b2w5wcc2 [2022-10-20] (Evernote) [Startup Task]
Facebook -> C:\Program Files\WindowsApps\FACEBOOK.FACEBOOK_2021.927.1.0_neutral__8xx8rvfyw5nnt [2022-10-14] (Facebook Inc)
HEVC Video Extensions -> C:\Program Files\WindowsApps\Microsoft.HEVCVideoExtensions_2.0.51122.0_x64__8wekyb3d8bbwe [2022-05-26] (Microsoft Corporation)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12125.8.57037.0_x64__nzyj5cx40ttqa [2022-09-14] (Apple Inc.) [Startup Task]
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1590.24.221.0_x64__8xx8rvfyw5nnt [2022-09-12] (Meta) [Startup Task]
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x64__8wekyb3d8bbwe [2021-12-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x86__8wekyb3d8bbwe [2021-12-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-12-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-12-20] (Microsoft Corporation) [MS Ad]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.1.28.0_x64__8wekyb3d8bbwe [2022-10-10] (Microsoft Corp.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-10-09] (Microsoft Studios) [MS Ad]
Movie Maker - Video Editor FREE -> C:\Program Files\WindowsApps\21336V3TApps.MovieMaker-FREE_3.5.22.0_x64__bzg06mxvgh4fa [2022-10-14] (V3TApps)
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-05-19] (Microsoft Corporation)
ms-resource:APP_WINDOW_NAME -> C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.9.0_x64__8wekyb3d8bbwe [2022-10-10] (Microsoft Corp.)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.1.32061.0_x64__8wekyb3d8bbwe [2022-10-10] (Microsoft Corporation)
ms-resource:AppxManifest_DisplayName -> C:\Windows\SystemApps\Microsoft.Windows.PrintQueueActionCenter_cw5n1h2txyewy [2022-10-10] (Microsoft Corporation)
PhotoDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PhotoDirectorforacerDesktop_8.0.5229.0_x64__ypz87dpxkv292 [2021-12-22] (CYBERLINK COM CORP)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-02-01] (Microsoft Corporation)
PowerDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PowerDirectorforacerDesktop_14.0.4304.0_x64__ypz87dpxkv292 [2022-01-19] (CYBERLINK COM CORP)
QuickAccess -> C:\Program Files\WindowsApps\AcerIncorporated.QuickAccess_3.0.3001.0_x64__48frkmn4z8aw4 [2021-01-21] (Acer Incorporated)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.169.0_x64__dt26b99r8h8gj [2019-07-07] (Realtek Semiconductor Corp)
Samsung Gallery -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.PCGallery_4.9.7.0_x64__3c1yjt4zspk6g [2022-10-08] (Samsung Electronics Co. Ltd.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0 [2022-10-17] (Spotify AB) [Startup Task]
Text Reader -> C:\Program Files\WindowsApps\13542RyanTremblay.TextReader_3.1.4.0_x64__e0ywhek3s7xze [2021-01-21] (Ryan Tremblay) [MS Ad]
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.Core_cw5n1h2txyewy [2022-10-12] (Microsoft Windows)
Zip Extractor Pro -> C:\Program Files\WindowsApps\38526MediaLife.ZipPlus_2.0.4.0_x86__1crh1k73ty8mg [2020-06-10] (Media Life)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1741543102-3776721137-2454621359-1001_Classes\CLSID\{1a46400f-4c81-802a-c2c1-1e9a687a9340}\localserver32 -> C:\Program Files\HandBrake\HandBrake.exe (HandBrake Team) [File not signed]
CustomCLSID: HKU\S-1-5-21-1741543102-3776721137-2454621359-1001_Classes\CLSID\{642ccb6b-4be1-471e-bc61-606dd9dc7c79}\localserver32 -> C:\Program Files\inPixio\inPixio Photo 11\PhotoStudioIP11.exe (InPixio) [File not signed]
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2018-12-03] () [File not signed] [File is in use]
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2018-12-03] () [File not signed] [File is in use]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_3156b3035fd88b4d\igfxDTCM.dll [2018-03-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\steve\Desktop\Google Photos.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ncmjhecbjeaamljdfahankockkkdmedg
ShortcutWithArgument: C:\Users\steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Photos.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ncmjhecbjeaamljdfahankockkkdmedg
==================== Loaded Modules (Whitelisted) =============
2022-10-14 07:08 - 2022-10-17 07:54 - 017830912 _____ () [File not signed] C:\Program Files\NordVPN\7.1.1.0\telio.DLL
2022-10-12 07:35 - 2022-10-12 07:37 - 012445184 _____ () [File not signed] C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3040.0_x64__48frkmn4z8aw4\AcerRegistration.dll
2018-12-03 22:19 - 2018-12-03 22:19 - 000126976 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll
2019-03-06 22:45 - 2007-09-18 17:44 - 000421888 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBIPDev.dll
2019-03-06 22:45 - 2007-09-10 16:03 - 000110592 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBLPBidiDev.dll
2019-03-06 22:45 - 2006-12-26 15:58 - 000233544 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBMSDev.dll
2019-03-06 22:45 - 2004-11-17 17:56 - 000286720 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBNWDev.dll
2019-03-06 22:45 - 2007-09-10 16:32 - 000135168 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBRSVC.dll
2019-03-06 22:45 - 2006-08-30 02:02 - 000106496 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\epLocalBidi.dll
2019-03-06 22:27 - 2012-11-12 16:15 - 000558592 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll
2019-03-06 22:27 - 2012-10-22 18:19 - 000219648 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enpres.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\steve\Documents\Icmeler 2021.dmsm:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\steve\Documents\Icmeler Sept Oct 2021.dmsm:Roxio EMC Stream [38]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TextInputManagementService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => ""="Memory"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TextInputManagementService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-1741543102-3776721137-2454621359-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-1741543102-3776721137-2454621359-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-1741543102-3776721137-2454621359-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-1741543102-3776721137-2454621359-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-1741543102-3776721137-2454621359-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-1741543102-3776721137-2454621359-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-1741543102-3776721137-2454621359-1001 -> DefaultScope {35FBE913-BBDB-4FAA-B95A-3143BD4E0411} URL =
SearchScopes: HKU\S-1-5-21-1741543102-3776721137-2454621359-1001 -> {35FBE913-BBDB-4FAA-B95A-3143BD4E0411} URL =
SearchScopes: HKU\S-1-5-21-1741543102-3776721137-2454621359-1002 -> DefaultScope {35FBE913-BBDB-4FAA-B95A-3143BD4E0411} URL =
SearchScopes: HKU\S-1-5-21-1741543102-3776721137-2454621359-1002 -> {35FBE913-BBDB-4FAA-B95A-3143BD4E0411} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-08-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-08-06] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-10-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-10-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-10-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-10-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-10-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-10-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-10-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-10-08] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1741543102-3776721137-2454621359-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1741543102-3776721137-2454621359-1001\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-1741543102-3776721137-2454621359-1002\...\sharepoint.com -> hxxps://strath-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 14:46 - 2017-09-29 14:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\iCLS\;C:\Program Files\Intel\Intel® Management Engine Components\iCLS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Calibre2\;C:\Program Files\dotnet\
HKU\S-1-5-21-1741543102-3776721137-2454621359-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\steve\Pictures\Photos from S20\20200924_213048.jpg
HKU\S-1-5-21-1741543102-3776721137-2454621359-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Acer01.jpg
HKU\S-1-5-21-1741543102-3776721137-2454621359-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Gillian\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\newyo.jpg
DNS Servers: 103.86.96.100 - 103.86.99.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
Network Binding:
=============
Ethernet 2: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet: NordVPN LightWeight Firewall -> NordLwf (enabled)
WiFi: NordVPN LightWeight Firewall -> NordLwf (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: Intel® Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: Intel® TPM Provisioning Service => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MyEpson Portal Service => 2
MSCONFIG\Services: MyWiFiDHCPDNS => 3
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: NeroBackItUpBackgroundService2018 => 2
MSCONFIG\Services: QASvc => 3
MSCONFIG\Services: RegSrvc => 2
MSCONFIG\Services: RstMwService => 2
MSCONFIG\Services: RtkAudioUniversalService => 2
MSCONFIG\Services: StreamingCore => 2
MSCONFIG\Services: UEIPSvc => 3
MSCONFIG\Services: ZeroConfigService => 2
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "Endeavors Technologies JukeboxPlayer"
HKLM\...\StartupApproved\Run32: => "Nero BackItUp"
HKLM\...\StartupApproved\Run32: => "ProductUpdater"
HKLM\...\StartupApproved\Run32: => "EaseUS FixTool"
HKLM\...\StartupApproved\Run32: => "iSkysoft Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-1741543102-3776721137-2454621359-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1741543102-3776721137-2454621359-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-1741543102-3776721137-2454621359-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000002"
HKU\S-1-5-21-1741543102-3776721137-2454621359-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000001"
HKU\S-1-5-21-1741543102-3776721137-2454621359-1001\...\StartupApproved\Run: => "utweb"
HKU\S-1-5-21-1741543102-3776721137-2454621359-1001\...\StartupApproved\Run: => "Web Companion"
HKU\S-1-5-21-1741543102-3776721137-2454621359-1001\...\StartupApproved\Run: => "NordVPN"
HKU\S-1-5-21-1741543102-3776721137-2454621359-1001\...\StartupApproved\Run: => "electron.app.NordPass"
HKU\S-1-5-21-1741543102-3776721137-2454621359-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1741543102-3776721137-2454621359-1001\...\StartupApproved\Run: => "EPSDNMON"
HKU\S-1-5-21-1741543102-3776721137-2454621359-1003\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1741543102-3776721137-2454621359-1003\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{524475A9-E2B2-4BB6-B111-77CB073B56C5}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22227.300.1508.3394_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{47CD995C-7640-4EA2-B902-E491EE6FFD90}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22227.300.1508.3394_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E6BD33FC-2DA9-494A-804A-9D6BD2689ABD}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12125.8.57037.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{195A09B6-FBCC-491D-B89E-F0A2227F3C00}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12125.8.57037.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F7252ECA-9CFE-40E4-AD45-7D4AF3E3FA95}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12125.8.57037.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{451D32A3-2AF9-47B1-9F78-3D81FF4366B2}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12125.8.57037.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F1BCBA6C-725B-4EFB-A614-3125EEA88A75}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12125.8.57037.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A2080328-9858-41ED-A570-6F79909B4403}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12125.8.57037.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F0992BB3-D7CD-4C10-96E2-A84DE53B14EB}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12125.8.57037.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D48F7CD0-5791-4694-B03A-46EB4458B3C4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12125.8.57037.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AF104243-EB83-4863-8AF6-91971D2BB830}] => (Allow) C:\Program Files (x86)\Nero\Nero Apps\Transfer\Transfer.exe (Nero AG -> Nero AG)
FirewallRules: [UDP Query User{D4AEB729-00CE-4595-8782-6186AFD67E91}C:\program files (x86)\google\chrome\application\chrome.exe.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{E5F53477-DD35-4C1A-AC5D-1EA8805EDE0D}C:\program files (x86)\google\chrome\application\chrome.exe.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{825C4112-119B-4B6D-9B9F-4405D2A47031}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D968E615-574A-450D-979C-C2D1EE629A81}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CD7A1BCD-905B-499F-9DEE-6F69F7EBE363}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A468DCC4-A197-478D-A556-1959647235D2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C158354D-65E7-4ACE-A1D2-9E78DF369D65}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{005D8629-9C40-4DB8-BE99-D99544A78A0F}] => (Allow) C:\Users\steve\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{DAC9F25C-4833-402F-B381-DCDFA867C337}] => (Allow) C:\Users\steve\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{421624A7-B80E-4380-97CB-48E6E6DB94CD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{97146C7B-99B4-437A-AC64-7101B5A4C313}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6BD7DCFE-22AF-4891-8DCE-19CD07655E8D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EC059BCF-5AFE-4F22-84C2-A1682F465CBA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{66B4C281-1F99-4970-84B4-25F781A17D8E}C:\program files (x86)\google\chrome\application\chrome.exe.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{78BB51ED-5D88-48F8-817C-06FBDE65EAA0}C:\program files (x86)\google\chrome\application\chrome.exe.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5EEB7081-F60A-45BE-ADF0-2E30DBC8AD5D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16040.10827.20150.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9722F32B-89D4-46D9-8C3B-E2337F9B9FA0}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel® Wireless Connectivity Solutions -> )
FirewallRules: [{FCBA071B-62BB-4133-A9A7-D361BFA1A0BB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{09EC6237-0455-4632-A697-D4D68AA27CC1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{E2924F25-34C0-4626-A9C9-19DA4B24F666}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{7C5949E0-929E-4D54-A026-E04F2F4BE8C4}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{71B9035B-6E96-481F-B4D0-8879D188A65E}] => (Allow) C:\Program Files\WindowsApps\OpenLabsLLC.58714A8CB3A31_4.0.7326.0_x64__xgwf4v8gps778\Stagelight.exe (Open Labs, LLC -> )
FirewallRules: [{D4AA9B30-D49F-40AB-B4D0-6972C69BA846}] => (Allow) C:\Program Files\WindowsApps\OpenLabsLLC.58714A8CB3A31_4.0.7326.0_x64__xgwf4v8gps778\Stagelight.exe (Open Labs, LLC -> )
FirewallRules: [{D43775B1-7D82-4961-B564-BAD29245AD03}] => (Allow) C:\Program Files\WindowsApps\OpenLabsLLC.58714A8CB3A31_4.0.7326.0_x64__xgwf4v8gps778\Stagelight.exe (Open Labs, LLC -> )
FirewallRules: [{F7769D7A-AE6B-45E3-B473-81F59F1CF973}] => (Allow) C:\Program Files\WindowsApps\OpenLabsLLC.58714A8CB3A31_4.0.7326.0_x64__xgwf4v8gps778\Stagelight.exe (Open Labs, LLC -> )
FirewallRules: [{8EBD3890-585B-4E72-A392-F0248E6A25D5}] => (Allow) C:\Program Files\WindowsApps\OpenLabsLLC.58714A8CB3A31_4.0.7326.0_x64__xgwf4v8gps778\Stagelight Container32.exe (Open Labs, LLC -> )
FirewallRules: [{C4B06792-EBC8-4B07-9AED-66B147D119DC}] => (Allow) C:\Program Files\WindowsApps\OpenLabsLLC.58714A8CB3A31_4.0.7326.0_x64__xgwf4v8gps778\Stagelight Container32.exe (Open Labs, LLC -> )
FirewallRules: [{B0AB877D-0BC9-4591-95DF-99105791A82B}] => (Allow) C:\Program Files\WindowsApps\OpenLabsLLC.58714A8CB3A31_4.0.7326.0_x64__xgwf4v8gps778\Stagelight Container32.exe (Open Labs, LLC -> )
FirewallRules: [{923C6F2D-B29D-4895-BFA1-48EB43990A10}] => (Allow) C:\Program Files\WindowsApps\OpenLabsLLC.58714A8CB3A31_4.0.7326.0_x64__xgwf4v8gps778\Stagelight Container32.exe (Open Labs, LLC -> )
FirewallRules: [{A784AB41-9E8F-46F0-9E57-AF1311F23631}] => (Allow) C:\Program Files\WindowsApps\OpenLabsLLC.58714A8CB3A31_4.0.7326.0_x64__xgwf4v8gps778\Stagelight Container64.exe (Open Labs, LLC -> )
FirewallRules: [{1FF9056C-18B8-4C4C-9D20-C003728090EE}] => (Allow) C:\Program Files\WindowsApps\OpenLabsLLC.58714A8CB3A31_4.0.7326.0_x64__xgwf4v8gps778\Stagelight Container64.exe (Open Labs, LLC -> )
FirewallRules: [{D8CD1526-D62D-4560-B9BE-5C7DD465AF66}] => (Allow) C:\Program Files\WindowsApps\OpenLabsLLC.58714A8CB3A31_4.0.7326.0_x64__xgwf4v8gps778\Stagelight Container64.exe (Open Labs, LLC -> )
FirewallRules: [{3E19D774-3AD9-40E7-8A57-3EC857B324B6}] => (Allow) C:\Program Files\WindowsApps\OpenLabsLLC.58714A8CB3A31_4.0.7326.0_x64__xgwf4v8gps778\Stagelight Container64.exe (Open Labs, LLC -> )
FirewallRules: [{17D38086-9743-4EDF-A691-D604CA563BF2}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{4C5CAB28-7A10-4992-B0C9-70236A8C60A9}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{762E09DF-D209-4C13-A0E4-3B1D507301E2}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\26\stats.com (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{972566EC-13CB-4389-975F-449D3598E771}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\26\WinWrapIDE.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{F01C3573-9E22-458A-91CE-5DB8F87466B3}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\26\stats.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{95236E62-7ACB-4C8D-8E14-7BAE7CD20548}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\26\stats.com (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{A16E47A8-211F-4C36-8DA0-694CCD4A95CB}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\26\WinWrapIDE.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{38919211-491A-4399-942E-8B30C4EA6645}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\26\stats.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [TCP Query User{1D3B44E5-7570-4F13-B04C-111E72D6FC1E}C:\users\steve\appdata\local\programs\nordpass\nordpass.exe] => (Block) C:\users\steve\appdata\local\programs\nordpass\nordpass.exe (NordPass Team) [File not signed]
FirewallRules: [UDP Query User{696A3737-CC6F-46FB-9216-570CEB929772}C:\users\steve\appdata\local\programs\nordpass\nordpass.exe] => (Block) C:\users\steve\appdata\local\programs\nordpass\nordpass.exe (NordPass Team) [File not signed]
FirewallRules: [TCP Query User{264C95F6-A57E-4E55-AF24-917262811A57}C:\users\gillian\appdata\roaming\zoom\bin\zoom.exe] => (Block) C:\users\gillian\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{636FC029-9E9F-4501-AA25-856A109525D5}C:\users\gillian\appdata\roaming\zoom\bin\zoom.exe] => (Block) C:\users\gillian\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{4835A36F-04CC-4DE4-855A-821ED5A7BBED}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{95E0497F-6442-422C-A5BD-B2E5B60AD9C7}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [TCP Query User{E64876CA-64B4-4268-981B-7174EC1A856D}C:\users\steve\appdata\local\programs\nordpass\nordpass.exe] => (Allow) C:\users\steve\appdata\local\programs\nordpass\nordpass.exe (NordPass Team) [File not signed]
FirewallRules: [UDP Query User{46FECE41-9EA8-4721-AEB5-6B713875FF5D}C:\users\steve\appdata\local\programs\nordpass\nordpass.exe] => (Allow) C:\users\steve\appdata\local\programs\nordpass\nordpass.exe (NordPass Team) [File not signed]
FirewallRules: [TCP Query User{20BBCE53-FDDF-4432-9439-48EB3077AA00}C:\users\gillian\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\gillian\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{F5079F31-EED9-4BDC-95EF-AD1FBD2D6E39}C:\users\gillian\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\gillian\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F4C5C5C3-C9F6-4105-812E-1EC951E5D0A9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{AC1911B7-9946-4256-837E-7CA77335EF4B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CAC6FE5D-65D6-40B9-BD6B-6A8D6F986BC4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AAFC051D-59C1-4873-A2B3-2A46C7984561}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{83920D0D-992D-4C25-8E2F-BCAE452B679E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C5063F36-3649-428A-B785-B4464F5DEC9B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6BC220C4-A45D-4DB1-9285-DDB455B8DF1A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BFEE4F65-D093-4A0F-AAFB-229E399335AD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{559445BB-4899-46F0-A631-9427A17EA694}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{49699C77-3F09-49D7-BA80-817796B79D47}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1A25E102-C8A8-4D63-93B0-16FCEB9537EB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2B4F197C-2A3C-4A4C-8D1C-9943A9E9822F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B0892DD2-7D00-4DE0-A1A1-423E87CD1C83}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6FE674E7-5B2E-4C76-8BA9-EA10D9BC0F65}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{93A356AC-067B-4E52-BCC0-56F5C0D143E9}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{0392F02B-EC02-45E4-99FC-3EA1C168A7EC}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\106.0.1370.47\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
21-10-2022 11:06:05 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (10/21/2022 10:39:18 AM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-T3QOQ8M)
Description: Faulting application name: ACEStd.exe, version: 1.1.3011.0, time stamp: 0x5a324be8
Faulting module name: KERNELBASE.dll, version: 10.0.22621.608, time stamp: 0x4769d08d
Exception code: 0xe0434352
Fault offset: 0x000000000008fb0c
Faulting process ID: 0x0x2440
Faulting application start time: 0x0x1d8e530f577e31b
Faulting application path: C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report ID: f72e6790-f748-46ef-a841-3a29d7d94d4e
Faulting package full name:
Faulting package-relative application ID:
Error: (10/21/2022 10:39:17 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: ACEStd.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.IOException
at System.IO.__Error.WinIOError(Int32, System.String)
at System.IO.DriveInfo.get_AvailableFreeSpace()
at ABEStd.HDDMonitor.WatchHDD()
at ABEStd.ABEManager.HardwareMonitorStart()
at ABEStd.ABEManager.ABEManagerInit()
at ABEStd.MainWindow..ctor()
Exception Info: System.Windows.Markup.XamlParseException
at System.Windows.Markup.XamlReader.RewrapException(System.Exception, System.Xaml.IXamlLineInfo, System.Uri)
at System.Windows.Markup.WpfXamlLoader.Load(System.Xaml.XamlReader, System.Xaml.IXamlObjectWriterFactory, Boolean, System.Object, System.Xaml.XamlObjectWriterSettings, System.Uri)
at System.Windows.Markup.WpfXamlLoader.LoadBaml(System.Xaml.XamlReader, Boolean, System.Object, System.Xaml.Permissions.XamlAccessLevel, System.Uri)
at System.Windows.Markup.XamlReader.LoadBaml(System.IO.Stream, System.Windows.Markup.ParserContext, System.Object, Boolean)
at System.Windows.Application.LoadBamlStreamWithSyncInfo(System.IO.Stream, System.Windows.Markup.ParserContext)
at System.Windows.Application.DoStartup()
at System.Windows.Application.<.ctor>b__1_0(System.Object)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.DispatcherOperation.InvokeImpl()
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Windows.Threading.DispatcherOperation.Invoke()
at System.Windows.Threading.Dispatcher.ProcessQueue()
at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
at System.Windows.Application.RunDispatcher(System.Object)
at System.Windows.Application.RunInternal(System.Windows.Window)
at ABEStd.App.Main()
Error: (10/20/2022 01:10:29 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-T3QOQ8M)
Description: Faulting application name: SearchHost.exe, version: 522.21701.0.0, time stamp: 0x62ed56c5
Faulting module name: ntdll.dll, version: 10.0.22621.608, time stamp: 0xf2e8a5ab
Exception code: 0xc0000005
Fault offset: 0x0000000000021d1d
Faulting process ID: 0x0x3d14
Faulting application start time: 0x0x1d8e47cf16de0ed
Faulting application path: C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report ID: 277ea7e8-09b5-4a19-b7bf-0ac9b302fe24
Faulting package full name: MicrosoftWindows.Client.CBS_1000.22634.1000.0_x64__cw5n1h2txyewy
Faulting package-relative application ID: CortanaUI
Error: (10/20/2022 01:04:43 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-T3QOQ8M)
Description: Faulting application name: ACEStd.exe, version: 1.1.3011.0, time stamp: 0x5a324be8
Faulting module name: KERNELBASE.dll, version: 10.0.22621.608, time stamp: 0x4769d08d
Exception code: 0xe0434352
Fault offset: 0x000000000008fb0c
Faulting process ID: 0x0x3704
Faulting application start time: 0x0x1d8e47c07839891
Faulting application path: C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report ID: c8889ae7-d5fe-4a1e-b965-3adf9e639d4c
Faulting package full name:
Faulting package-relative application ID:
Error: (10/20/2022 01:04:42 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: ACEStd.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.IOException
at System.IO.__Error.WinIOError(Int32, System.String)
at System.IO.DriveInfo.get_AvailableFreeSpace()
at ABEStd.HDDMonitor.WatchHDD()
at ABEStd.ABEManager.HardwareMonitorStart()
at ABEStd.ABEManager.ABEManagerInit()
at ABEStd.MainWindow..ctor()
Exception Info: System.Windows.Markup.XamlParseException
at System.Windows.Markup.XamlReader.RewrapException(System.Exception, System.Xaml.IXamlLineInfo, System.Uri)
at System.Windows.Markup.WpfXamlLoader.Load(System.Xaml.XamlReader, System.Xaml.IXamlObjectWriterFactory, Boolean, System.Object, System.Xaml.XamlObjectWriterSettings, System.Uri)
at System.Windows.Markup.WpfXamlLoader.LoadBaml(System.Xaml.XamlReader, Boolean, System.Object, System.Xaml.Permissions.XamlAccessLevel, System.Uri)
at System.Windows.Markup.XamlReader.LoadBaml(System.IO.Stream, System.Windows.Markup.ParserContext, System.Object, Boolean)
at System.Windows.Application.LoadBamlStreamWithSyncInfo(System.IO.Stream, System.Windows.Markup.ParserContext)
at System.Windows.Application.DoStartup()
at System.Windows.Application.<.ctor>b__1_0(System.Object)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.DispatcherOperation.InvokeImpl()
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Windows.Threading.DispatcherOperation.Invoke()
at System.Windows.Threading.Dispatcher.ProcessQueue()
at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
at System.Windows.Application.RunDispatcher(System.Object)
at System.Windows.Application.RunInternal(System.Windows.Window)
at ABEStd.App.Main()
Error: (10/20/2022 01:03:44 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: The program Cortana.exe version 4.2204.13303.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Error: (10/20/2022 09:47:33 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimiser couldn't complete defragmentation on \\?\Volume{3e8256e7-77ea-4da8-858a-d26293a99623}\ because: Volumes cannot be optimised due to file system type not supported. (0x8900002F)
Error: (10/20/2022 09:38:13 AM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-T3QOQ8M)
Description: Faulting application name: ACEStd.exe, version: 1.1.3011.0, time stamp: 0x5a324be8
Faulting module name: KERNELBASE.dll, version: 10.0.22621.608, time stamp: 0x4769d08d
Exception code: 0xe0434352
Fault offset: 0x000000000008fb0c
Faulting process ID: 0x0x2e50
Faulting application start time: 0x0x1d8e45a1c6db426
Faulting application path: C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report ID: 34cd06fc-0a7c-4fdb-890c-dc380f19d8bf
Faulting package full name:
Faulting package-relative application ID:
System errors:
=============
Error: (10/21/2022 10:44:03 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone.
Error: (10/21/2022 10:40:36 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T3QOQ8M)
Description: The server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} did not register with DCOM within the required timeout.
Error: (10/20/2022 01:10:59 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T3QOQ8M)
Description: The server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} did not register with DCOM within the required timeout.
Error: (10/20/2022 01:06:08 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T3QOQ8M)
Description: The server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} did not register with DCOM within the required timeout.
Error: (10/20/2022 09:56:07 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T3QOQ8M)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (10/20/2022 09:56:07 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T3QOQ8M)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (10/20/2022 09:56:07 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T3QOQ8M)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (10/20/2022 09:56:07 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T3QOQ8M)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Windows Defender:
================
Date: 2022-10-20 09:50:57
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-10-14 04:32:53
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-10-13 05:03:04
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-10-12 08:35:28
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]
Date: 2022-10-20 09:25:33
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.377.358.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19700.3
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2022-10-17 08:31:15
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.377.228.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19700.3
Error code: 0x80070102
Error description: The wait operation timed out.
CodeIntegrity:
===============
Date: 2022-10-21 10:49:43
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_3156b3035fd88b4d\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-10-21 10:48:18
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. R01-C3 04/08/2020
Motherboard: Acer B36H4-AD
Processor: Intel® Core i5-8400 CPU @ 2.80GHz
Percentage of memory in use: 70%
Total physical RAM: 8069.98 MB
Available physical RAM: 2392.96 MB
Total Virtual: 8645.98 MB
Available Virtual: 2513.93 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:465.19 GB) (Free:177.76 GB) (Model: TOSHIBA DT01ACA100) NTFS
Drive d: (Data) (Fixed) (Total:465.2 GB) (Free:458.33 GB) (Model: TOSHIBA DT01ACA100) NTFS
Drive f: () (Fixed) (Total:0 GB) (Free:0 GB) (Model: WD Elements 2621 USB Device)
Drive g: (WD Unlocker) (CDROM) (Total:0.02 GB) (Free:0 GB) UDF
\\?\Volume{af1a4e76-2cab-42a1-b627-2319125239c2}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.42 GB) NTFS
\\?\Volume{e98a5c0c-fd67-4cc4-8a80-21ad4146b416}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 2034C532)
Partition: GPT.
==========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 16F2A91F)
Partition: GPT.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 2.
==================== End of Addition.txt =======================