Go Back   Cyber Tech Help Support Forums > Software > Malware Removal

Notices

Reply
 
Topic Tools
  #1  
Old October 20th, 2021, 05:54 PM
Simple plus Naive Simple plus Naive is offline
Senior Member
 
Join Date: Jan 2002
O/S: Windows XP Pro
Location: Ontario, Canada
Posts: 233
Takes over 15 minutes to boot up

Until recently, my desktop computer has been very slow in response. It takes over 15 minutes to boot up the system. I dare not turn it off after using it but leave it on all the time. I have McAfee installed.
Here is the specifications:

Device name DESKTOP-N1N2OEO
Processor Intel(R) Core(TM) i3-8100 CPU @ 3.60GHz 3.60 GHz
Installed RAM 8.00 GB (7.83 GB usable)
System type 64-bit operating system, x64-based processor
Pen and touch No pen or touch input is available for this display

Is there enough information?
Any help is appreciated.
Thank you very much in advance.
Reply With Quote


  #2  
Old October 22nd, 2021, 05:09 PM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 52,178
Hi Simple plus Naive,

Let's scan your system.

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Reply With Quote
  #3  
Old October 22nd, 2021, 05:13 PM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 52,178
Temp disable McAfee first.
Reply With Quote
  #4  
Old October 27th, 2021, 03:34 AM
Simple plus Naive Simple plus Naive is offline
Senior Member
 
Join Date: Jan 2002
O/S: Windows XP Pro
Location: Ontario, Canada
Posts: 233
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-10-2021
Ran by ansel (administrator) on DESKTOP-N1N2OEO (Dell Inc. Inspiron 3670) (26-10-2021 22:13:11)
Running from C:\Users\ansel\Desktop
Loaded Profiles: ansel
Platform: Microsoft Windows 10 Home Version 21H1 19043.1288 (X64) Language: English (United States) -> English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12121.1.54014.0_ x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess .exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\ansel\AppData\Roaming\BitTorrent\BitTorre nt.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\ansel\AppData\Roaming\BitTorrent\helper\h elper.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\ansel\AppData\Roaming\BitTorrent\updates\ 7.10.5_46097\bittorrentie.exe <2>
(CYBERLINK CORPORATION.) C:\Program Files\WindowsApps\DB6EA5DB.Power2GoforDell_11.0.39 20.0_x86__mcezb6ze687jp\Power2Go11\CLMLSvc_P2G11.e xe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRe medationService.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAge nt.exe
(Dell Inc -> Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <24>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler. exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler6 4.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal .inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui _dch.inf_amd64_efb119a73d6b56f6\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iig d_dch.inf_amd64_9a914baee86356a0\IntelCpHDCPSvc.ex e
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iig d_dch.inf_amd64_9a914baee86356a0\IntelCpHeciSvc.ex e
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ias torac.inf_amd64_9c788f1d162b1224\RstMwService.exe
(Lavasoft Software Canada Inc. -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe
(Lavasoft Software Canada Inc. -> Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.67.0 _x64__wafk5atnkzcwy\mcafee-security.exe
(McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.67.0 _x64__wafk5atnkzcwy\Win32\mcafee-security-ft.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\mcafee\amcore\mcshield.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\mcafee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\mcafee\csp\4.6.104.0\McCSPServiceHost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\mcafee\mmsshost\MMSSHOST.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\mcafee\modulecore\ModuleCoreService.exe <3>
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\mcafee\modulecore\ProtectedModuleHost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\mcafee\pef\CORE\PEFService.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\mcafee\VSCore_21_9\mcapexe.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\MAT\McPvTray.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\mfeav\MfeAVSvc.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\msc\MfeBrowserHost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\WebAdvisor\browserhost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2109.6 305.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.1 4430.20306.0_x86__8wekyb3d8bbwe\Office16\SDXHelper .exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.ex e
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\fodhelper.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1220_no ne_7e21bc567c7ed16b\TiWorker.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\rea ltekservice.inf_amd64_18c775e07a6aaafd\RtkAudUServ ice64.exe <3>
(Rivet Networks LLC -> DELL) C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(Slack Technologies, Inc. -> Slack Technologies Inc.) C:\Users\ansel\AppData\Local\slack\app-4.20.0\slack.exe <6>
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wav esapo75de.inf_amd64_444d52e511fbcc11\WavesSvc64.ex e
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wav esapo75de.inf_amd64_444d52e511fbcc11\WavesSysSvc64 .exe
(Western Digital Technologies, Inc. -> ) C:\Program Files\WD Desktop App\wdsync.exe
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe <4>
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WDDiscoveryMonitor.exe
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files\WD Desktop App\kdd.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\Discovery\Current\WD Device Agent.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [319520 2018-08-29] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\rea ltekservice.inf_amd64_18c775e07a6aaafd\RtkAudUServ ice64.exe [1257032 2021-04-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [DellMobileConnectWelcome] => C:\Program Files\Dell\DellMobileConnectDrivers\DellMobileConn ectWStartup.exe [313064 2018-10-05] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wav esapo75de.inf_amd64_444d52e511fbcc11\WavesSvc64.ex e [1237696 2020-12-06] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [WDDiscovery] => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe [81373696 2020-07-29] (Western Digital Technologies, Inc. -> Western Digital Corporation)
HKU\S-1-5-21-3346590564-2256023101-3313217200-1001\...\Run: [BitTorrent] => C:\Users\ansel\AppData\Roaming\BitTorrent\BitTorre nt.exe [2279976 2021-10-03] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-3346590564-2256023101-3313217200-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [9123248 2021-10-08] (Lavasoft Software Canada Inc. -> Lavasoft)
HKU\S-1-5-21-3346590564-2256023101-3313217200-1001\...\Run: [btweb] => "C:\Users\ansel\AppData\Roaming\BitTorrent Web\btweb.exe" /MINIMIZED
HKU\S-1-5-21-3346590564-2256023101-3313217200-1001\...\Run: [bt] => C:\Users\ansel\AppData\Roaming\BitTorrent\BitTorre nt.exe [2279976 2021-10-03] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-3346590564-2256023101-3313217200-1001\...\Run: [PopUpStopperFreeEdition] => E:\Programs DL\Panicware\Pop-Up Stopper Free Edition\PSFree.exe [524288 2003-04-29] (Panicware, Inc.) [File not signed]
HKU\S-1-5-21-3346590564-2256023101-3313217200-1001\...\Run: [Opera Browser Assistant] => C:\Users\ansel\AppData\Local\Programs\Opera\assist ant\browser_assistant.exe [4105424 2021-10-14] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-3346590564-2256023101-3313217200-1001\...\Run: [com.squirrel.slack.slack] => C:\Users\ansel\AppData\Local\slack\slack.exe [309568 2021-10-05] (Slack Technologies, Inc. -> Slack Technologies Inc.)
HKU\S-1-5-21-3346590564-2256023101-3313217200-1001\...\MountPoints2: {4665f055-21c1-11e9-a2e2-283a4d4984aa} - "E:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-3346590564-2256023101-3313217200-1001\...\MountPoints2: {58e693f5-d271-11ea-a328-283a4d4984aa} - "E:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-3346590564-2256023101-3313217200-1001\...\MountPoints2: {a7dd4f1b-28f2-11e9-a2e7-283a4d4984aa} - "G:\WD Drive Unlock.exe" autoplay=true
HKLM\...\Windows x64\Print Processors\DELS1PC: C:\Windows\System32\spool\prtprocs\x64\DELS1pc.dll [27648 2006-09-03] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Server 2003 DDK provider)
HKLM\...\Print\Monitors\DELS1 Langmon: C:\WINDOWS\system32\DELS1L6.DLL [22016 2006-12-05] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\95.0.4638.54\Insta ller\chrmstp.exe [2021-10-25] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0ECC0EB6-2A2F-487B-8F35-BE05DA8B9A6B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-26] (Google Inc -> Google Inc.)
Task: {0F55F6A4-185D-4DBC-A6CB-CD7BE35FB18C} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4695616 2021-09-13] (McAfee, LLC -> McAfee, LLC)
Task: {1DCC3A02-9942-4920-82B6-D333D38DEFBD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAge ntFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4255648 2021-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {326287C3-57AE-48FD-ADC7-179DDD135678} - System32\Tasks\Opera scheduled Autoupdate 1548539181 => C:\Users\ansel\AppData\Local\Programs\Opera\launch er.exe [46227664 2021-10-20] (Opera Software AS -> Opera Software)
Task: {46A10940-8BD8-429A-90EB-D428478245A2} - System32\Tasks\Opera scheduled assistant Autoupdate 1548539183 => C:\Users\ansel\AppData\Local\Programs\Opera\launch er.exe [46227664 2021-10-20] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\ansel\AppData\Local\Programs\Opera\ assistant" $(Arg0)
Task: {4D35DBA0-5C67-401F-9EFA-D0C3C5F33649} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1032448 2021-08-02] (McAfee, LLC -> McAfee, LLC)
Task: {4E0475C0-063D-41FF-9170-BEBB14994EA8} - System32\Tasks\McAfee\McAfee DAT Built in test => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0. 12.663\mcdatrep.exe [1889696 2021-01-07] (McAfee, Inc. -> McAfee, LLC.)
Task: {531902F6-76CB-4039-A5DA-BC1B54BE945F} - System32\Tasks\GoogleUpdateTaskMachineCore1d57d663 d59caa0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-26] (Google Inc -> Google Inc.)
Task: {829AFE33-6E39-479B-972E-D85E53EFC301} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-26] (Google Inc -> Google Inc.)
Task: {88086ED0-A9C6-4151-BB09-DA5DF1E974B6} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistIns taller.exe [1060384 2021-08-20] (Dell Inc -> Dell Inc.)
Task: {942912BF-49AF-467F-B8B6-AAF6EB64A3F5} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NoUACCheck
Task: {9D4E8DC0-D906-40AA-B776-97B8973E2118} - System32\Tasks\Microsoft\Office\OfficeTelemetryAge ntLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4255648 2021-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {9E2E18D8-1672-4759-98AB-C5130EFB2FB1} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [110424 2021-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {A2BA84BE-A36D-4B50-8CAD-D729F8CB8AB5} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [757944 2021-05-06] (McAfee, LLC -> McAfee, LLC)
Task: {B4121A8E-B030-41D3-B1F7-5041ED3FF13D} - System32\Tasks\GoogleUpdateTaskMachineUA1d57d663d6 bbfb9 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-26] (Google Inc -> Google Inc.)
Task: {B43A0C0B-AD78-4549-AEA8-A438A09F0BEE} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [110424 2021-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {B95A8A7B-92AD-466D-86CF-678E553AB822} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe [4114288 2021-08-12] (McAfee, LLC -> McAfee, LLC)
Task: {C15D4A16-2000-4351-931E-6FF6123F1496} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [95072 2020-08-14] (Rivet Networks LLC -> DELL)
Task: {D47C8DB8-7FBE-4849-B8A2-7C331A629858} - System32\Tasks\WD Discovery Service Task ansel => C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryServi ce.exe [72704 2020-07-29] (Western Digital Technologies, Inc. -> )
Task: {DDCC5234-9D28-4D16-8C0A-89AB87D681F7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21978504 2021-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {DF50E95D-6580-4B03-9702-C77E19B1CB78} - System32\Tasks\WD Device Agent Task ansel => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Device Agent.exe [717824 2020-07-29] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
Task: {E6C4FE32-8A35-4967-A8B7-76BDE8A680FF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {ED70A5F6-A6BC-4B87-8381-8514D68BF5DC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21978504 2021-10-11] (Microsoft Corporation -> Microsoft Corporation)
"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" was unlocked. <==== ATTENTION
Task: {F93DCBAA-6B7D-4A4B-A5B9-F95221836298} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1032448 2021-08-02] (McAfee, LLC -> McAfee, LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 207.164.234.193
Tcpip\..\Interfaces\{de1717e2-7e50-41da-9a54-2e842d27e274}: [DhcpNameServer] 192.168.2.1 207.164.234.193
Tcpip\..\Interfaces\{fb039661-93b1-4598-823d-204fd5b066ab}: [DhcpNameServer] 192.168.0.1

Edge:
=======
DownloadDir: C:\Users\ansel\Downloads
Edge Notifications: HKU\S-1-5-21-3346590564-2256023101-3313217200-1001 -> hxxps//play.howstuffworks.com
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\ansel\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-19]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfeeŽ WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2021-10-20] [UpdateUrl:hxxps//sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKHKLM => not found
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2021-10-18] [Legacy] [not signed]
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2021-10-06] (McAfee, LLC -> )
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2021-10-06] (McAfee, LLC -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\ansel\AppData\Local\Google\Chrome\User Data\Default [2021-10-26]
CHR Notifications: Default -> hxxps//en.savefrom.net; hxxps//news.mingpao.com; hxxps//personal.hsbc.ca; hxxps//seekingalpha.com; hxxps//time4news.net; hxxps//twitter.com; hxxps//www.680news.com; hxxps//www.facebook.com; hxxps//www.netflix.com; hxxps//www.reddit.com; hxxps//www.sephora.com; hxxps//www.youtube.com
CHR StartupUrls: Default -> "hxxp//www.680news.com/","hxxp//www.google.ca/"
CHR DefaultSearchURL: Default -> hxxps//search.yahoo.com/search?fr=mcafee&type=E211US105G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR DefaultSuggestURL: Default -> hxxps//us.search.yahoo.com/sugg/gossip/gossip-us-partner?output=fxjson&appid=mca&source=yahoo_mcafe e_searchassist&command={searchTerms}
CHR Extension: (Slides) - C:\Users\ansel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhon fmgoek [2019-01-26]
CHR Extension: (Flash Video Downloader) - C:\Users\ansel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlh ccpdbc [2019-05-09]
CHR Extension: (Docs) - C:\Users\ansel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfi lokake [2019-01-26]
CHR Extension: (Google Drive) - C:\Users\ansel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf [2020-10-22]
CHR Extension: (YouTube) - C:\Users\ansel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo [2019-01-26]
CHR Extension: (Video Downloader professional) - C:\Users\ansel\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpin pmmpil [2021-06-19]
CHR Extension: (Sheets) - C:\Users\ansel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpeb giejap [2019-01-26]
CHR Extension: (McAfeeŽ WebAdvisor) - C:\Users\ansel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepao oicaho [2021-10-22]
CHR Extension: (Google Docs Offline) - C:\Users\ansel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdl olhkhi [2021-10-18]
CHR Extension: (Web Safety) - C:\Users\ansel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhcmdonhekjhfbjmeacdjbhlf gpjabp [2021-08-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\ansel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2021-01-30]
CHR Extension: (Live Start Page - Living Wallpapers) - C:\Users\ansel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocggccaacacpienfcgmgcihoom bokbbj [2021-10-18]
CHR Extension: (Gmail) - C:\Users\ansel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia [2020-10-25]
CHR Profile: C:\Users\ansel\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-01-09]
CHR Profile: C:\Users\ansel\AppData\Local\Google\Chrome\User Data\System Profile [2020-11-28]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [mfhcmdonhekjhfbjmeacdjbhlfgpjabp]

Opera:
=======
OPR Profile: C:\Users\ansel\AppData\Roaming\Opera Software\Opera Stable [2021-10-17]
OPR DefaultSuggestURL: Opera Stable -> hxxps//www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncod ing}&oe={outputEncoding}

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 0185561635174996mcinstcleanup; C:\ProgramData\McInstTemp0185561635174996\McInst.e xe [872896 2021-09-29] (McAfee, LLC -> McAfee, LLC)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9251696 2021-10-11] (Microsoft Corporation -> Microsoft Corporation)
R2 DCIService; C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe [3413424 2021-10-08] (Lavasoft Software Canada Inc. -> )
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [426528 2021-08-02] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3835424 2021-08-02] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [452640 2021-08-02] (Dell Technologies Inc. -> Dell Technologies Inc.)
S2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Ds api.exe [1020584 2021-07-28] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRe medationService.exe [19128 2021-07-08] (Dell Inc -> Dell INC.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38600 2021-07-20] (Dell Inc -> )
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [973040 2021-10-20] (McAfee, LLC -> McAfee, LLC)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_21_9\McApExe.exe [797576 2021-09-29] (McAfee, LLC -> McAfee, LLC)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\actwiz\McAWFwk.exe [455584 2018-07-16] (McAfee, Inc. -> McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\4.6.104.0\\McCSPServiceHost.exe [2825792 2021-08-13] (McAfee, LLC -> McAfee, LLC)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1242112 2021-09-24] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1242112 2021-09-24] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1242112 2021-09-24] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1672272 2021-09-08] (McAfee, LLC -> McAfee, LLC)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4288832 2021-08-31] (McAfee, LLC -> McAfee, LLC)
S2 RAPSService; C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe [64848 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64856 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 SmartByte Analytics Service; C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe [1630576 2020-08-14] (Rivet Networks LLC -> Rivet Networks)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2385256 2020-08-14] (Rivet Networks LLC -> Rivet Networks)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAge nt.exe [39968 2021-08-20] (Dell Inc -> Dell Inc.)
S2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinServ ice.exe [22960 2021-10-08] (Lavasoft Software Canada Inc. -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\NisSrv.exe [2467088 2020-11-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MsMpEng.exe [128376 2020-11-06] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [367096 2021-10-08] (Bitdefender SRL -> Bitdefender)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [74752 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [43400 2021-07-28] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies)
R2 McPvDrv; C:\WINDOWS\system32\drivers\McPvDrv.sys [97696 2021-07-27] (McAfee, LLC -> McAfee, LLC)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [574464 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [390656 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [90048 2021-09-28] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [526336 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [1088512 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [638464 2021-09-16] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [110080 2021-09-16] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [118784 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [256512 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [164424 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-11-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429288 2020-11-06] (Microsoft Windows -> Microsoft Corporation)
R1 wdfsconnect2017; C:\WINDOWS\system32\drivers\wdfsconnect2017.sys [468112 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2020-11-06] (Microsoft Windows -> Microsoft Corporation)
R3 wdvpnpbus; C:\WINDOWS\System32\drivers\wdvpnpbus.sys [20624 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
S4 DBUtilDrv2; \SystemRoot\System32\drivers\DBUtilDrv2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-26 22:13 - 2021-10-26 22:21 - 000032558 _____ C:\Users\ansel\Desktop\FRST.txt
2021-10-26 22:11 - 2021-10-26 22:18 - 000000000 ____D C:\FRST
2021-10-26 22:10 - 2021-10-26 22:10 - 002310656 _____ (Farbar) C:\Users\ansel\Desktop\FRST64.exe
2021-10-25 23:15 - 2021-10-25 23:15 - 000106570 _____ C:\Users\ansel\Downloads\yb1565.app-jul00720.torrent
2021-10-18 16:30 - 2021-10-21 15:32 - 000000000 ____D C:\ProgramData\McInstTemp0172691634592609
2021-10-13 07:13 - 2021-10-13 07:13 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2021-10-13 07:13 - 2021-10-13 07:13 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2021-10-13 07:12 - 2021-10-13 07:12 - 000611960 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-10-13 07:12 - 2021-10-13 07:12 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-10-13 07:12 - 2021-10-13 07:12 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-10-13 07:12 - 2021-10-13 07:12 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-10-13 07:12 - 2021-10-13 07:12 - 000011495 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-10-13 07:11 - 2021-10-13 07:11 - 001823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-10-13 07:11 - 2021-10-13 07:11 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-10-13 07:11 - 2021-10-13 07:11 - 000706536 _____ C:\WINDOWS\system32\TextShaping.dll
2021-10-13 07:11 - 2021-10-13 07:11 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-10-13 07:11 - 2021-10-13 07:11 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjec ts.dll
2021-10-13 07:11 - 2021-10-13 07:11 - 000098304 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-10-13 06:25 - 2021-10-13 06:28 - 000000000 ___HD C:\$WinREAgent
2021-10-12 10:45 - 2021-10-12 10:45 - 000000000 _____ C:\WINDOWS\invcol.tmp
2021-10-10 22:27 - 2021-10-10 22:29 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2021-10-10 22:08 - 2021-10-10 22:08 - 000000938 _____ C:\Users\ansel\Desktop\JRT.txt
2021-10-10 22:05 - 2021-10-10 22:05 - 000003656 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnele vatedTask
2021-10-10 22:03 - 2021-10-10 22:03 - 000000000 ____D C:\WINDOWS\ERUNT
2021-10-10 21:37 - 2021-10-15 21:17 - 000000000 ____D C:\AdwCleaner
2021-10-08 21:17 - 2021-10-08 21:17 - 000367096 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bddci.sys
2021-10-08 21:09 - 2021-10-08 21:09 - 000459506 _____ C:\WINDOWS\system32\perfh011.dat
2021-10-08 21:09 - 2021-10-08 21:09 - 000124278 _____ C:\WINDOWS\system32\perfc011.dat
2021-10-08 21:09 - 2021-10-08 21:07 - 000144624 _____ C:\WINDOWS\system32\perfi011.dat
2021-10-08 21:09 - 2021-10-08 21:07 - 000033402 _____ C:\WINDOWS\system32\perfd011.dat
2021-10-08 21:08 - 2021-10-08 21:08 - 000000000 ____D C:\WINDOWS\SysWOW64\ja
2021-10-08 21:08 - 2021-10-08 21:08 - 000000000 ____D C:\WINDOWS\system32\ja
2021-10-08 20:36 - 2019-10-15 13:50 - 000002060 _____ C:\WINDOWS\system32\noise.jpn
2021-10-05 22:13 - 2021-10-05 22:14 - 000039559 _____ C:\Users\ansel\Downloads\Media Release Form - JFT Online Teacher-Support Japanese Language Course.pdf
2021-10-05 22:08 - 2021-10-26 22:23 - 000000000 ____D C:\Users\ansel\AppData\Roaming\Slack
2021-10-05 22:08 - 2021-10-05 22:08 - 000002205 _____ C:\Users\ansel\Desktop\Slack.lnk
2021-10-05 22:08 - 2021-10-05 22:08 - 000000000 ____D C:\Users\ansel\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Slack Technologies Inc
2021-10-05 22:08 - 2021-10-05 22:08 - 000000000 ____D C:\Users\ansel\AppData\Local\SquirrelTemp
2021-10-05 22:08 - 2021-10-05 22:08 - 000000000 ____D C:\Users\ansel\AppData\Local\slack
2021-10-05 22:07 - 2021-10-05 22:07 - 095710016 _____ (Slack Technologies Inc.) C:\Users\ansel\Downloads\SlackSetup.exe
2021-10-03 17:26 - 2021-10-03 17:28 - 010998644 _____ C:\WINDOWS\Minidump\100321-40953-01.dmp
2021-10-03 17:26 - 2021-10-03 17:26 - 1267546630 _____ C:\WINDOWS\MEMORY.DMP
2021-10-03 04:46 - 2021-10-03 04:46 - 001313608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-10-03 04:46 - 2021-10-03 04:46 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-10-03 04:46 - 2021-10-03 04:46 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2021-10-03 04:45 - 2021-10-03 04:45 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2021-10-03 04:45 - 2021-10-03 04:45 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-10-03 04:45 - 2021-10-03 04:45 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-10-03 04:45 - 2021-10-03 04:45 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-10-03 04:45 - 2021-10-03 04:45 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2021-10-03 04:44 - 2021-10-03 04:44 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2021-10-03 04:44 - 2021-10-03 04:44 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-10-03 04:43 - 2021-10-03 04:43 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-10-03 04:43 - 2021-10-03 04:43 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-10-03 02:43 - 2021-10-21 15:44 - 000000000 ____D C:\Users\ansel\AppData\LocalLow\BitTorrent
2021-10-03 00:38 - 2021-10-15 00:38 - 000004464 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1548539183

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-26 22:26 - 2019-01-26 16:45 - 000000000 ____D C:\Users\ansel\AppData\Roaming\BitTorrent
2021-10-26 22:24 - 2021-02-11 13:51 - 000000000 ____D C:\Users\ansel\AppData\Local\BitTorrentHelper
2021-10-26 22:21 - 2019-01-26 16:52 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-26 22:18 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-26 21:49 - 2020-11-29 18:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-10-26 20:02 - 2020-12-15 19:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2021-10-26 19:52 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-26 19:52 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-10-26 13:47 - 2019-01-26 17:07 - 000000000 ____D C:\Users\ansel\AppData\Roaming\vlc
2021-10-26 13:46 - 2021-04-21 22:15 - 000000000 ____D C:\Users\ansel\Downloads\Drama
2021-10-26 10:30 - 2020-11-29 18:58 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2021-10-25 22:47 - 2019-01-26 16:53 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-25 22:47 - 2019-01-26 16:53 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-10-25 10:16 - 2019-12-07 04:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-10-24 10:46 - 2019-12-07 04:13 - 000000000 ____D C:\WINDOWS\INF
2021-10-23 01:08 - 2020-06-24 21:02 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-10-23 01:08 - 2020-06-24 21:02 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-10-23 00:58 - 2020-11-29 18:58 - 000004210 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1548539181
2021-10-23 00:58 - 2019-01-26 16:46 - 000001411 _____ C:\Users\ansel\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Opera Browser.lnk
2021-10-21 23:13 - 2020-09-24 22:08 - 000000000 ____D C:\Users\ansel\AppData\Local\ElevatedDiagnostics
2021-10-21 15:41 - 2020-07-29 21:25 - 000000000 ____D C:\Users\ansel\.wdc
2021-10-21 15:35 - 2020-12-25 22:07 - 000000000 __RSD C:\Users\ansel\Documents\McAfee Vaults
2021-10-21 15:33 - 2020-11-29 18:31 - 000000000 ____D C:\Users\ansel
2021-10-21 15:31 - 2020-11-29 18:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-10-21 15:31 - 2020-11-29 18:25 - 000008192 ___SH C:\DumpStack.log.tmp
2021-10-21 15:31 - 2019-01-05 06:32 - 000000000 ____D C:\Intel
2021-10-21 03:33 - 2020-11-29 18:58 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3346590564-2256023101-3313217200-1001
2021-10-21 03:33 - 2020-11-29 18:31 - 000002385 _____ C:\Users\ansel\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\OneDrive.lnk
2021-10-20 11:48 - 2020-07-29 21:26 - 000000000 ____D C:\Users\ansel\AppData\Roaming\WD Discovery
2021-10-18 17:25 - 2020-11-29 18:58 - 000003710 _____ C:\WINDOWS\system32\Tasks\McAfee Remediation (Prepare)
2021-10-18 17:11 - 2019-02-22 18:47 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-10-18 16:33 - 2019-01-05 06:39 - 000000000 ____D C:\Program Files\Common Files\mcafee
2021-10-18 16:31 - 2020-11-29 18:58 - 000003316 _____ C:\WINDOWS\system32\Tasks\McAfeeLogon
2021-10-18 16:29 - 2019-12-07 04:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-10-18 15:16 - 2019-12-07 04:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-10-15 05:13 - 2019-04-12 21:02 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-10-13 13:33 - 2019-01-26 16:39 - 000000000 ____D C:\Users\ansel\AppData\Local\Packages
2021-10-13 07:26 - 2020-11-29 18:25 - 000536856 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-10-13 07:23 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-10-13 07:23 - 2019-12-07 04:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-10-13 07:23 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-10-13 07:23 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-10-13 07:23 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-10-13 07:23 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-10-13 07:23 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-10-13 07:23 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-10-13 07:23 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-10-13 07:22 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-10-13 05:49 - 2019-01-27 00:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-10-13 05:31 - 2019-01-27 00:30 - 139806512 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-10-09 22:58 - 2020-11-30 13:10 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskM achineCore1d6c6a91ed0f6af
2021-10-09 22:58 - 2020-11-29 18:58 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskM achineUA
2021-10-09 22:45 - 2021-08-13 00:57 - 000000000 ___HD C:\$MfeDeepRem
2021-10-08 21:32 - 2019-01-26 16:45 - 000000000 ____D C:\Users\ansel\AppData\Local\PlaceholderTileLogoFo lder
2021-10-08 21:09 - 2020-11-29 19:43 - 000416164 _____ C:\WINDOWS\system32\prfh0404.dat
2021-10-08 21:09 - 2020-11-29 19:43 - 000125334 _____ C:\WINDOWS\system32\prfc0404.dat
2021-10-08 21:08 - 2019-12-07 04:49 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2021-10-08 21:08 - 2019-12-07 04:49 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-10-08 21:08 - 2019-12-07 04:49 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2021-10-08 21:08 - 2019-12-07 04:49 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2021-10-08 21:08 - 2019-12-07 04:49 - 000000000 ____D C:\WINDOWS\system32\winrm
2021-10-08 21:08 - 2019-12-07 04:49 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-10-08 21:08 - 2019-12-07 04:49 - 000000000 ____D C:\WINDOWS\system32\slmgr
2021-10-08 21:08 - 2019-12-07 04:49 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2021-10-08 21:08 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-10-08 21:08 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-10-08 21:08 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-10-08 21:08 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\system32\dsc
2021-10-08 21:08 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-10-08 21:08 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-10-08 21:08 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-10-08 21:08 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-10-08 21:08 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-10-08 21:08 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-10-08 21:08 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-10-08 21:08 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-10-08 21:08 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-10-08 21:08 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\servicing
2021-10-08 21:07 - 2019-12-07 04:52 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-10-08 21:07 - 2019-12-07 04:52 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-10-08 21:07 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\IME
2021-10-08 21:07 - 2019-12-07 04:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-10-08 21:07 - 2019-12-07 04:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-10-08 21:07 - 2019-12-07 04:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-10-08 20:38 - 2019-12-07 04:51 - 000000000 ____D C:\WINDOWS\OCR
2021-10-07 20:19 - 2019-02-01 07:14 - 000000000 ____D C:\Users\ansel\AppData\Local\D3DSCache
2021-10-07 19:36 - 2020-09-18 00:35 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-10-03 17:29 - 2020-11-30 00:59 - 000000000 ____D C:\WINDOWS\Minidump
2021-10-03 11:49 - 2020-11-29 18:43 - 001329746 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-10-03 11:42 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-10-03 11:38 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-10-03 11:38 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-10-03 11:38 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-10-03 11:38 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-10-03 11:38 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-10-03 11:38 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-10-03 00:51 - 2020-11-29 18:58 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-10-03 00:14 - 2020-11-29 18:58 - 000003450 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineU A1d57d663d6bbfb9
2021-10-03 00:14 - 2020-11-29 18:58 - 000003326 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineC ore1d57d663d59caa0
2021-09-28 12:02 - 2018-06-11 11:27 - 001088512 _____ (McAfee, LLC) C:\WINDOWS\system32\Drivers\mfehidk.sys
2021-09-28 12:02 - 2018-06-11 11:27 - 000574464 _____ (McAfee, LLC) C:\WINDOWS\system32\Drivers\mfeaack.sys
2021-09-28 12:02 - 2018-06-11 11:27 - 000526336 _____ (McAfee, LLC) C:\WINDOWS\system32\Drivers\mfefirek.sys
2021-09-28 12:02 - 2018-06-11 11:27 - 000390656 _____ (McAfee, LLC) C:\WINDOWS\system32\Drivers\mfeavfk.sys
2021-09-28 12:02 - 2018-06-11 11:27 - 000256512 _____ (McAfee, LLC) C:\WINDOWS\system32\Drivers\mfewfpk.sys
2021-09-28 12:02 - 2018-06-11 11:27 - 000118784 _____ (McAfee, LLC) C:\WINDOWS\system32\Drivers\mfeplk.sys
2021-09-28 12:02 - 2018-06-11 11:27 - 000090048 _____ (McAfee, LLC) C:\WINDOWS\system32\Drivers\mfeelamk.sys
2021-09-28 12:02 - 2018-06-11 11:27 - 000074752 _____ (McAfee, LLC) C:\WINDOWS\system32\Drivers\cfwids.sys

==================== Files in the root of some directories ========

2021-04-29 21:23 - 2021-04-29 21:23 - 021109568 _____ (Bandicam Company) C:\Users\ansel\bandicut-setup.exe
2021-03-08 22:46 - 2021-03-08 22:46 - 020878552 _____ (BitTorrent, Inc.) C:\Users\ansel\btweb_installer.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Reply With Quote
  #5  
Old October 27th, 2021, 03:36 AM
Simple plus Naive Simple plus Naive is offline
Senior Member
 
Join Date: Jan 2002
O/S: Windows XP Pro
Location: Ontario, Canada
Posts: 233
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-10-2021
Ran by ansel (26-10-2021 22:27:00)
Running from C:\Users\ansel\Desktop
Microsoft Windows 10 Home Version 21H1 19043.1288 (X64) (2020-11-29 23:59:31)
Boot Mode: Normal
================================================== ========


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3346590564-2256023101-3313217200-500 - Administrator - Disabled)
ansel (S-1-5-21-3346590564-2256023101-3313217200-1001 - Administrator - Enabled) => C:\Users\ansel
DefaultAccount (S-1-5-21-3346590564-2256023101-3313217200-503 - Limited - Disabled)
Guest (S-1-5-21-3346590564-2256023101-3313217200-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3346590564-2256023101-3313217200-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Disabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}
AS: McAfee VirusScan (Enabled - Up to date) {4DE344F8-6897-65B4-CED0-82B3AF2591B4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Disabled) {A57E80C3-3899-292F-ECD6-209A91801C57}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
Bandicut (HKLM-x32\...\Bandicut) (Version: 3.6.5.668 - Bandicam.com)
BitTorrent (HKU\S-1-5-21-3346590564-2256023101-3313217200-1001\...\BitTorrent) (Version: 7.10.5.46097 - BitTorrent Inc.)
Dell Digital Delivery Service (HKLM-x32\...\{DD47FCB3-5038-40CE-A02A-85F51BA03F37}) (Version: 3.6.1012.0 - Dell Products, LP)
Dell Mobile Connect Drivers (HKLM\...\{04DF02C6-E3D7-4D26-A44C-6F8A2E218D2C}) (Version: 1.3.6844 - Screenovate Technologies Ltd.)
Dell SupportAssist (HKLM\...\{9EF0AEB0-9AD2-40E6-8667-D7520C508941}) (Version: 3.10.3.3 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{900D0BCD-0B86-4DAA-B639-89BE70449569}) (Version: 5.4.1.14954 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{ec40a028-983b-4213-af2c-77ed6f6fe1d5}) (Version: 5.4.1.14954 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{795931D8-2EBF-4969-A678-4219B161F676}) (Version: 5.4.3.15135 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{555298fa-14a9-48f2-a7a0-9602f31785da}) (Version: 5.4.3.15135 - Dell Inc.)
Dell Update for Windows 10 (HKLM\...\{41D2D254-D869-4CD8-B440-5DF49083C4BA}) (Version: 4.3.0 - Dell Inc.)
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC15014EA700}) (Version: 21.001.20135 - Adobe Systems Incorporated)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 95.0.4638.54 - Google LLC)
Intel(R) Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1828.12.0.1151 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.5017 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.7.1.1012 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.369.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{aa81bdf2-96a6-4400-a596-c7d1916ce9f7}) (Version: 1.50.369.0 - Intel Corporation) Hidden
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R39 - McAfee, LLC)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 95.0.1020.30 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.14430.20306 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3346590564-2256023101-3313217200-1001\...\OneDriveSetup.exe) (Version: 21.196.0921.0007 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{8a225685-3b19-4387-b61b-830061421071}) (Version: 14.0.23918.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14430.20306 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20234 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20306 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Opera Stable 80.0.4170.63 (HKU\S-1-5-21-3346590564-2256023101-3313217200-1001\...\Opera 80.0.4170.63) (Version: 80.0.4170.63 - Opera Software)
Qualcomm WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8409 - Realtek Semiconductor Corp.)
Slack (HKU\S-1-5-21-3346590564-2256023101-3313217200-1001\...\slack) (Version: 4.20.0 - Slack Technologies Inc.)
SmartByte Drivers and Services (HKLM\...\{9668B1BB-D0FE-4C0C-800C-B1555E069A62}) (Version: 3.1.940 - Rivet Networks)
StudioTax 2018 (HKLM-x32\...\{E3B7A312-0487-4261-B76D-1C94F2FAE38B}) (Version: 14.0.4.0 - BHOK IT Consulting)
StudioTax 2019 (HKLM-x32\...\{09F18C8B-5B39-497C-8F57-1328318241F5}) (Version: 15.0.3.0 - BHOK IT Consulting)
StudioTax 2020 (HKLM\...\{A70B000F-D049-4F42-B79E-C58A07D8995C}) (Version: 16.0.3.0 - BHOK IT Consulting Inc.)
Ummy (HKU\S-1-5-21-3346590564-2256023101-3313217200-1001\...\589bbc75-bab8-5041-bad3-2b463b503e06) (Version: 1.9.64 - ITPRODUCTDEV LTD)
UmmyVideoDownloader (HKLM-x32\...\{E028DBDA-EEE7-48A0-ADF7-D250589A02C5}_is1) (Version: 1.10.7.2 - ) <==== ATTENTION
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
WD Desktop App 2.1.0.311 (HKLM-x32\...\{b8265583-535c-49a9-9196-e2e835af56a4}) (Version: 2.1.0.311 - Western Digital Corporation) Hidden
WD Desktop App 2.1.0.311 (x64) (HKLM\...\{CA7F7232-526E-41BD-971A-47BE28C18516}) (Version: 2.1.0.311 - Western Digital Corporation) Hidden
WD Discovery (HKLM-x32\...\WDDiscovery) (Version: 4.0.251 - Western Digital Technologies, Inc.)
WD SES Driver Setup (HKLM-x32\...\{924A274D-38B6-4930-8859-F3F51CFA8DDD}) (Version: 1.1.0.25 - Western Digital) Hidden
Web Companion (HKLM-x32\...\{a0bfeec8-1653-4846-b140-2f93e88f63a0}) (Version: 8.5.0.312 - Lavasoft)
WebAdvisor by McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.641 - McAfee, LLC)

Packages:
=========
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2130.2 .0_x86__kgqvnymyfvs32 [2021-10-20] (king.com)
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_13.0.10 .0_x86__m9bz608c1b9ra [2021-10-08] (Nordcurrent)
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.3. 0.0_x64__htrsf667h5kn2 [2021-08-06] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0. 92.0_x64__htrsf667h5kn2 [2021-10-08] (Dell Inc)
Dell Mobile Connect 3.3 -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobi leConnect_3.3.9809.0_x64__0vhbc3ng4wbp0 [2021-10-08] (Screenovate Technologies) [Startup Task]
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_ 3.10.6.0_x64__htrsf667h5kn2 [2021-10-03] (Dell Inc)
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_4.3.12.0_x86_ _htrsf667h5kn2 [2021-08-13] (Dell Inc)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3. 10.188.0_x64__rz1tebttyb220 [2021-10-14] (Dolby Laboratories)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.3.0_x64 __xbfy0k16fey96 [2021-10-08] (Dropbox Inc.)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64 __6mqt6hf9g46tw [2019-01-26] (Fitbit)
IntelŽ Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1. 100.3370.0_x64__8j3eq9eme6ctt [2021-10-08] (INTEL CORP) [Startup Task]
IntelŽ Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_ 3.3.0.0_x64__8j3eq9eme6ctt [2020-02-17] (INTEL CORP)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12121.1.54014.0_ x64__nzyj5cx40ttqa [2021-10-03] (Apple Inc.) [Startup Task]
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1. 7098.0_neutral__w1wdnht996qgy [2019-01-26] (LinkedIn)
McAfeeŽ Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.67.0 _x64__wafk5atnkzcwy [2021-10-20] (McAfee LLC.)
Media Suite Essentials for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.MediaSuiteEssentialsfor Dell_2.6.4028.0_x86__mcezb6ze687jp [2020-03-28] (CYBERLINK CORPORATION.)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_ 16051.14430.20306.0_x86__8wekyb3d8bbwe [2021-10-20] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.18 11.1.0_x64__8wekyb3d8bbwe [2019-01-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.18 11.1.0_x86__8wekyb3d8bbwe [2019-01-26] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_1 6051.14430.20306.0_x86__8wekyb3d8bbwe [2021-10-20] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.1 4430.20306.0_x86__8wekyb3d8bbwe [2021-10-20] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook _16051.14430.20306.0_x86__8wekyb3d8bbwe [2021-10-20] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPo int_16051.14430.20306.0_x86__8wekyb3d8bbwe [2021-10-20] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publish er_16051.14430.20306.0_x86__8wekyb3d8bbwe [2021-10-20] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireColl ection_4.10.9220.0_x64__8wekyb3d8bbwe [2021-10-08] (Microsoft Studios) [MS Ad]
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16 051.14430.20306.0_x86__8wekyb3d8bbwe [2021-10-20] (Microsoft Corporation)
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1. 0.42152.0_x64__8wekyb3d8bbwe [2021-08-11] (Microsoft Corporation)
My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_1.91.7.0_x64__htr sf667h5kn2 [2021-08-06] (Dell Inc)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64_ _mcm4njqhnhss8 [2020-07-14] (Netflix, Inc.)
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Mai n_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-10-09] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_ 1.0.0.0_x64__8wekyb3d8bbwe [2021-10-08] (Microsoft Corporation)
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticColla ge_3.27.1.0_x64__nfy108tqq3p12 [2021-02-23] (Thumbmunkeys Ltd)
Power Media Player for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerMediaPlayerforDell _14.2.3708.0_x86__mcezb6ze687jp [2021-07-14] (CYBERLINK CORPORATION.)
Power2Go for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.Power2GoforDell_11.0.39 20.0_x86__mcezb6ze687jp [2020-08-12] (CYBERLINK CORPORATION.) [Startup Task]
PowerDirector for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerDirectorforDell_15 .0.4409.0_x64__mcezb6ze687jp [2019-01-26] (CYBERLINK CORPORATION.)
SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_3.1.1001 .0_x64__rh07ty8m5nkag [2021-10-26] (Rivet Networks LLC)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0 _x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation)
Waves MaxxAudio Pro for Dell -> C:\Program Files\WindowsApps\WavesAudio.WavesMaxxAudioProforD ell_1.1.131.0_x64__fh4rh281wavaa [2019-01-26] (Waves Audio)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

SSODL: WDFSMountNotificator-wdfsconnect2017 - {7A51A9CC-AC7A-49BF-BC9E-6D4D2421ADD5} - C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
SSODL-x32: WDFSMountNotificator-wdfsconnect2017 - {7A51A9CC-AC7A-49BF-BC9E-6D4D2421ADD5} - C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
ShellServiceObjects: Virtual Storage Mount Notification -> {7A51A9CC-AC7A-49BF-BC9E-6D4D2421ADD5} => C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
ShellServiceObjects-x32: Virtual Storage Mount Notification -> {7A51A9CC-AC7A-49BF-BC9E-6D4D2421ADD5} => C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay01] -> {4F8A325E-9DAF-44B8-A825-1A14DFA0FA78} => C:\Program Files\WD Desktop App\kda.DLL [2020-05-04] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay02] -> {0176BDDE-B59A-4A1E-808B-CAD461415CCA} => C:\Program Files\WD Desktop App\kda.DLL [2020-05-04] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay03] -> {B65909D1-57AF-41F5-AB94-BEB733F62B35} => C:\Program Files\WD Desktop App\kda.DLL [2020-05-04] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay04] -> {C6C2397D-8238-4332-8935-86C39C7C165F} => C:\Program Files\WD Desktop App\kda.DLL [2020-05-04] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay05] -> {E7B3BCF9-0386-4B5F-AE6A-91B9F1423973} => C:\Program Files\WD Desktop App\kda.DLL [2020-05-04] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay06] -> {564EA121-D9DA-485D-82C2-C2ED7BFCCEAD} => C:\Program Files\WD Desktop App\kda.DLL [2020-05-04] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2021-10-06] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers1: [WDDesktopContextMenu] -> {2ee48016-4a5c-3824-9366-b8a472c09382} => C:\Program Files\WD Desktop App\kda.DLL [2020-05-04] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ContextMenuHandlers4: [WDDesktopContextMenu] -> {2ee48016-4a5c-3824-9366-b8a472c09382} => C:\Program Files\WD Desktop App\kda.DLL [2020-05-04] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\cui _component.inf_amd64_0219cc1c7085a93f\igfxDTCM.dll [2018-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2021-10-06] (McAfee, LLC -> McAfee, LLC)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-07-29 21:28 - 2020-07-29 21:28 - 001987072 _____ () [File not signed] C:\Program Files (x86)\Western Digital\Discovery\Current\ffmpeg.dll
2020-07-29 21:28 - 2020-07-29 21:28 - 000117248 _____ () [File not signed] C:\Program Files (x86)\Western Digital\Discovery\Current\swiftshader\libegl.dll
2020-07-29 21:28 - 2020-07-29 21:28 - 002250240 _____ () [File not signed] C:\Program Files (x86)\Western Digital\Discovery\Current\swiftshader\libglesv2.dl l
2020-05-04 12:42 - 2020-05-04 12:42 - 002637985 _____ () [File not signed] C:\Program Files\WD Desktop App\libfusewdfs.dll
2020-04-10 19:52 - 2020-04-10 19:52 - 001165824 _____ () [File not signed] C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.67.0 _x64__wafk5atnkzcwy\e_sqlite3.dll
2021-09-09 20:33 - 2021-09-09 20:33 - 016744448 _____ (McAfee LLC) [File not signed] C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.67.0 _x64__wafk5atnkzcwy\mcafee-security.dll
2016-01-15 12:11 - 2003-04-29 10:41 - 000034816 _____ (Panicware, Inc.) [File not signed] E:\Programs DL\Panicware\Pop-Up Stopper Free Edition\XAHook.dll
2020-08-14 22:29 - 2020-08-14 22:29 - 000122880 _____ (Rivet Networks) [File not signed] C:\Program Files\Rivet Networks\SmartByte\KillerNetworkServicePS.dll
2020-12-01 01:14 - 2020-12-01 01:14 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Inter op.dll
2020-07-29 21:28 - 2017-11-10 12:51 - 000180224 _____ (Western Digital Technologies, Inc.) [File not signed] C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\ModuleCoreService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-3346590564-2256023101-3313217200-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-3346590564-2256023101-3313217200-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-3346590564-2256023101-3313217200-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//dell17win10.msn.com/?pc=DCTE
SearchScopes: HKLM -> DefaultScope {CC6F5860-786F-4E5D-B742-CA25CE13CF2E} URL = hxxp//www.bing.com/search?q={searchTerms}&form=PRDLR1&src=IE11TR&pc=D CTE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {CC6F5860-786F-4E5D-B742-CA25CE13CF2E} URL = hxxp//www.bing.com/search?q={searchTerms}&form=PRDLR1&src=IE11TR&pc=D CTE
SearchScopes: HKLM-x32 -> DefaultScope {CC6F5860-786F-4E5D-B742-CA25CE13CF2E} URL = hxxp//www.bing.com/search?q={searchTerms}&form=PRDLR1&src=IE11TR&pc=D CTE
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {CC6F5860-786F-4E5D-B742-CA25CE13CF2E} URL = hxxp//www.bing.com/search?q={searchTerms}&form=PRDLR1&src=IE11TR&pc=D CTE
SearchScopes: HKU\S-1-5-21-3346590564-2256023101-3313217200-1001 -> DefaultScope {CC6F5860-786F-4E5D-B742-CA25CE13CF2E} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-10-04] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {7A51A9CC-AC7A-49BF-BC9E-6D4D2421ADD5}' -> No File
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-10-20] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-10-04] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: No Name -> {7A51A9CC-AC7A-49BF-BC9E-6D4D2421ADD5}' -> No File
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-10-20] (McAfee, LLC -> McAfee, LLC)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-04] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2021-10-06] (McAfee, LLC -> McAfee, LLC)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2021-10-06] (McAfee, LLC -> McAfee, LLC)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-3346590564-2256023101-3313217200-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3346590564-2256023101-3313217200-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 02:31 - 2018-09-15 02:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;%SystemRoot%\system32;%SystemRoot %;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32 \WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\Ope nSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL
HKU\S-1-5-21-3346590564-2256023101-3313217200-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Dell\Win LTBLUE 1920x1200.jpg
DNS Servers: 192.168.2.1 - 207.164.234.193
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-3346590564-2256023101-3313217200-1001\...\StartupApproved\Run: => "BitTorrent"
HKU\S-1-5-21-3346590564-2256023101-3313217200-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3346590564-2256023101-3313217200-1001\...\StartupApproved\Run: => "Opera Browser Assistant"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{9039E8F5-CD1F-431D-BC67-79FFDEABAA67}] => (Allow) C:\Program Files (x86)\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{B757B20B-900E-4B68-855B-9C5AFAECB73C}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{CFB63EA0-0507-40A3-99DA-E6EF523CC95B}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{BC47BB9A-A245-4B3D-9B62-6AEA9229A686}] => (Allow) C:\Users\ansel\AppData\Roaming\BitTorrent\BitTorre nt.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{5CACA57C-B2B2-4987-89FD-E190C8B69754}] => (Allow) C:\Users\ansel\AppData\Roaming\BitTorrent\BitTorre nt.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{A3AAB163-9C58-4312-8D95-99AB717ED27C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{75594221-AC23-4154-AED7-E69C9CF1448B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BC0FE08A-0702-4935-A41B-B92B682BD495}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{67A3A363-2E36-4E3B-8F6D-F6930402C45E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D83A18BB-E3BB-4337-9F18-A6B3AB81E2BD}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobi leConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMo bileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
FirewallRules: [{0CC87E6E-D1F6-4B8E-ABC3-98EC2A633168}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobi leConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMo bileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
FirewallRules: [{C20375F5-DBD4-442D-9BB4-52ABEA2AB179}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12121.1.54014.0_ x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CB031708-3A9A-4E82-922A-D30EB45D9C6F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12121.1.54014.0_ x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{128F2510-A007-44D4-8162-52F1A96862F4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12121.1.54014.0_ x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{71C9C07F-F618-4A20-9E94-3ED71F63F95B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12121.1.54014.0_ x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{99E44A1C-39AD-43D6-97A6-6FCBB6F383F3}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12121.1.54014.0_ x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess .exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C9DB2DB7-8409-46C1-B15C-93502DE1D845}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12121.1.54014.0_ x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess .exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A2B7AA00-6128-428F-BF2B-5B8CE6AB4B36}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12121.1.54014.0_ x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess .exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AAD5C7CF-DBDE-44D7-A221-8350EBC3DBE4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12121.1.54014.0_ x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess .exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{632C27F0-6FC8-44E7-908C-A7D0EC97AED9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A4E987D2-4C8D-420B-88D7-E4E0107CAC4D}] => (Allow) C:\Users\ansel\AppData\Local\Programs\Opera\79.0.4 143.72\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{0E4D6C1B-DB1B-41DA-A69B-C2F1BF2D7D08}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook _16051.14430.20306.0_x86__8wekyb3d8bbwe\Office16\O UTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FCD5D984-F02A-4936-9218-4248B14C45EE}] => (Allow) C:\Users\ansel\AppData\Local\Programs\Opera\80.0.4 170.63\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{63FB194F-75BA-4BC3-8403-D3F1A355A6FC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{B7FAC059-21D8-4AC9-A15E-E2AF008D00C0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x8 6__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2798533E-7485-43E2-B158-DF7FD5A4F026}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x8 6__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3852F302-3D58-483E-8D06-3C0957074138}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x8 6__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7D603DC8-07DC-4828-9C21-70372EE4963F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x8 6__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

19-10-2021 19:21:10 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (10/26/2021 08:05:04 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimiser couldn't complete retrim on Dell Portable Hard Drive (E because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (10/26/2021 08:04:55 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimiser couldn't complete retrim on OS (C because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (10/25/2021 11:36:56 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Pop-Up Stopper Free Edition because of this error.

Program: Pop-Up Stopper Free Edition
File:

The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.

Additional Data
Error value: C000026E
Disk type: 0

Error: (10/25/2021 11:36:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: PSFree.exe, version: 3.1.0.1010, time stamp: 0x3eaeb8f8
Faulting module name: PSFree.exe, version: 3.1.0.1010, time stamp: 0x3eaeb8f8
Exception code: 0xc0000006
Fault offset: 0x0000dea8
Faulting process ID: 0x13a8
Faulting application start time: 0x01d7c6bb430019ed
Faulting application path: E:\Programs DL\Panicware\Pop-Up Stopper Free Edition\PSFree.exe
Faulting module path: E:\Programs DL\Panicware\Pop-Up Stopper Free Edition\PSFree.exe
Report ID: 9c3e82b5-277c-4a84-bd4f-d55c4b9adcac
Faulting package full name:
Faulting package-relative application ID:

Error: (10/19/2021 01:34:03 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimiser couldn't complete retrim on Dell Portable Hard Drive (E because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (10/19/2021 01:33:42 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimiser couldn't complete retrim on OS (C because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (10/18/2021 11:41:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program StartMenuExperienceHost.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 21c0

Start Time: 01d7c45da342089f

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.Windows.StartMenuE xperienceHost_cw5n1h2txyewy\StartMenuExperienceHos t.exe

Report Id: 5cfee138-fa78-43b9-bbeb-8f86e707b729

Faulting package full name: Microsoft.Windows.StartMenuExperienceHost_10.0.190 41.1023_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: App

Hang type: Quiesce

Error: (10/18/2021 03:33:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program mcafee-security.exe version 2.1.67.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 298c

Start Time: 01d7c45e0d75b1ce

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.67.0 _x64__wafk5atnkzcwy\mcafee-security.exe

Report Id: fb88e57e-89bd-40df-8465-a677c0c30aea

Faulting package full name: 5A894077.McAfeeSecurity_2.1.67.0_x64__wafk5atnkzcw y

Faulting package-relative application ID: App

Hang type: Quiesce


System errors:
=============
Error: (10/25/2021 10:35:01 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.

Error: (10/25/2021 10:16:30 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-N1N2OEO)
Description: The server {209500FC-6B45-4693-8871-6296C4843751} did not register with DCOM within the required timeout.

Error: (10/24/2021 09:34:57 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.

Error: (10/21/2021 03:48:01 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.

Error: (10/21/2021 03:47:53 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.

Error: (10/21/2021 03:47:33 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.

Error: (10/21/2021 03:47:32 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.

Error: (10/21/2021 03:46:55 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.


Windows Defender:
================
Date: 2021-04-10 03:00:05
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-04-10 01:03:02
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.335.531.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18000.5
Error code: 0x80070643
Error description: Fatal error during installation.

Date: 2021-04-10 00:58:48
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.327.453.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17600.5
Error code: 0x80070102
Error description: The wait operation timed out.

Date: 2021-04-10 00:52:47
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.327.453.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17600.5
Error code: 0x80240022
Error description: The program can't check for definition updates.

Date: 2021-04-10 00:52:47
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.327.453.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17600.5
Error code: 0x80240022
Error description: The program can't check for definition updates.

CodeIntegrity:
===============
Date: 2021-10-26 21:55:24
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Common Files\mcafee\modulecore\ProtectedModuleHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\mcafee.com\agent\WSCLLCGlobalSign.exe that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-10-26 21:55:24
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Common Files\mcafee\modulecore\ProtectedModuleHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\mcafee\platform\core\vtploader.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-10-26 21:55:24
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost. exe) attempted to load \Device\HarddiskVolume4\Program Files\mcafee\mfeav\AMSIExt.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: Dell Inc. 1.5.9 10/09/2018
Motherboard: Dell Inc. 0H4VK7
Processor: Intel(R) Core(TM) i3-8100 CPU @ 3.60GHz
Percentage of memory in use: 87%
Total physical RAM: 8018.38 MB
Available physical RAM: 1032.91 MB
Total Virtual: 12342.44 MB
Available Virtual: 2063.21 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:917.4 GB) (Free:178.65 GB) NTFS
Drive e: (Dell Portable Hard Drive) (Fixed) (Total:1863.01 GB) (Free:147.3 GB) NTFS

\\?\Volume{5246f91b-05b3-4446-965d-e0262a5f65f4}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.49 GB) NTFS
\\?\Volume{92aaff4f-345f-438a-afb9-49d3a45956fe}\ (Image) (Fixed) (Total:11.26 GB) (Free:0.21 GB) NTFS
\\?\Volume{cdea561f-4abf-4c15-8fdd-0df8fb7d25c2}\ (DELLSUPPORT) (Fixed) (Total:1.12 GB) (Free:0.26 GB) NTFS
\\?\Volume{d05e81ea-e0ad-4f9e-8289-9d8d613b4772}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.57 GB) FAT32

==================== MBR & Partition Table ====================

================================================== ========
Disk: 0 (Size: 931.5 GB) (Disk ID: E3650682)

Partition: GPT.

================================================== ========
Disk: 1 (Size: 1863 GB) (Disk ID: 527985AC)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================
Reply With Quote
  #6  
Old October 28th, 2021, 12:33 PM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 52,178
BitTorrent is your problem there. It runs at startup and tries to connect to the web, and is a prime source of malware.


In the search box on the taskbar, type Control Panel and select it from the results. Select Programs > Programs and Features. Press and hold (or right-click) on the program you want to remove and select Uninstall or Uninstall/Change.

BitTorrent
Web Companion (undesirable software).

Reboot after.
Reply With Quote
  #7  
Old October 29th, 2021, 02:15 AM
Simple plus Naive Simple plus Naive is offline
Senior Member
 
Join Date: Jan 2002
O/S: Windows XP Pro
Location: Ontario, Canada
Posts: 233
I need BitRorrent on this computer.
Is there a way I can stop it from running at startup and launch it whenever I want to?
Thank you.
Reply With Quote
  #8  
Old October 29th, 2021, 02:31 PM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 52,178
Need? Torrent software is for stealing software. Uninstall it.
Reply With Quote
  #9  
Old October 31st, 2021, 03:53 AM
Simple plus Naive Simple plus Naive is offline
Senior Member
 
Join Date: Jan 2002
O/S: Windows XP Pro
Location: Ontario, Canada
Posts: 233
ok. I will. Thank you for your help.
Reply With Quote
Reply

Bookmarks

Topic Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump




All times are GMT +1. The time now is 05:58 AM.