Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Register a free account to unlock additional features at BleepingComputer.com

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Latest News: NSA shares zero-trust guidance to limit adversaries on the network

Featured Deal: Enjoy quick, compatible data transfers with this $59.99 portable SSD

Latest Buyer's Guide: Hotspot Shield VPN review

can't get rid of Trojans: Wacatac.B!ml and Phonzy.B!ml

Started by FlaxenV , Feb 26 2024 05:10 PM

Next

Please log in to reply

32 replies to this topic

#1 FlaxenV

Members
19 posts
OFFLINE

Gender:Male
Local time:09:58 PM

Posted 26 February 2024 - 05:10 PM

Hello,

Problem: Microsoft Defender is identifying 2 Trojan threats within several files. When I try to remove and/or quarantine using Defender nothing happens and the threat remains. I regularly run Malware Bytes and it is not picking up any issues. I ran AdwCleaner since receiving these warnings and it didn’t pick up anything either.

Background:

I am the sole user of the computer and have 3 user profiles to keep work and personal separate.

I received an email from Microsoft Defender stating that I had a security problem. I ignored it assuming it was spam as I have never received alerts from Microsoft previously and there were no warnings on my computer. However, I continued getting these alerts and then went into Security and could see the alert notifications referencing the threats and associated files. The files were supposedly in the temp folder and were pdfs. I am not sure if this is a false positive since I couldn’t find the files. At this point I have tried a few things that primarily involved uninstalling recently downloaded software (eg. updated Brother printer utility that had a lot of bloatware) and haven't had any luck.

Please let me know if you need any further information or if I have not follwed instructions correctly. Thank you!

Logs pasted below.

--------

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26.02.2024 01
Ran by jenfr (administrator) on XPS15 (Dell Inc. XPS 15 9520) (26-02-2024 15:15:38)
Running from C:\Users\jenfr\Downloads\FRST64.exe
Loaded Profiles: jenfr & CBT_MKE
Platform: Microsoft Windows 11 Home Version 23H2 22631.3155 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(C:\Program Files\Google\Drive File Stream\87.0.2.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\87.0.2.0\crashpad_handler.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe <2>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(drivers\RivetNetworks\Killer\KNDBWMService.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWM.exe
(DriverStore\FileRepository\ipf_cpu.inf_amd64_07e81e065fff923d\ipf_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_07e81e065fff923d\ipf_helper.exe
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\87.0.2.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe <2>
(explorer.exe ->) (Qisda Corporation -> Dell Inc.) C:\Program Files\Dell\Dell Display Manager 2\DDM.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <9>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe <2>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dtt_sw.inf_amd64_3ea1838906a8645a\ipfsvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorvd.inf_amd64_346bd04e375689ec\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_734897ab1d4f1106\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_07e81e065fff923d\ipf_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_ab7d4ea1d12c01d4\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_90ff6c7fe29f9dcf\Intel_PIE_Service.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_29fd1afabcf5470c\AS\IAS\IntelAudioService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncHelper.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_3fdff41f99f01256\Display.NvContainer\NVDisplay.Container.exe <3>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_04ff63d068f8c626\RtkAudUService64.exe <5>
(services.exe ->) (Shenzhen Goodix Technology Co., Ltd. -> Goodix) C:\Windows\System32\drivers\GoodixSessionService.exe
(services.exe ->) (Texas Instruments Inc. -> Texas Instuments) C:\Windows\System32\TISmartAmpService.exe <2>
(services.exe ->) (Waves Inc -> Waves Audio Ltd) C:\Windows\System32\DriverStore\FileRepository\wavesapo11de.inf_amd64_d4eabf4492fbb4d5\WavesAudioService.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo11de.inf_amd64_d4eabf4492fbb4d5\WavesSysSvc64.exe
(sihost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5336.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(sihost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2402.13002.0_x64__8wekyb3d8bbwe\MicrosoftSecurityApp\MicrosoftSecurityApp.exe
(svchost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5336.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
(winlogon.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LogonUI.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_04ff63d068f8c626\RtkAudUService64.exe [1961360 2023-11-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo11de.inf_amd64_d4eabf4492fbb4d5\WavesSvc64.exe [5147784 2023-04-26] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [I17A] => C:\WINDOWS\twain_32\Brimi17a\Common\TwDsUiLaunch.exe [86128 2020-03-25] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [145344 2019-07-26] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3591168 2022-10-09] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3146752 2022-02-07] (Brother Industries, Ltd.) [File not signed]
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\87.0.2.0\GoogleDriveFS.exe [59681568 2024-02-26] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\87.0.2.0\GoogleDriveFS.exe [59681568 2024-02-26] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-883358396-3808688255-3020804061-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2598328 2024-02-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-883358396-3808688255-3020804061-1001\...\Run: [MicrosoftEdgeAutoLaunch_D3A6C3E91BD871936DC5E531BD1851E5] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4067896 2024-02-23] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-883358396-3808688255-3020804061-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\87.0.2.0\GoogleDriveFS.exe [59681568 2024-02-26] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-883358396-3808688255-3020804061-1002\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2598328 2024-02-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-883358396-3808688255-3020804061-1002\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\87.0.2.0\GoogleDriveFS.exe [59681568 2024-02-26] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-883358396-3808688255-3020804061-1002\...\Run: [MicrosoftEdgeAutoLaunch_B14DBBE1EF03929244E921C90BE13BF3] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4067896 2024-02-23] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-883358396-3808688255-3020804061-1003\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2598328 2024-02-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-883358396-3808688255-3020804061-1003\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\87.0.2.0\GoogleDriveFS.exe [59681568 2024-02-26] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-883358396-3808688255-3020804061-1003\...\Run: [MicrosoftEdgeAutoLaunch_840607CA24A5D0C24227941372696879] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4067896 2024-02-23] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\87.0.2.0\GoogleDriveFS.exe [59681568 2024-02-26] (Google LLC -> Google, Inc.)
Startup: C:\Users\jenfr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DDM2.0.lnk [2023-05-12]
ShortcutTarget: DDM2.0.lnk -> C:\Program Files\Dell\Dell Display Manager 2\DDM.exe (Qisda Corporation -> Dell Inc.)
Startup: C:\Users\jenfr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2024-02-11]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {3227B638-B8A6-40A8-83AD-794C71C7F449} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {5D041810-97D2-4EA6-934E-1733CC0BB845} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2023-05-17] (Google LLC -> Google LLC)
Task: {55BE7223-3F37-446B-895E-25F560226D1C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2023-05-17] (Google LLC -> Google LLC)
Task: {78364180-D466-4D18-BFD1-DBBD2156E348} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28372672 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {2B0474E3-839C-471B-A191-F35E2FB21983} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28372672 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {D8BE30A7-1D86-46AC-B9E5-B0B696A70622} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306328 2024-02-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {FF03F752-5B41-4D45-BB3A-141849404F20} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306328 2024-02-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {4598E73D-40C9-4C4B-BC23-44F17B6099A3} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170128 2024-02-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {50F32D3E-D56E-4195-B2FB-A6BE31A33802} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {37F713F0-AA6B-4D28-B5B4-371180EF7E9A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1F14CEF8-8471-44A4-8055-9C2077268A15} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0E958038-74C6-467C-B637-411001DB902D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {08221277-2463-4F39-A88D-27DD758F6523} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671136 2024-02-20] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {06AA380A-0732-42CD-AECD-9FDE5C07F53B} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-883358396-3808688255-3020804061-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671136 2024-02-20] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {42295D81-B8C7-4D66-A5D8-01484F43218C} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-883358396-3808688255-3020804061-1002 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671136 2024-02-20] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {258934B9-7825-4AA6-A94F-7312412CEE8C} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-883358396-3808688255-3020804061-1003 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671136 2024-02-20] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {7C9F7FB2-81F4-4728-97AE-2E26E3343781} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34720 2024-02-20] (Mozilla Corporation -> Mozilla Foundation)
Task: {C77AB6C0-B0CC-48DB-9307-AAD139861E27} - System32\Tasks\MyDell.Updater => %ProgramFiles%\Dell\MyDell\Updater\MyDell.Updater.exe (No File)
Task: {F1A59870-76DB-457E-BE36-F6EC820CF2DD} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-01] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {D8A2D1A8-0426-4529-95C1-980B4EEBE8E7} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-01] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6D823D0B-EBD3-4D17-8C2D-2ABCBB0397B4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-01] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {03304366-E18E-4CAD-866E-AAFFC3023C20} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-01] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9264D698-301E-4F03-A98E-F77097BEC79D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-01] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CF68D83A-4ADF-4D7F-9855-22F25E59CE36} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-01] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DFB335BD-4FCA-4120-AC32-16E7CAF82D47} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-01] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1AC51A07-219D-4E05-84A5-6F050B031A66} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-01] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {14A0A089-09ED-4D19-8BE5-EE35F7FAF597} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-01] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4B602E62-3A48-4691-B9CC-3D333CC6B0AC} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130320 2024-02-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {EA08AD32-FC12-4C80-9921-73622163C669} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-883358396-3808688255-3020804061-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130320 2024-02-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {3C7D0F7F-2F3A-4443-AE9C-7972F1B9DFF8} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-883358396-3808688255-3020804061-1002 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130320 2024-02-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {79BBF1F3-49F2-46A0-8B73-B12C3404B006} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-883358396-3808688255-3020804061-1003 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130320 2024-02-14] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{76675811-5d92-43df-8de8-79eb90cacd06}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{76675811-5d92-43df-8de8-79eb90cacd06}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{76675811-5d92-43df-8de8-79eb90cacd06}: [DhcpDomain] attlocal.net
Tcpip\..\Interfaces\{76675811-5d92-43df-8de8-79eb90cacd06}\14E6F64697E6560234F666665656D2745756374775966496: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{76675811-5d92-43df-8de8-79eb90cacd06}\14E6F64697E6560234F666665656D2745756374775966496: [DhcpNameServer] 10.5.50.1
Tcpip\..\Interfaces\{76675811-5d92-43df-8de8-79eb90cacd06}\36F6C65636479667F6: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{76675811-5d92-43df-8de8-79eb90cacd06}\36F6C65636479667F6: [DhcpNameServer] 208.67.222.123 208.67.220.123
Tcpip\..\Interfaces\{76675811-5d92-43df-8de8-79eb90cacd06}\36F6C65636479667F6: [DhcpDomain] localdomain
Tcpip\..\Interfaces\{76675811-5d92-43df-8de8-79eb90cacd06}\64C6168756E686F6666623E243: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{76675811-5d92-43df-8de8-79eb90cacd06}\64C6168756E686F6666623E243: [DhcpNameServer] 192.168.48.1
Tcpip\..\Interfaces\{76675811-5d92-43df-8de8-79eb90cacd06}\64C6168756E686F6666623E243: [DhcpDomain] attlocal.net
Tcpip\..\Interfaces\{76675811-5d92-43df-8de8-79eb90cacd06}\D405C475942554C4543535: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{76675811-5d92-43df-8de8-79eb90cacd06}\D405C475942554C4543535: [DhcpNameServer] 10.101.8.10
Tcpip\..\Interfaces\{76675811-5d92-43df-8de8-79eb90cacd06}\D405C475942554C4543535: [DhcpDomain] mpl.org

Edge:
=======
Edge Profile: C:\Users\jenfr\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-26]
Edge Extension: (Google Docs Offline) - C:\Users\jenfr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-06]
Edge Extension: (Edge relevant text changes) - C:\Users\jenfr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-26]

FireFox:
========
FF DefaultProfile: usi9fye1.default
FF ProfilePath: C:\Users\jenfr\AppData\Roaming\Mozilla\Firefox\Profiles\usi9fye1.default [2023-04-25]
FF ProfilePath: C:\Users\jenfr\AppData\Roaming\Mozilla\Firefox\Profiles\5iw0amtv.default-release [2024-02-26]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-02-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-02-10] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-02-04] (Microsoft Corporation -> Microsoft Corporation)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [321536 2022-01-26] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14048768 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [49880 2023-10-26] (Dell Inc -> )
R2 dptftcs; C:\WINDOWS\System32\DriverStore\FileRepository\dtt_sw.inf_amd64_3ea1838906a8645a\ipfsvc.exe [546416 2022-12-19] (Intel Corporation -> Intel Corporation)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [43784 2023-09-25] (Intel Corporation -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [240392 2023-09-25] (Intel Corporation -> Intel)
R3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncHelper.exe [3515936 2024-02-14] (Microsoft Corporation -> Microsoft Corporation)
S2 Intel® Platform License Manager Service; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_fc84dfa25a6a7727\lib\PlatformLicenseManagerService.exe [741488 2023-12-14] (Intel Corporation -> Intel® Corporation)
R2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_29fd1afabcf5470c\AS\IAS\IntelAudioService.exe [530520 2023-10-18] (Intel Corporation -> Intel)
R2 ipfsvc; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_07e81e065fff923d\ipf_uf.exe [2781312 2022-12-13] (Intel Corporation -> Intel Corporation)
S3 KAPSService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KAPSService.exe [78088 2023-07-13] (Intel Corporation -> Intel® Corporation)
R2 Killer Analytics Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [2480944 2023-07-13] (Intel Corporation -> Intel)
R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2981168 2023-07-13] (Intel Corporation -> Intel)
R3 KNDBWM; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [78128 2023-07-13] (Intel Corporation -> Intel® Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9410296 2024-01-29] (Malwarebytes Inc. -> Malwarebytes)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_3fdff41f99f01256\Display.NvContainer\NVDisplay.Container.exe [1274992 2024-02-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.020.0128.0003\OneDriveUpdaterService.exe [3853856 2024-02-14] (Microsoft Corporation -> Microsoft Corporation)
R2 SessionSvc; C:\WINDOWS\System32\drivers\GoodixSessionService.exe [45344 2023-12-15] (Shenzhen Goodix Technology Co., Ltd. -> Goodix)
R2 TISmartAmpService; C:\WINDOWS\System32\TISmartAmpService.exe [537344 2022-02-07] (Texas Instruments Inc. -> Texas Instuments)
R2 WavesAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo11de.inf_amd64_d4eabf4492fbb4d5\WavesAudioService.exe [160904 2023-04-26] (Waves Inc -> Waves Audio Ltd)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 DellInstrumentation; C:\WINDOWS\System32\drivers\DellInstrumentation.sys [46528 2023-03-14] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
S3 DellPairDriver; C:\WINDOWS\System32\drivers\DellPairDriver.sys [74136 2022-12-05] (IndiLogic LLC -> Dell Inc.)
R1 googledrivefs31357; C:\WINDOWS\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2023-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 iaLPSS2_GPIO2_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_5559a053c66c287c\iaLPSS2_GPIO2_ADL.sys [139928 2021-12-09] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_adl.inf_amd64_1c06c20c35bb4d6d\iaLPSS2_I2C_ADL.sys [209552 2021-12-09] (Intel Corporation -> Intel Corporation)
S3 iaLPSS2_SPI_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_spi_adl.inf_amd64_cffe3669158cf91b\iaLPSS2_SPI_ADL.sys [160920 2021-12-09] (Intel Corporation -> Intel Corporation)
S3 iaLPSS2_UART2_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_uart2_adl.inf_amd64_a12d81aa08d530a8\iaLPSS2_UART2_ADL.sys [318616 2021-12-09] (Intel Corporation -> Intel Corporation)
R0 iaStorVD; C:\WINDOWS\System32\drivers\iaStorVD.sys [1605296 2022-09-16] (Intel Corporation -> Intel Corporation)
R3 IntcUSB; C:\WINDOWS\System32\DriverStore\FileRepository\intcusb.inf_amd64_bc398e7169495415\IntcUSB.sys [922712 2023-10-18] (Intel Corporation -> Intel® Corporation)
R3 IntelGNA; C:\WINDOWS\System32\DriverStore\FileRepository\gna.inf_amd64_04d4eecc5838a558\gna.sys [88776 2022-06-23] (Intel Corporation -> Intel Corporation)
S3 Intel_NF_I2C; C:\WINDOWS\System32\DriverStore\FileRepository\intel_nf_i2c_child.inf_amd64_a329fd450939b60d\Intel_NF_I2C.sys [222856 2022-12-13] (Intel Corporation -> Intel Corporation)
R3 ipf_acpi; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_acpi.inf_amd64_6808233353fa1d56\ipf_acpi.sys [87168 2022-12-13] (Intel Corporation -> Intel Corporation)
R3 ipf_cpu; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_07e81e065fff923d\ipf_cpu.sys [80512 2022-12-13] (Intel Corporation -> Intel Corporation)
R3 ipf_lf; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_07e81e065fff923d\ipf_lf.sys [445056 2022-12-13] (Intel Corporation -> Intel Corporation)
R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo11X64.sys [209200 2023-07-13] (Intel Corporation -> Rivet Networks, LLC.)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223296 2024-02-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-04-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-02-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsl88110e0a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8E001661-D7AD-4E68-8C3D-72F7CDE724B9}\MpKslDrv.sys [272664 2024-02-26] (Microsoft Windows -> Microsoft Corporation)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2023-04-08] (Nvidia Corporation -> NVIDIA Corporation)
R3 nvpcf; C:\WINDOWS\System32\drivers\nvpcf.sys [235016 2024-02-15] (NVIDIA Corporation -> NVIDIA Corporation)
S3 rtu53cx22x64; C:\WINDOWS\System32\DriverStore\FileRepository\rtu53cx22x64sta.inf_amd64_0a6b2668b96622b9\rtu53cx22x64.sys [887688 2023-03-16] (Realtek Semiconductor Corp. -> Realtek Corporation)
S3 rtux64w10; C:\WINDOWS\System32\DriverStore\FileRepository\rtux64w10.inf_amd64_03831aeaaa2c730e\rtux64w10.sys [683520 2022-05-06] (Microsoft Windows -> Realtek Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-06] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2023-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WiManHu; C:\WINDOWS\System32\DriverStore\FileRepository\wiman.inf_amd64_e8edc74538613ea4\WiManHu\WiManHu.sys [211624 2023-12-18] (Intel Corporation -> Intel Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-02-26 15:15 - 2024-02-26 15:15 - 000000000 ____D C:\Users\jenfr\Downloads\FRST-OlderVersion
2024-02-26 15:12 - 2024-02-26 15:12 - 000000000 ___HD C:\OneDriveTemp
2024-02-26 13:02 - 2024-02-26 13:02 - 008797968 _____ (Malwarebytes) C:\Users\jenfr\Downloads\adwcleaner(1).exe
2024-02-25 15:43 - 2024-02-25 15:43 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2024-02-25 15:38 - 2024-02-17 05:38 - 002031464 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-02-25 15:38 - 2024-02-17 05:38 - 002031464 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-02-25 15:38 - 2024-02-17 05:38 - 001578752 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-02-25 15:38 - 2024-02-17 05:38 - 001578752 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-02-25 15:38 - 2024-02-17 05:38 - 001487904 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2024-02-25 15:38 - 2024-02-17 05:38 - 001445224 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-02-25 15:38 - 2024-02-17 05:38 - 001445224 _____ C:\WINDOWS\system32\vulkan-1.dll
2024-02-25 15:38 - 2024-02-17 05:38 - 001295208 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-02-25 15:38 - 2024-02-17 05:38 - 001295208 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2024-02-25 15:38 - 2024-02-17 05:38 - 001227296 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2024-02-25 15:38 - 2024-02-17 05:35 - 001046152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2024-02-25 15:38 - 2024-02-17 05:35 - 000669816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2024-02-25 15:38 - 2024-02-17 05:35 - 000505456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2024-02-25 15:38 - 2024-02-17 05:34 - 002173448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2024-02-25 15:38 - 2024-02-17 05:34 - 001625096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2024-02-25 15:38 - 2024-02-17 05:34 - 001541640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2024-02-25 15:38 - 2024-02-17 05:34 - 001199112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2024-02-25 15:38 - 2024-02-17 05:34 - 001024032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2024-02-25 15:38 - 2024-02-17 05:34 - 000842272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2024-02-25 15:38 - 2024-02-17 05:34 - 000786952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2024-02-25 15:38 - 2024-02-17 05:33 - 016033824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2024-02-25 15:38 - 2024-02-17 05:33 - 012928032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2024-02-25 15:38 - 2024-02-17 05:33 - 006780528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2024-02-25 15:38 - 2024-02-17 05:33 - 005773448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2024-02-25 15:38 - 2024-02-17 05:33 - 003721760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2024-02-25 15:38 - 2024-02-17 05:33 - 000459272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2024-02-25 15:38 - 2024-02-17 05:32 - 005912712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2024-02-25 15:38 - 2024-02-17 05:32 - 000853000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2024-02-25 15:38 - 2024-02-17 05:31 - 006030584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2024-02-25 15:38 - 2024-02-15 10:42 - 000119184 _____ C:\WINDOWS\system32\nvinfo.pb
2024-02-21 10:35 - 2024-02-21 10:35 - 001213795 _____ C:\Users\CBT_MKE\Downloads\August-6-Teleseminar.pdf
2024-02-20 17:32 - 2024-02-20 17:32 - 000000383 _____ C:\Users\jenfr\Downloads\Backup-codes-jen.francis1.txt
2024-02-20 17:28 - 2024-02-20 17:29 - 000046757 _____ C:\Users\jenfr\Downloads\Addition.txt
2024-02-20 17:27 - 2024-02-26 15:16 - 000033248 _____ C:\Users\jenfr\Downloads\FRST.txt
2024-02-20 17:25 - 2024-02-26 15:15 - 000000000 ____D C:\FRST
2024-02-20 17:20 - 2024-02-26 15:15 - 002386944 _____ (Farbar) C:\Users\jenfr\Downloads\FRST64.exe
2024-02-20 14:50 - 2024-02-20 14:51 - 008797968 _____ (Malwarebytes) C:\Users\jenfr\Downloads\adwcleaner.exe
2024-02-20 13:41 - 2024-02-20 14:33 - 000553642 _____ C:\WINDOWS\ntbtlog.txt
2024-02-20 13:41 - 2024-02-20 13:41 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2024-02-20 13:24 - 2024-02-20 13:24 - 000000128 _____ C:\Users\jenfr\AppData\LocalLow\48efb6e00dfe354ed4139123e9b35089d2d86424274e14250c30b27cae920926
2024-02-20 13:24 - 2024-02-20 13:24 - 000000026 _____ C:\Users\jenfr\AppData\LocalLow\da7068dc0fa153cbfafb66cba6e437fe55284af4bd99acf3dea49367f07092b0
2024-02-20 12:07 - 2024-02-20 12:07 - 000000000 ____D C:\Users\Boss\AppData\Local\mbam
2024-02-20 12:00 - 2024-02-20 12:43 - 000025438 _____ C:\Users\Boss\AppData\LocalLow\1abc63b7c987f217521b29e18445c9b2a0b8a27bd4397fcda74dd662205af57f
2024-02-20 12:00 - 2024-02-20 12:00 - 000000026 _____ C:\Users\Boss\AppData\LocalLow\fd153706050abcf0886e001cfa6502f84dcec6faebb4c413e24263d44a873e5b
2024-02-20 11:58 - 2024-02-20 11:58 - 000144867 _____ C:\Users\Boss\AppData\LocalLow\eda39b108ad638a48a673331ae068f49baf340b2c89c11e017eca6260bfb2885
2024-02-20 11:58 - 2024-02-20 11:58 - 000000026 _____ C:\Users\Boss\AppData\LocalLow\7b5173d5fafc7ca7c2520d2a81837743e862da40c610545fd677456daf0b5c62
2024-02-20 11:57 - 2024-02-20 11:57 - 000011196 _____ C:\Users\Boss\AppData\LocalLow\5752342e1f6b5997da6bd26b4ee1e88066d4516920bf2256a193be7e50a78847
2024-02-20 11:57 - 2024-02-20 11:57 - 000000026 _____ C:\Users\Boss\AppData\LocalLow\283c655cd507333ccf40a7d3581da4ba21fa601ca8cc530b458d2a49ad7b4b8e
2024-02-20 11:03 - 2024-02-20 11:05 - 000000128 _____ C:\Users\jenfr\AppData\LocalLow\3e159baba4b2bab46a762f3691e863f7bb0f762734abbe34a54a265ba13a1676
2024-02-20 11:03 - 2024-02-20 11:03 - 000026462 _____ C:\Users\jenfr\AppData\LocalLow\5f4d94ed6a04f6b82b9d20d874086d16e1dc9a62e8fe9d5226147ebb3f6b63f9
2024-02-20 09:45 - 2024-02-20 09:46 - 000000000 ____D C:\AdwCleaner
2024-02-20 09:23 - 2024-02-20 11:01 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-02-19 22:25 - 2024-02-19 22:25 - 000000000 ____D C:\Users\Boss\AppData\Roaming\Mozilla
2024-02-19 22:25 - 2024-02-19 22:25 - 000000000 ____D C:\Users\Boss\AppData\Local\Mozilla
2024-02-19 22:24 - 2024-02-19 22:24 - 000000000 ____D C:\Users\Boss\AppData\LocalLow\NVIDIA
2024-02-19 19:00 - 2024-02-26 10:34 - 000000000 ____D C:\Users\jenfr\AppData\LocalLow\IGDump
2024-02-19 12:33 - 2024-02-26 14:47 - 000000128 _____ C:\Users\jenfr\AppData\LocalLow\69a789ecc2248ac851c5b7748341e0df97b19b51fc48632a1b8629e8974d6578
2024-02-19 12:33 - 2024-02-26 13:23 - 000031209 _____ C:\Users\jenfr\AppData\LocalLow\e2e71d94b4a2d1ac543c9730c8edeb3f9c24f3df239f5830d59588abcd2d97d3
2024-02-19 10:01 - 2024-02-19 10:01 - 000028883 _____ C:\Users\CBT_MKE\Downloads\Back-up codes CBT-1.pdf
2024-02-18 20:03 - 2024-02-18 20:03 - 000060658 _____ C:\Users\CBT_MKE\Downloads\Untitled document-2.pdf
2024-02-17 17:02 - 2024-02-17 17:02 - 000064721 _____ C:\Users\CBT_MKE\Downloads\Stream & mirror files with Drive for desktop.pdf
2024-02-17 13:11 - 2024-02-17 13:11 - 000091734 _____ C:\Users\CBT_MKE\Downloads\Device management security checklist-1.pdf
2024-02-17 13:04 - 2024-02-17 13:04 - 000089325 _____ C:\Users\CBT_MKE\Downloads\Device management security checklist.pdf
2024-02-17 11:40 - 2024-02-17 11:40 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-02-13 15:05 - 2024-02-13 15:05 - 000023632 _____ C:\Users\jenfr\OneDrive\Desktop-OLD\accounts_2024.xlsx
2024-02-12 15:32 - 2024-02-12 15:32 - 000079474 _____ C:\Users\CBT_MKE\Downloads\2024_ Telepsych Informed Consent .pdf
2024-02-12 14:08 - 2024-02-12 14:08 - 000000000 ____D C:\Users\CBT_MKE\AppData\Roaming\PowerENGAGE
2024-02-12 13:16 - 2024-02-12 13:16 - 000000000 ____D C:\Users\jenfr\AppData\Local\Brother_Industries,_Ltd
2024-02-12 13:04 - 2024-02-12 13:04 - 000000000 ____D C:\Users\CBT_MKE\AppData\Local\Brother_Industries,_Ltd
2024-02-12 13:03 - 2024-02-12 13:04 - 000000000 ____D C:\Users\CBT_MKE\AppData\Roaming\Brother
2024-02-12 13:03 - 2024-02-12 13:03 - 000000000 ____D C:\Users\CBT_MKE\AppData\Local\Brother
2024-02-12 09:22 - 2024-02-12 09:22 - 000000000 ____D C:\Users\CBT_MKE\AppData\Roaming\ControlCenter4
2024-02-12 08:14 - 2024-02-12 08:14 - 000164043 _____ C:\Users\jenfr\AppData\LocalLow\eda39b108ad638a48a673331ae068f49baf340b2c89c11e017eca6260bfb2885
2024-02-12 08:14 - 2024-02-12 08:14 - 000000026 _____ C:\Users\jenfr\AppData\LocalLow\7b5173d5fafc7ca7c2520d2a81837743e862da40c610545fd677456daf0b5c62
2024-02-12 08:14 - 2024-02-12 08:14 - 000000000 ____D C:\Users\jenfr\AppData\Roaming\FLEXnet
2024-02-12 08:10 - 2024-02-12 08:10 - 000000000 ____D C:\Users\jenfr\AppData\Roaming\Zeon
2024-02-11 21:30 - 2024-02-11 21:30 - 000000000 ____D C:\Users\jenfr\AppData\Roaming\ControlCenter4
2024-02-11 20:31 - 2024-02-26 15:03 - 000000000 ____D C:\Users\jenfr\AppData\Roaming\Brother
2024-02-11 20:31 - 2024-02-11 20:31 - 000000000 ____D C:\Users\jenfr\AppData\Local\Brother
2024-02-11 20:08 - 2024-02-11 20:08 - 000000000 ____D C:\Users\jenfr\AppData\Roaming\PowerENGAGE
2024-02-11 20:07 - 2024-02-20 11:50 - 000000000 ____D C:\ProgramData\Nuance
2024-02-11 20:07 - 2024-02-20 11:48 - 000000000 ____D C:\ProgramData\ScanSoft
2024-02-11 20:07 - 2024-02-11 20:31 - 000000000 ____D C:\Users\jenfr\AppData\Local\Nuance
2024-02-11 20:07 - 2024-02-11 20:07 - 000000000 ____D C:\ProgramData\zeon
2024-02-11 20:07 - 2024-02-11 20:07 - 000000000 ____D C:\ProgramData\Macrovision
2024-02-11 20:07 - 2024-02-11 20:07 - 000000000 ____D C:\ProgramData\FLEXnet
2024-02-11 20:03 - 2024-02-11 21:30 - 000000000 ____D C:\ProgramData\ControlCenter4
2024-02-11 20:03 - 2024-02-11 20:22 - 000000000 ____D C:\Program Files (x86)\PC-FAXReceive
2024-02-11 20:03 - 2024-02-11 20:10 - 000000000 ____D C:\Program Files (x86)\Browny02
2024-02-11 20:03 - 2024-02-11 20:09 - 000000000 ____D C:\Program Files (x86)\ControlCenter4
2024-02-11 20:03 - 2024-02-11 20:03 - 000000000 ____D C:\ProgramData\PCFaxTx
2024-02-11 20:03 - 2024-02-11 20:03 - 000000000 ____D C:\ProgramData\PCFaxRx
2024-02-11 20:03 - 2024-02-11 20:03 - 000000000 ____D C:\Program Files (x86)\RemoteSetup
2024-02-11 20:03 - 2024-02-11 20:03 - 000000000 ____D C:\Program Files (x86)\ControlCenter4 CSDK
2024-02-11 20:03 - 2017-12-26 13:13 - 000318464 _____ ( ) C:\WINDOWS\system32\BrFaxTxAppRunA64.dll
2024-02-11 20:03 - 2017-12-26 13:13 - 000000000 _____ C:\WINDOWS\Brpfx04a.ini
2024-02-11 20:02 - 2024-02-26 15:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2024-02-11 20:02 - 2024-02-11 20:02 - 000002811 _____ C:\WINDOWS\BRRBCOM.INI
2024-02-11 20:02 - 2018-11-12 11:25 - 000091648 _____ () C:\WINDOWS\system32\BrNetSti.dll
2024-02-11 20:02 - 2018-03-15 17:54 - 000252928 _____ () C:\WINDOWS\system32\NSSRH64.dll
2024-02-11 20:02 - 2018-03-15 17:54 - 000143360 _____ C:\WINDOWS\system32\BrSNMP64.dll
2024-02-11 20:02 - 2018-03-15 17:54 - 000072192 _____ () C:\WINDOWS\system32\BrWiaNCp.dll
2024-02-11 20:02 - 2018-03-15 17:54 - 000065024 _____ () C:\WINDOWS\system32\Brnsplg.dll
2024-02-11 20:01 - 2024-02-12 13:04 - 000000000 ____D C:\ProgramData\Brother
2024-02-11 20:00 - 2024-02-26 15:03 - 000000000 ____D C:\Program Files (x86)\Brother
2024-02-09 17:05 - 2024-02-09 17:06 - 000000000 ____D C:\Users\CBT_MKE\special
2024-02-09 17:04 - 2024-02-09 17:04 - 000000383 _____ C:\Users\CBT_MKE\Downloads\Backup-codes-admin2.txt
2024-02-08 18:07 - 2024-02-08 18:07 - 000026505 _____ C:\Users\CBT_MKE\Downloads\Back-up codes CBT.pdf
2024-02-08 16:04 - 2024-02-08 16:04 - 000427850 _____ C:\Users\CBT_MKE\Downloads\2-Step Verification GW.pdf
2024-02-07 19:27 - 2024-02-07 19:27 - 000000174 ____R C:\Users\jenfr\OneDrive\XPS13\OFFICE.url
2024-02-07 10:27 - 2024-02-07 10:27 - 000063342 _____ C:\Users\CBT_MKE\Downloads\Invoice 1004.pdf
2024-02-06 14:56 - 2024-02-06 14:56 - 000108385 _____ C:\Users\CBT_MKE\Downloads\PPRPInformedconsentToomuchofagoodthingornotenough.pdf
2024-02-05 17:58 - 2024-02-05 17:58 - 000088128 _____ C:\Users\CBT_MKE\Downloads\NPP_2024_V3.pdf
2024-02-05 17:52 - 2024-02-05 17:52 - 000678672 _____ C:\Users\CBT_MKE\Downloads\45 CFR Part 164 SECURITY PRIVACY.pdf
2024-02-05 14:02 - 2024-02-05 14:02 - 000106146 _____ C:\Users\CBT_MKE\Downloads\IPLUM CHEATSHEET-1.pdf
2024-02-05 13:45 - 2024-02-05 13:45 - 000104429 _____ C:\Users\CBT_MKE\Downloads\IPLUM CHEATSHEET.pdf
2024-02-02 12:59 - 2024-02-02 12:59 - 000206347 _____ C:\Users\CBT_MKE\Downloads\BOIR-1.pdf
2024-02-02 12:57 - 2024-02-02 12:57 - 000457622 _____ C:\Users\CBT_MKE\Downloads\BOIR_Filing_Instructions.pdf
2024-02-02 12:48 - 2024-02-02 12:48 - 000206347 _____ C:\Users\CBT_MKE\Downloads\BOIR.pdf
2024-02-01 14:49 - 2024-02-01 14:49 - 000042222 _____ C:\Users\CBT_MKE\Downloads\customForm-38689566.pdf
2024-02-01 14:25 - 2024-02-09 17:07 - 000000128 _____ C:\Users\CBT_MKE\AppData\LocalLow\69a789ecc2248ac851c5b7748341e0df97b19b51fc48632a1b8629e8974d6578
2024-02-01 14:25 - 2024-02-09 17:04 - 000023390 _____ C:\Users\CBT_MKE\AppData\LocalLow\e2e71d94b4a2d1ac543c9730c8edeb3f9c24f3df239f5830d59588abcd2d97d3
2024-02-01 14:25 - 2024-02-01 14:25 - 000013111 _____ C:\Users\CBT_MKE\Downloads\Template NOTICE OF PRIVACY PRACTICES.txt
2024-02-01 13:29 - 2024-02-01 13:29 - 000446037 _____ C:\Users\CBT_MKE\Downloads\d41586-024-00240-3.pdf
2024-02-01 11:46 - 2024-02-01 11:46 - 000002260 _____ C:\Users\CBT_MKE\AppData\LocalLow\e7cc40f51e4c3980d50372beb28d8d931dd6df11132245b06d72bea14a9bee18
2024-01-31 19:30 - 2024-01-31 19:30 - 000146837 _____ C:\Users\CBT_MKE\Downloads\cloud identity.pdf
2024-01-31 17:19 - 2024-01-31 17:19 - 000137258 _____ C:\Users\CBT_MKE\Downloads\USER ADMIN GW.pdf
2024-01-31 16:16 - 2024-01-31 16:16 - 000427848 _____ C:\Users\CBT_MKE\Downloads\Untitled document-1.pdf
2024-01-31 12:44 - 2024-01-31 12:44 - 000145978 _____ C:\Users\CBT_MKE\Downloads\3RD PARTY APPS.pdf
2024-01-29 18:30 - 2024-01-29 18:30 - 007208773 _____ C:\Users\CBT_MKE\Downloads\2023-0811-speaker-slides-part-1-intro.pdf
2024-01-29 18:30 - 2024-01-29 18:30 - 003351102 _____ C:\Users\CBT_MKE\Downloads\2023-0811-speaker-slides-part-2-body-image.pdf
2024-01-29 09:22 - 2024-01-29 09:22 - 000000533 _____ C:\Users\CBT_MKE\Downloads\Chase7359_Activity_20240129.CSV
2024-01-29 09:19 - 2024-01-29 09:19 - 000232383 _____ C:\Users\CBT_MKE\Downloads\20231221-statements-8448-.pdf
2024-01-29 09:04 - 2024-01-29 09:05 - 000000754 _____ C:\Users\CBT_MKE\Downloads\Chase8448_Activity20240101_20240129_20240129.CSV
2024-01-27 11:14 - 2024-01-27 11:14 - 000002260 _____ C:\Users\jenfr\AppData\LocalLow\126014fef63f2dff36f1fc26cfb7c085ebf4ea9543a703cfe75d5e45d8607cb2

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-02-26 15:15 - 2023-04-14 17:15 - 000000000 ____D C:\ProgramData\NVIDIA
2024-02-26 15:14 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-02-26 15:13 - 2023-05-17 15:49 - 000000000 ____D C:\Program Files (x86)\Google
2024-02-26 15:13 - 2023-04-17 13:51 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-02-26 15:12 - 2024-01-24 16:27 - 000025438 _____ C:\Users\jenfr\AppData\LocalLow\1abc63b7c987f217521b29e18445c9b2a0b8a27bd4397fcda74dd662205af57f
2024-02-26 15:12 - 2023-05-15 10:00 - 000000000 ____D C:\Users\CBT_MKE\AppData\Local\Malwarebytes
2024-02-26 15:12 - 2023-05-12 11:48 - 000000000 ____D C:\Users\jenfr\AppData\Local\Malwarebytes
2024-02-26 15:12 - 2023-04-14 16:15 - 000000000 ___RD C:\Users\jenfr\OneDrive
2024-02-26 15:12 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-02-26 15:12 - 2022-05-06 23:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-02-26 15:11 - 2024-01-24 16:37 - 000016781 _____ C:\Users\CBT_MKE\AppData\LocalLow\1abc63b7c987f217521b29e18445c9b2a0b8a27bd4397fcda74dd662205af57f
2024-02-26 15:11 - 2023-05-30 10:33 - 000000000 ____D C:\Users\CBT_MKE\dell display manager
2024-02-26 15:11 - 2023-05-22 09:39 - 000000000 ___RD C:\Users\CBT_MKE\My Drive
2024-02-26 15:11 - 2023-04-14 17:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-02-26 15:11 - 2023-04-14 17:14 - 000012288 ___SH C:\DumpStack.log.tmp
2024-02-26 15:11 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-02-26 15:11 - 2022-05-06 23:17 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2024-02-26 15:08 - 2023-04-14 16:13 - 000000000 ____D C:\Users\jenfr\AppData\Local\D3DSCache
2024-02-26 15:05 - 2023-04-14 16:13 - 000000000 ____D C:\Users\jenfr\AppData\Local\Packages
2024-02-26 15:05 - 2022-05-06 23:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-02-26 15:03 - 2023-03-26 06:41 - 000000000 ____D C:\ProgramData\Package Cache
2024-02-26 15:01 - 2023-04-18 08:10 - 000000000 ____D C:\Users\jenfr\AppData\Roaming\Microsoft\Word
2024-02-26 14:55 - 2023-04-14 16:08 - 000000000 ___SD C:\Users\jenfr\AppData\Roaming\Microsoft\Credentials
2024-02-26 14:17 - 2023-04-27 12:33 - 000000000 ___SD C:\Users\CBT_MKE\AppData\Roaming\Microsoft\Credentials
2024-02-26 13:33 - 2023-04-27 16:22 - 000000000 ____D C:\Users\jenfr\AppData\Roaming\Microsoft\Excel
2024-02-26 13:05 - 2023-04-14 16:13 - 000000000 ____D C:\Users\jenfr\AppData\Local\NVIDIA
2024-02-26 12:53 - 2023-05-12 15:55 - 000000000 ____D C:\Users\jenfr\dell display manager
2024-02-26 12:53 - 2023-04-14 15:24 - 000804932 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-02-26 12:53 - 2022-05-06 23:22 - 000000000 ____D C:\WINDOWS\INF
2024-02-26 12:46 - 2023-04-14 17:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-02-26 09:29 - 2023-04-19 10:51 - 000000000 ____D C:\Users\jenfr\AppData\Local\CrashDumps
2024-02-26 09:25 - 2023-05-17 15:49 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2024-02-25 15:40 - 2023-04-14 17:15 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-02-25 15:39 - 2023-04-14 17:15 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2024-02-25 15:36 - 2023-05-16 15:17 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-25 15:36 - 2023-05-16 15:17 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-25 15:36 - 2023-05-16 15:17 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-25 15:36 - 2023-05-16 15:17 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-25 15:36 - 2023-05-16 15:17 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-25 15:36 - 2023-05-16 15:17 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-25 15:36 - 2023-05-16 15:17 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-25 15:36 - 2023-05-16 15:17 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-25 15:36 - 2023-05-16 15:17 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-25 15:36 - 2023-03-27 03:08 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2024-02-25 15:36 - 2023-03-27 03:06 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2024-02-25 15:34 - 2023-04-14 17:21 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-02-25 15:34 - 2023-04-14 17:21 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-02-21 00:22 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-02-20 16:35 - 2023-03-26 06:43 - 000000000 ____D C:\ProgramData\Packages
2024-02-20 16:34 - 2023-04-14 16:15 - 000000000 ____D C:\Users\jenfr\AppData\Local\PlaceholderTileLogoFolder
2024-02-20 14:40 - 2023-04-17 18:15 - 000239576 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2024-02-20 12:20 - 2023-04-17 13:51 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2024-02-20 12:10 - 2023-04-18 09:58 - 000000000 ____D C:\Users\Boss\AppData\Local\Packages
2024-02-20 12:07 - 2023-05-12 13:38 - 000000000 ____D C:\Users\Boss\AppData\Local\Malwarebytes
2024-02-20 12:07 - 2023-04-18 09:58 - 000000000 ____D C:\Users\Boss\AppData\Local\D3DSCache
2024-02-20 11:46 - 2023-07-31 12:58 - 000000000 ____D C:\WINDOWS\Minidump
2024-02-20 11:05 - 2024-01-24 16:29 - 000033164 _____ C:\Users\jenfr\AppData\LocalLow\30fe1ad87c7a915f35214d537895d60e85a488378022b8dff9a42476846a224e
2024-02-20 11:01 - 2023-04-17 13:51 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-02-20 10:42 - 2023-04-17 13:51 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-02-18 18:27 - 2023-04-27 12:33 - 000000000 ____D C:\Users\CBT_MKE\AppData\Local\D3DSCache
2024-02-17 11:38 - 2023-03-26 06:42 - 000000000 ____D C:\Program Files\Microsoft Office
2024-02-17 05:31 - 2023-04-14 12:41 - 006943344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2024-02-16 12:43 - 2023-04-28 11:58 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-02-15 10:42 - 2023-04-14 12:41 - 000235016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpcf.sys
2024-02-15 10:10 - 2022-05-06 23:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-02-14 15:01 - 2022-05-06 23:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-02-14 14:21 - 2023-04-27 16:41 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-02-14 14:21 - 2023-04-27 16:41 - 000002134 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-02-14 14:21 - 2023-04-27 12:34 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-883358396-3808688255-3020804061-1003
2024-02-14 14:21 - 2023-04-18 09:59 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-883358396-3808688255-3020804061-1002
2024-02-14 14:21 - 2023-04-14 16:15 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-883358396-3808688255-3020804061-1001
2024-02-14 14:20 - 2023-09-26 16:26 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-02-14 14:20 - 2023-04-14 17:20 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2024-02-14 14:20 - 2022-05-06 23:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-02-14 14:20 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-02-14 14:20 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-02-14 14:20 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-02-13 21:33 - 2022-05-06 23:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-02-13 21:29 - 2023-04-14 17:17 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-02-13 21:26 - 2023-04-14 16:18 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-02-13 21:22 - 2023-04-14 16:18 - 191155960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-02-13 18:28 - 2023-05-03 18:35 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-02-13 18:28 - 2023-05-03 18:35 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-02-13 11:26 - 2023-05-02 13:14 - 000000000 ____D C:\Users\CBT_MKE\AppData\Roaming\Microsoft\Excel
2024-02-13 10:32 - 2023-05-11 08:13 - 000000000 ____D C:\Users\CBT_MKE\AppData\Roaming\Microsoft\Word
2024-02-12 09:21 - 2023-04-27 12:33 - 000000000 ____D C:\Users\CBT_MKE\AppData\Local\Packages
2024-02-12 09:18 - 2023-04-14 16:16 - 000000000 ____D C:\Users\jenfr\OneDrive\XPS13\Hx_Joppa
2024-02-11 23:45 - 2023-09-29 10:58 - 000000174 ____R C:\Users\jenfr\OneDrive\XPS13\TECH.url
2024-02-11 20:01 - 2022-05-06 23:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-02-09 17:05 - 2023-04-27 12:33 - 000000000 ____D C:\Users\CBT_MKE

==================== Files in the root of some directories ========

2023-07-29 07:02 - 2023-07-29 07:02 - 017190096 _____ (Dell Inc.) C:\Users\jenfr\DellCommandUpdateApp_Setup.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26.02.2024 01
Ran by jenfr (26-02-2024 15:16:32)
Running from C:\Users\jenfr\Downloads
Microsoft Windows 11 Home Version 23H2 22631.3155 (X64) (2023-04-14 23:21:25)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-883358396-3808688255-3020804061-500 - Administrator - Disabled)
Boss (S-1-5-21-883358396-3808688255-3020804061-1002 - Administrator - Enabled) => C:\Users\Boss
CBT_MKE (S-1-5-21-883358396-3808688255-3020804061-1003 - Limited - Enabled) => C:\Users\CBT_MKE
DefaultAccount (S-1-5-21-883358396-3808688255-3020804061-503 - Limited - Disabled)
Guest (S-1-5-21-883358396-3808688255-3020804061-501 - Limited - Disabled)
jenfr (S-1-5-21-883358396-3808688255-3020804061-1001 - Administrator - Enabled) => C:\Users\jenfr
WDAGUtilityAccount (S-1-5-21-883358396-3808688255-3020804061-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-FF00-7760-BC15014EA700}) (Version: 23.008.20533 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601067}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AppLogLibSetup (HKLM-x32\...\{52FB0C8F-DF05-4C61-AEB6-18C55F8C385F}) (Version: 1.0.3.0 - Brother Industries Ltd.) Hidden
BrLauncher (HKLM-x32\...\{88FCD471-DBBF-4A75-8066-ACACE05DE3CF}) (Version: 2.0.14.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother PCFax Driver (HKLM-x32\...\{79262B43-9E15-4732-A034-BFD29D9BD077}) (Version: 1.4.1.0 - Brother Industries Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{DB807453-2A2E-4FFE-9D85-253F41EAF321}) (Version: 7.1.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{C48F05FB-1568-42F5-BE89-526A26994C6C}) (Version: 1.0.37.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{C0439A0D-8A66-4BD0-A3E0-85C8E2920762}) (Version: 1.0.26.0 - Brother Industries Ltd.) Hidden
ControlCenter4 (HKLM-x32\...\{9CE6D4F3-965F-4FA7-8431-4A4FDC7A01D9}) (Version: 4.6.23.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden
Dell Command | Update for Windows Universal (HKLM\...\{612F7720-D28A-473F-8FB9-C8D300B5F534}) (Version: 5.1.0 - Dell Inc.)
Dell Display Manager 2.1 (HKLM\...\Dell Display Manager 2) (Version: 2.1.1.17 - Dell Inc.)
DeviceDetect (HKLM-x32\...\{5FE4CE95-1B55-4632-A3F1-851B07936498}) (Version: 1.4.10.0 - Brother Industries Ltd.) Hidden
Documentation Manager (HKLM\...\{BD72B4C5-F19D-4507-97C7-21F67DF098C4}) (Version: 23.10.0.8 - Intel Corporation) Hidden
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 87.0.2.0 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
Intel Driver && Support Assistant (HKLM-x32\...\{63B67EA4-4AE1-4A45-A67D-21318B4345EF}) (Version: 23.4.39.9 - Intel) Hidden
Intel® Wireless Bluetooth® (HKLM-x32\...\{00000010-0230-1033-84C8-B8D95FA3C8C3}) (Version: 23.10.0.2 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{ecbee3cf-26b3-4f27-854c-e2e16b3f7fa9}) (Version: 23.4.39.9 - Intel)
Intel® Integrated Sensor Solution (HKLM-x32\...\{0561b886-1a4e-4be3-bea9-abdd6108b346}) (Version: 3.10.100.4572 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{cd5b4033-2c6b-4241-acf1-1ee873737a03}) (Version: 23.10.0.8 - Intel Corporation) Hidden
ISS_Drivers_x64 (HKLM\...\{82C84C74-0E6B-4C31-848B-A7DE4F087D48}) (Version: 3.10.100.4572 - Intel Corporation) Hidden
Malwarebytes version 4.6.8.311 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.8.311 - Malwarebytes)
Microsoft .NET Host - 6.0.14 (x64) (HKLM\...\{40D4EC44-91F8-4EEE-869E-F4B3E90E6688}) (Version: 48.59.55225 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.14 (x64) (HKLM\...\{D1726E78-81F3-40A2-A7AF-6286BAA49B1C}) (Version: 48.59.55225 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.9 (x64) (HKLM\...\{FD10B803-97FD-4867-9753-8784BC35D2F8}) (Version: 48.39.47157 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.14 (x64) (HKLM\...\{61202CF9-3B84-4E5A-91A1-2984FAE38259}) (Version: 48.59.55225 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.14 (x64) (HKLM-x32\...\{a75f0c38-355e-478f-b573-1dbc42915c5c}) (Version: 6.0.14.32123 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.9 (x64) (HKLM\...\{0B4F742D-2D47-4E95-B756-402822D31C48}) (Version: 48.39.47157 - Microsoft Corporation) Hidden
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.17231.20236 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 122.0.2365.52 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 122.0.2365.52 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.020.0128.0003 - Microsoft Corporation)
Microsoft OneNote - en-us (HKLM\...\OneNoteFreeRetail - en-us) (Version: 16.0.17231.20236 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.9 (x64) (HKLM\...\{C1CD2FC1-92E6-4DE2-89D8-6D309881856F}) (Version: 48.39.47171 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.9 (x64) (HKLM-x32\...\{569b351b-451b-48db-a2c7-7beb63411666}) (Version: 6.0.9.31620 - Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 123.0 (x64 en-US)) (Version: 123.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 112.0.1 - Mozilla)
MyDell (HKLM-x32\...\{E131DFE7-2098-409A-B07F-82F2D76BF17B}) (Version: 3.0.358.0 - Dell, Inc.)
MyDell Application Management (HKLM\...\{1B52D862-39DF-4BC3-A86D-7123219EE3AE}) (Version: 1.0.103.1 - Dell Technologies, Inc.) Hidden
MyDell Components Installer (HKLM\...\{FC24D516-8B85-4D36-8E48-0EF4E6968DFB}) (Version: 1.0.212.1 - Dell, Technologies, Inc.) Hidden
MyDell Customer Connect (HKLM\...\{6BBE66E6-0F6C-4C11-B38F-407DA1E4C70D}) (Version: 1.0.220.1 - Dell Technologies, Inc.) Hidden
NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden
NexiGo version 1.0 (HKLM-x32\...\{36A02147-C92C-458A-8284-E3903A0C4239}_is1) (Version: 1.0 - Nexight Inc)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
NVIDIA Graphics Driver 551.61 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 551.61 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17231.20236 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17231.20236 - Microsoft Corporation) Hidden
PC-FAXReceive (HKLM-x32\...\{65D8385F-F858-4748-A7C2-676D04C2893E}) (Version: 1.8.402.0 - Brother Industries, Ltd.) Hidden
PCFaxTx (HKLM-x32\...\{90338D66-4493-4DC3-A8C7-EB6FD5282B02}) (Version: 3.7.12.1 - Brother Industries Ltd.) Hidden
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9509.1 - Realtek Semiconductor Corp.)
Realtek USB Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{04201224-2B34-4EE7-862B-B7BBF89DB3AB}) (Version: 11.12.0223.2023 - Realtek)
RemoteSetup (HKLM-x32\...\{EB4D046E-28C1-4884-9129-47F41317E9B0}) (Version: 3.10.3.0 - Brother Industries Ltd.) Hidden
ScannerUtilityInstaller (HKLM-x32\...\{D94DD953-F38C-4220-A17C-9217106510A6}) (Version: 1.20.0.1 - Brother) Hidden
SoftwareUpdateNotification (HKLM-x32\...\{3D1AD910-B82B-4635-B1C3-0CEF9F6F3D34}) (Version: 1.0.21.0 - Brother Industries, Ltd.) Hidden
StatusMonitor (HKLM-x32\...\{D9584EB4-1D28-4BD1-8F81-6E097C0827EE}) (Version: 1.33.1.0 - Brother Industries, Ltd.) Hidden
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
Zoom (HKU\S-1-5-21-883358396-3808688255-3020804061-1001\...\ZoomUMX) (Version: 5.14.6 (15434) - Zoom Video Communications, Inc.)

Packages:
=========

Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-02-19] ()
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5336.0_x64__8j3eq9eme6ctt [2024-02-19] (INTEL CORP) [Startup Task]
Dell Command | Update -> C:\Program Files\WindowsApps\DellInc.DellCommandUpdate_5.1.30.0_x86__htrsf667h5kn2 [2024-02-19] (Dell Inc)
Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1100.416.0_x64__8wekyb3d8bbwe [2024-02-26] (Microsoft Corporation)
Dolby Vision Extensions -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyVisionAccess_2.20301.388.0_x64__rz1tebttyb220 [2024-02-19] (Dolby Laboratories)
Intel® Management and Security Status -> C:\Program Files\WindowsApps\AppUp.IntelManagementandSecurityStatus_2316.5.0.0_x64__8j3eq9eme6ctt [2024-02-19] (INTEL CORP) [Startup Task]
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_20.0.1011.0_x64__8j3eq9eme6ctt [2024-02-19] (INTEL CORP)
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2402.13002.0_x64__8wekyb3d8bbwe [2024-02-25] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-02-19] (Microsoft Corp.)
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-02-12] (Microsoft Corporation)
Microsoft.MPEG2VideoExtension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2024-02-19] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\WINDOWS\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-01-11] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\nvidiacorp.nvidiacontrolpanel_8.1.964.0_x64__56jybvy8sckqj [2024-02-25] (NVIDIA Corp.)
Power Automate -> C:\Program Files\WindowsApps\Microsoft.PowerAutomateDesktop_11.2402.223.0_x64__8wekyb3d8bbwe [2024-02-19] (Microsoft Corporation) [Startup Task]
Waves MaxxAudio Pro for Dell 2022 -> C:\Program Files\WindowsApps\WavesAudio.MaxxAudioProforDell2022_5.0.59.0_x64__fh4rh281wavaa [2023-04-27] (Waves Audio)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-01-24] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-883358396-3808688255-3020804061-1001_Classes\CLSID\{02f99b13-b4a2-e116-29df-b7441da8d960}\localserver32 -> "C:\Program Files\Dell\MyDell\Console\NGA.Systray.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-883358396-3808688255-3020804061-1001_Classes\CLSID\{0BAD39CB-DD3E-4F21-9156-649B0156C28E}\localserver32 -> C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo11de.inf_amd64_d4eabf4492fbb4d5\WavesSvc64.exe (Waves Inc -> Waves Audio Ltd.)
CustomCLSID: HKU\S-1-5-21-883358396-3808688255-3020804061-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-883358396-3808688255-3020804061-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-883358396-3808688255-3020804061-1001_Classes\CLSID\{6da32e32-0686-8d4f-e799-79dc9f129f0f}\localserver32 -> "C:\Program Files\Dell\MyDell\Console\NGA.ThickClient.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-883358396-3808688255-3020804061-1001_Classes\CLSID\{989dacff-3a01-6b2c-f623-9ef1597c6141}\localserver32 -> C:\Program Files\Dell\Dell Display Manager 2\DDM.exe (Qisda Corporation -> Dell Inc.)
CustomCLSID: HKU\S-1-5-21-883358396-3808688255-3020804061-1001_Classes\CLSID\{a18c2235-f97e-71dd-b398-1f96bc9af93c}\localserver32 -> C:\Program Files\Dell\Dell Display Manager 2\DDM.exe (Qisda Corporation -> Dell Inc.)
CustomCLSID: HKU\S-1-5-21-883358396-3808688255-3020804061-1003_Classes\CLSID\{04271989-C4D2-430A-A56C-405D9B0F5532} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-883358396-3808688255-3020804061-1003_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-883358396-3808688255-3020804061-1003_Classes\CLSID\{989dacff-3a01-6b2c-f623-9ef1597c6141}\localserver32 -> C:\Program Files\Dell\Dell Display Manager 2\DDM.exe (Qisda Corporation -> Dell Inc.)
CustomCLSID: HKU\S-1-5-21-883358396-3808688255-3020804061-1003_Classes\CLSID\{a18c2235-f97e-71dd-b398-1f96bc9af93c}\localserver32 -> C:\Program Files\Dell\Dell Display Manager 2\DDM.exe (Qisda Corporation -> Dell Inc.)
ShellIconOverlayIdentifiers: [     OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\87.0.2.0\drivefsext.dll [2024-02-26] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\87.0.2.0\drivefsext.dll [2024-02-26] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\87.0.2.0\drivefsext.dll [2024-02-26] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\87.0.2.0\drivefsext.dll [2024-02-26] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers-x32: [     OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\87.0.2.0\drivefsext.dll [2024-02-26] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\87.0.2.0\drivefsext.dll [2024-02-26] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\87.0.2.0\drivefsext.dll [2024-02-26] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_3fdff41f99f01256\nvshext.dll [2024-02-17] (NVIDIA Corporation -> NVIDIA Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2024-02-11 20:02 - 2018-11-12 11:25 - 000091648 _____ () [File not signed] C:\WINDOWS\system32\BrNetSti.dll
2024-02-11 20:02 - 2018-03-15 17:54 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\CBT_MKE\Downloads\OfficeSetup.exe:MBAM.Zone.Identifier [351]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-04] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-05-06 23:24 - 2022-05-06 23:22 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-883358396-3808688255-3020804061-1001\Control Panel\Desktop\\Wallpaper -> c:\users\jenfr\onedrive\pictures- pc\space\jwt rho.png
HKU\S-1-5-21-883358396-3808688255-3020804061-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\DesktopSpotlight\Assets\Images\image_1.jpg
HKU\S-1-5-21-883358396-3808688255-3020804061-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\CBT_MKE\Desktop\crop7t.png
DNS Servers: 1.1.1.1 - 1.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "WavesSvc"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "ISUSPM"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "IndexSearch"
HKLM\...\StartupApproved\Run32: => "PaperPort PTD"
HKLM\...\StartupApproved\Run32: => "PDFProHook"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "BrotherSoftwareUpdateNotification"
HKLM\...\StartupApproved\Run32: => "I17A"
HKU\S-1-5-21-883358396-3808688255-3020804061-1001\...\StartupApproved\StartupFolder: => "DDM2.0.lnk"
HKU\S-1-5-21-883358396-3808688255-3020804061-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-883358396-3808688255-3020804061-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_D3A6C3E91BD871936DC5E531BD1851E5"
HKU\S-1-5-21-883358396-3808688255-3020804061-1001\...\StartupApproved\Run: => "GoogleDriveFS"
HKU\S-1-5-21-883358396-3808688255-3020804061-1003\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_840607CA24A5D0C24227941372696879"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A7E1E645-5446-4FBD-A488-34831C2DFEE9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8464D095-14FC-463D-B7D0-596BA6722BF2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8B21E403-DB38-4885-BA80-C2853CA7046B}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23078.300.1950.927_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{215E8825-E3E0-4D7C-A3FA-7475F9E659FC}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23078.300.1950.927_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D56DB188-5F02-4266-ABFA-A396344709EF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5E2CC1F9-26E1-45F2-B414-B0E9504314EF}] => (Allow) C:\Users\jenfr\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{4B651BEF-61A0-4EBF-B956-1A1BDF5480F6}] => (Allow) C:\Users\jenfr\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{372C52D4-17BB-4BE3-9BE1-DE541C9497FA}] => (Allow) C:\Users\jenfr\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{B156AB53-E57A-4B55-A3AE-C34E34FABF42}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23091.406.2009.3890_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E516DA98-0CBC-4991-839E-F29DFB0875ED}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23091.406.2009.3890_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EA97DA3A-2993-402E-B827-BF10F595BC16}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{54838C9E-600A-47CA-9BDB-2E528427CB1C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{BBFB121A-B14D-4C4C-9AA5-065388CD6648}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{92810F53-08F0-4855-B666-68E5C8A04D8C}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8B250C32-057B-4080-997E-2773FE7321FE}] => (Allow) LPort=54925
FirewallRules: [{6491FFE7-5AA2-4A9C-9E23-9DAB96D3EF3A}] => (Allow) c:\program files (x86)\pc-faxreceive\brengineprocess.exe (Brother Industries, Ltd.) [File not signed]
FirewallRules: [{5E11CB48-A184-468C-9536-759ECE1F8F8E}] => (Allow) c:\program files (x86)\pc-faxreceive\brengineprocess.exe (Brother Industries, Ltd.) [File not signed]
FirewallRules: [{BDDDF7D6-68C7-4804-A607-B9BD258E8577}] => (Allow) C:\Program Files (x86)\Browny02\Brother\BrPrintFinishNotice\BrPrintFinishNotice.exe (Brother Industries, Ltd. -> )
FirewallRules: [{46B82DF3-0FB8-4B79-B53C-914EA5098903}] => (Allow) C:\Program Files (x86)\Browny02\Brother\BrPrintFinishNotice\BrPrintFinishNotice.exe (Brother Industries, Ltd. -> )
FirewallRules: [{37B93334-221B-485F-B578-2D1327588FDB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C27A1F43-1388-4DDA-98D8-905486941535}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5FAC2887-41EA-4524-9363-179380AB23C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6539E46D-CA3C-4223-B36B-B699FD89C4A5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5718426A-A614-40EE-8C2C-548611478AE9}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

25-02-2024 15:36:15 Installed DirectX

==================== Faulty Device Manager Devices ============

Name: Integrated Webcam
Description: USB Video Device
Class Guid: {ca3e7ab9-b4c3-4ae6-8251-579ef933890f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: ========================

Application errors:
==================
Error: (02/26/2024 03:11:35 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: Description: A .NET application failed.
Application: OneApp.IGCC.WinService.exe
Path: C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a99b22aa15fa509a\OneApp.IGCC.WinService.exe
Message: You must install or update .NET to run this application.

App: C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a99b22aa15fa509a\OneApp.IGCC.WinService.exe
Architecture: x64
Framework: 'Microsoft.NETCore.App', version '7.0.0' (x64)
.NET location: C:\Program Files\dotnet\

The following frameworks were found:
6.0.9 at [C:\Program Files\dotnet\shared\Microsoft.NETCore.App]
6.0.14 at [C:\Program Files\dotnet\shared\Microsoft.NETCore.App]

Learn about framework resolution:
https://aka.ms/dotnet/app-launch-failed

To install missing framework, download:
https://aka.ms/dotnet-core-applaunch?framework=Microsoft.NETCore.App&framework_version=7.0.0&arch=x64&rid=win10-x64

Error: (02/26/2024 03:10:59 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress..

Error: (02/26/2024 03:10:59 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.]

Error: (02/26/2024 03:06:51 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: Description: A .NET application failed.
Application: OneApp.IGCC.WinService.exe
Path: C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a99b22aa15fa509a\OneApp.IGCC.WinService.exe
Message: You must install or update .NET to run this application.

App: C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a99b22aa15fa509a\OneApp.IGCC.WinService.exe
Architecture: x64
Framework: 'Microsoft.NETCore.App', version '7.0.0' (x64)
.NET location: C:\Program Files\dotnet\

The following frameworks were found:
6.0.9 at [C:\Program Files\dotnet\shared\Microsoft.NETCore.App]
6.0.14 at [C:\Program Files\dotnet\shared\Microsoft.NETCore.App]

Learn about framework resolution:
https://aka.ms/dotnet/app-launch-failed

To install missing framework, download:
https://aka.ms/dotnet-core-applaunch?framework=Microsoft.NETCore.App&framework_version=7.0.0&arch=x64&rid=win10-x64

Error: (02/26/2024 03:03:42 PM) (Source: USBAppControl) (EventID: 32767) (User: )
Description: Stop Server

Error: (02/26/2024 03:03:41 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Stop Broadcast Receiver Server

Error: (02/26/2024 03:03:41 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: A blocking operation was interrupted by a call to WSACancelBlockingCall

Error: (02/26/2024 03:03:41 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Stop Server

System errors:
=============
Error: (02/26/2024 03:11:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The igccservice service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (02/26/2024 03:11:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (45000 milliseconds) while waiting for the igccservice service to connect.

Error: (02/26/2024 03:06:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The igccservice service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (02/26/2024 03:06:51 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (45000 milliseconds) while waiting for the igccservice service to connect.

Error: (02/26/2024 12:46:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The igccservice service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (02/26/2024 12:46:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (45000 milliseconds) while waiting for the igccservice service to connect.

Error: (02/26/2024 10:58:42 AM) (Source: DCOM) (EventID: 10001) (User: XPS15)
Description: Unable to start a DCOM Server: {1FA0E654-C9F2-4A1F-9800-B9A75D744B05} as Unavailable/Unavailable. The error:
"2147958016"
Happened while starting this command:
"C:\WINDOWS\system32\DllHost.exe" /Processid:{5250E46F-BB09-D602-5891-F476DC89B700}

Error: (02/26/2024 10:58:42 AM) (Source: DCOM) (EventID: 10001) (User: XPS15)
Description: Unable to start a DCOM Server: {1FA0E654-C9F2-4A1F-9800-B9A75D744B04} as Unavailable/Unavailable. The error:
"2147958016"
Happened while starting this command:
"C:\WINDOWS\system32\DllHost.exe" /Processid:{5250E46F-BB09-D602-5891-F476DC89B700}

Windows Defender:
================
Date: 2024-02-26 15:11:44
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Phonzy.B!ml&threatid=2147772967&enterprise=0
Name: Trojan:Script/Phonzy.B!ml
Severity: Severe
Category: Trojan
Path: file:_C:\Windows\Temp\PF4592.pdf; file:_C:\Windows\Temp\PF46EE.pdf; file:_C:\Windows\Temp\PF4891.pdf; file:_C:\Windows\Temp\PFC4A5.pdf; file:_C:\Windows\Temp\PFE427.pdf
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
Security intelligence Version: AV: 1.405.637.0, AS: 1.405.637.0, NIS: 1.405.637.0
Engine Version: AM: 1.1.24010.10, NIS: 1.1.24010.10

Date: 2024-02-26 15:11:44
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Phonzy.B!ml&threatid=2147772967&enterprise=0
Name: Trojan:Script/Phonzy.B!ml
Severity: Severe
Category: Trojan
Path: file:_C:\Windows\Temp\PF4592.pdf; file:_C:\Windows\Temp\PF46EE.pdf; file:_C:\Windows\Temp\PF4891.pdf; file:_C:\Windows\Temp\PFE427.pdf
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
Security intelligence Version: AV: 1.405.637.0, AS: 1.405.637.0, NIS: 1.405.637.0
Engine Version: AM: 1.1.24010.10, NIS: 1.1.24010.10

Date: 2024-02-26 15:11:44
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.B!ml&threatid=2147735503&enterprise=0
Name: Trojan:Script/Wacatac.B!ml
Severity: Severe
Category: Trojan
Path: file:_C:\Windows\Temp\PF14F4.pdf; file:_C:\Windows\Temp\PF150D.pdf; file:_C:\Windows\Temp\PF1ADB.pdf; file:_C:\Windows\Temp\PF2771.pdf; file:_C:\Windows\Temp\PF31CC.pdf; file:_C:\Windows\Temp\PF3270.pdf; file:_C:\Windows\Temp\PF3A98.pdf; file:_C:\Windows\Temp\PF3ACF.pdf; file:_C:\Windows\Temp\PF3CD4.pdf; file:_C:\Windows\Temp\PF3D5B.pdf; file:_C:\Windows\Temp\PF3E9.pdf; file:_C:\Windows\Temp\PF3FE4.pdf; file:_C:\Windows\Temp\PF4A2D.pdf; file:_C:\Windows\Temp\PF4AA5.pdf; file:_C:\Windows\Temp\PF4EA8.pdf; file:_C:\Windows\Temp\PF5496.pdf; file:_C:\Windows\Temp\PF6079.pdf; file:_C:\Windows\Temp\PF60C.pdf; file:_C:\Windows\Temp\PF628E.pdf; file:_C:\Windows\Temp\PF68BD.pdf; file:_C:\Windows\Temp\PF6D7C.pdf; file:_C:\Windows\Temp\PF75D1.pdf; file:_C:\Windows\Temp\PF7BB8.pdf; file:_C:\Windows\Temp\PF8.pdf; file:_C:\Windows\Temp\PF890A.pdf; file:_C:\Windows\Temp\PF8A93.pdf; file:_C:\Windows\Temp\PF8B23.pdf; file:_C:\Windows\Temp\PF90FC.pdf; file:_C:\Windows\Temp\PF922B.pdf; file:_C:\Windows\Temp\PF9862.pdf; file:_C:
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
Security intelligence Version: AV: 1.405.637.0, AS: 1.405.637.0, NIS: 1.405.637.0
Engine Version: AM: 1.1.24010.10, NIS: 1.1.24010.10

Date: 2024-02-26 15:11:44
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.B!ml&threatid=2147735503&enterprise=0
Name: Trojan:Script/Wacatac.B!ml
Severity: Severe
Category: Trojan
Path: file:_C:\Windows\Temp\PFBE26.pdf; file:_C:\Windows\Temp\PFC03A.pdf
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
Security intelligence Version: AV: 1.405.637.0, AS: 1.405.637.0, NIS: 1.405.637.0
Engine Version: AM: 1.1.24010.10, NIS: 1.1.24010.10

Date: 2024-02-26 15:06:59
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Phonzy.B!ml&threatid=2147772967&enterprise=0
Name: Trojan:Script/Phonzy.B!ml
Severity: Severe
Category: Trojan
Path: file:_C:\Windows\Temp\PF4592.pdf; file:_C:\Windows\Temp\PF46EE.pdf; file:_C:\Windows\Temp\PF4891.pdf; file:_C:\Windows\Temp\PFC4A5.pdf; file:_C:\Windows\Temp\PFE427.pdf
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
Security intelligence Version: AV: 1.405.637.0, AS: 1.405.637.0, NIS: 1.405.637.0
Engine Version: AM: 1.1.24010.10, NIS: 1.1.24010.10
Event[0]

Date: 2024-02-20 15:16:46
Description:
Microsoft Defender Antivirus has encountered an error trying to download and configure Microsoft Defender Antivirus (offline scan).
Error code: 0x8000000a
Error description: The data necessary to complete this operation is not yet available.

Date: 2024-02-20 15:16:29
Description:
Microsoft Defender Antivirus has encountered an error trying to download and configure Microsoft Defender Antivirus (offline scan).
Error code: 0x8000000a
Error description: The data necessary to complete this operation is not yet available.

Date: 2024-02-20 13:41:08
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

CodeIntegrity:
===============
Date: 2024-02-26 15:14:13
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_734897ab1d4f1106\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

BIOS: Dell Inc. 1.20.0 12/19/2023
Motherboard: Dell Inc. 0MWGD4
Processor: 12th Gen Intel® Core™ i7-12700H
Percentage of memory in use: 47%
Total physical RAM: 16055.05 MB
Available physical RAM: 8433.29 MB
Total Virtual: 18487.05 MB
Available Virtual: 9348.42 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:452.94 GB) (Free:358.22 GB) (Model: NVMe PC801 NVMe SK hynix 512GB) (Protected) NTFS
Drive g: () (Fixed) (Total:0 GB) (Free:0 GB) (Model: NVMe PC801 NVMe SK hynix 512GB)

\\?\Volume{f8a3ebdd-af0e-49a4-97a7-f56a7c13995b}\ (WINRETOOLS) (Fixed) (Total:1.04 GB) (Free:0.27 GB) NTFS
\\?\Volume{5594054d-82f4-4050-8259-bc74bb712a22}\ (Image) (Fixed) (Total:21.11 GB) (Free:0.07 GB) NTFS
\\?\Volume{4189d6ca-e7db-45bb-a195-d68191830a9e}\ (DELLSUPPORT) (Fixed) (Total:1.47 GB) (Free:0.48 GB) NTFS
\\?\Volume{8cb6fe55-0d2f-4116-b3ab-004d38087eac}\ (ESP) (Fixed) (Total:0.23 GB) (Free:0.14 GB) FAT32
\\?\Volume{94f3027f-d4eb-11ee-8d19-f0d415bcb862}\ () () (Total:0 GB) (Free:0 GB)

==================== MBR & Partition Table ====================

==================== End of Addition.txt =======================

Back to top"> Back to top

BC AdBot (Login to Remove)

BleepingComputer.com
Register to remove ads

#2 Oh My!

Adware and Spyware and Malware

Malware Response Instructor
57,028 posts
OFFLINE

Gender:Male
Location:California
Local time:07:58 PM

Posted 26 February 2024 - 10:08 PM

Greetings and :welcome:

to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

===================================================

Ground Rules:

First, please keep in mind most of us at BleepingComputer volunteer our assistance for your benefit in your time of need. Please try to match our commitment to you with your patience toward us.
It is important to not run any tools or take any steps other than those I will provide for you.
Please perform all steps in the order they are listed. If things are not clear or you experience problems be sure to stop and let me know.
Please copy and paste all logs into your post unless otherwise requested.
When your computer is clean I will let you know, provide instructions to remove tools and reports, and offer you information about how you can combat future infections.
If you do not reply to your topic after 5 days I will assume it has been abandoned and I will close it.

===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and let me know.

Please allow me some time to review what you have posted.

Gary

Lord, to whom shall we go? You have the words of eternal life. We have come to believe and to know that you are the Holy One of God.
John 6:68-69

Back to top"> Back to top

#3 Oh My!

Adware and Spyware and Malware

Malware Response Instructor
57,028 posts
OFFLINE

Gender:Male
Location:California
Local time:07:58 PM

Posted 27 February 2024 - 10:33 AM

Please do this.

===================================================

VirusTotal Online Virus Scanner

--------------------

Please go to VirusTotal
Select Choose file
Individually navigate to the following file(s) and double click on it

C:\Users\jenfr\AppData\LocalLow\48efb6e00dfe354ed4139123e9b35089d2d86424274e14250c30b27cae920926
C:\Users\Boss\AppData\LocalLow\eda39b108ad638a48a673331ae068f49baf340b2c89c11e017eca6260bfb2885
C:\Users\CBT_MKE\AppData\LocalLow\e2e71d94b4a2d1ac543c9730c8edeb3f9c24f3df239f5830d59588abcd2d97d3

Select Confirm upload
Once completed, highlight the information in the address bar and copy and paste the link(s) in your reply

===================================================

Farbar Recovery Scan Tool Fix

--------------------

Right click on the FRST64 icon and select Run as administrator
Highlight the below information then hit the Ctrl + C keys at the same time and the text will be copied
There is no need to paste the information anywhere, FRST64 will do it for you

Start::
SystemRestore: On
CreateRestorePoint:
Folder: C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory
Powershell: Get-MpThreatDetection
End::

Click Fix
When completed the tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it.

VirusTotal links
Fixlog

Gary

Lord, to whom shall we go? You have the words of eternal life. We have come to believe and to know that you are the Holy One of God.
John 6:68-69

Back to top"> Back to top

#4 FlaxenV

Topic Starter

Members
19 posts
OFFLINE

Gender:Male
Local time:09:58 PM

Posted 27 February 2024 - 11:26 AM

Thank you for your quick response and apologies for the multiple posts! I will work on this now.

Back to top"> Back to top

#5 FlaxenV

Topic Starter

Members
19 posts
OFFLINE

Gender:Male
Local time:09:58 PM

Posted 27 February 2024 - 11:57 AM

Virus total links:

https://www.virustotal.com/gui/file/95aae045c5e1e92742d8c4c38d02911bf939846820c57cb183eecb46cd732a4b?nocache=1

https://www.virustotal.com/gui/file/6637c912765f25f8d4d0f0c4b9f102edb1d55f6537839f7652e6b0ed0f8dc8cd?nocache=1

https://www.virustotal.com/gui/file/b8c2063904daab9d016eded4fe4c75d078fe989931de157dead2a991299f3a2f/detection

---

Fixlog.txt:

Fix result of Farbar Recovery Scan Tool (x64) Version: 26.02.2024 01
Ran by jenfr (27-02-2024 10:51:46) Run:1
Running from C:\Users\jenfr\Downloads
Loaded Profiles: jenfr & Boss & CBT_MKE
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start::
SystemRestore: On
CreateRestorePoint:
Folder: C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory
Powershell: Get-MpThreatDetection
End::
*****************

SystemRestore: On => completed
Restore point was successfully created.

========================= Folder: C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory ========================

2024-02-18 11:46 - 2024-02-26 15:11 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00
2024-02-18 11:46 - 2024-02-19 12:01 - 000002400 ____A [15B9394991615A45B79180EAB8EC21E9] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00\0F2469C8-A0F7-4113-B2D5-54AC8327F83D
2024-02-18 14:35 - 2024-02-19 15:03 - 000020064 ____A [22B835438A84A8CF5C4E675ED1A974F9] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00\3FB1222C-D66A-462B-9C79-BFDA7205F09A
2024-02-26 15:11 - 2024-02-26 15:11 - 000108344 ____A [4FEEDD36D21AB4CE536F5ABB1A15F271] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00\81CEF074-05C0-4C02-B743-39D01F6E5CBC
2024-02-18 18:31 - 2024-02-18 18:31 - 000003832 ____A [A260EEBAF5D72806E420A09A746C6096] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00\88848C46-D049-4F06-9F56-3139CCAD3E5C
2024-02-20 11:54 - 2024-02-21 12:28 - 000006784 ____A [08502259B3C190802E278C2C098999AF] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00\AE02AAA3-145B-42C8-85A6-AFAF3EE3BB0D
2024-02-26 15:11 - 2024-02-26 15:11 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\01
2024-02-26 15:11 - 2024-02-26 15:11 - 000008256 ____A [063CB81D85616E691C7D16EF5B3EED31] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\01\585465EC-D86C-4C2D-9726-79160A2B9983
2024-02-18 14:32 - 2024-02-20 11:54 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\02
2024-02-20 11:54 - 2024-02-21 12:28 - 000108344 ____A [048FD88C3BCFC9A2B42FE1D1DB27BF4A] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\02\0FFD7B17-8F57-4205-BE70-83CB6513970F
2024-02-18 18:28 - 2024-02-19 18:28 - 000003872 ____A [CA0E5E2BEB774AAF4325E8168931C27F] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\02\612B4987-A487-4629-91F2-87044198CA30
2024-02-18 14:32 - 2024-02-19 15:03 - 000003872 ____A [FA543CCCE2FACB6583411060F087C1FD] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\02\8BC127E9-820D-4324-8515-A7CFC9BB75E0
2024-02-18 12:42 - 2024-02-19 21:43 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\03
2024-02-18 18:30 - 2024-02-18 18:30 - 000002360 ____A [C1A04AE40F1412CB57AE7018A1BA77FC] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\03\48AE6C47-8D2A-4974-BC51-91C80A2A07D7
2024-02-18 12:42 - 2024-02-19 13:01 - 000002400 ____A [4D45C38C578ADBFF98EA9EF77904D912] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\03\55F9DC82-F73C-413C-8DC5-386D98D6A8D0
2024-02-19 21:43 - 2024-02-21 00:22 - 000108344 ____A [60B113A6FFEB781010BD3B504E5470E9] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\03\FE41773B-4573-43B8-B51F-13AE05A460D6
2024-02-18 12:41 - 2024-02-20 15:25 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04
2024-02-20 13:41 - 2024-02-20 13:41 - 000006744 ____A [84036B229E2BCDB6ED813E020D87CB6A] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\4E4472EB-4AD0-44F3-9C34-DCC3085B9B78
2024-02-18 14:32 - 2024-02-19 15:03 - 000017120 ____A [2C67165C98251DDCFB59EFC773827473] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\619EA068-3DC1-45DF-928E-292C176A15A9
2024-02-18 18:30 - 2024-02-19 18:35 - 000005344 ____A [0BD896031FB62F9058AA35E153673C34] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\661E4FD9-CBCD-4FA8-8CE6-7BBF74625301
2024-02-20 15:25 - 2024-02-25 15:34 - 000108344 ____A [981323C7A3566B450AD950492DEF4D55] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\66734316-77A6-4701-A87C-2B2647A6E2A0
2024-02-18 18:30 - 2024-02-19 18:35 - 000003872 ____A [66CD84FE85396848DCAB320B50B3DA83] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\A0D34A26-D7D7-4614-B286-536E502DAF8E
2024-02-18 12:41 - 2024-02-19 13:01 - 000002400 ____A [51E7B98BF88D547737191D134EE6F412] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\D1A19F8E-AAAD-4A4A-95B6-3105F3E14054
2024-02-18 11:45 - 2024-02-18 18:28 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06
2024-02-18 14:32 - 2024-02-19 15:03 - 000002400 ____A [FFA1049B0288079D474E747E813A9B33] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\2095979F-C188-465C-85A4-A2EEF414E678
2024-02-18 18:28 - 2024-02-19 18:28 - 000002400 ____A [8DE298FCC2E594964133730F48DCEA80] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\705DC510-FB9A-4E19-B99D-9FF106042EB9
2024-02-18 11:45 - 2024-02-19 12:01 - 000002400 ____A [6851C9D25CCABBFDE909EC4C37709D4D] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\9F50E5F3-1487-47D3-A7E7-85382DE8186B
2024-02-18 11:45 - 2024-02-19 12:01 - 000002400 ____A [976C9A5BEFD6C1656B04BE8B3D938F2F] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\AB03C979-2A02-4F10-8A68-2F48C96B6A34
2024-02-18 13:43 - 2024-02-19 14:01 - 000003872 ____A [23F5569DFABC24CB6FD89F9EEF2363E0] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\DA396ED2-0710-473C-AC20-677450AC5068
2024-02-20 12:44 - 2024-02-26 12:46 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\07
2024-02-26 12:46 - 2024-02-26 12:46 - 000008256 ____A [3B502633F119E49D0F5FC0EB382F7D32] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\07\0168BA18-4D4E-4ACB-8832-8D9F2421696D
2024-02-20 12:44 - 2024-02-21 12:50 - 000006784 ____A [6BAED2F2FA4585FA8E9B4A424D90A5EE] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\07\787BE465-1E5A-4932-8F2F-4BECE50C08EE
2024-02-18 10:39 - 2024-02-19 20:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08
2024-02-19 20:44 - 2024-02-21 00:22 - 000108344 ____A [D844F7B1FB0787B779F36DA407BFBD40] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\27984321-6B4F-4DA7-8437-B0430BD41E8B
2024-02-18 12:42 - 2024-02-19 13:01 - 000002400 ____A [453714E3D28A0396AEE8BD4EDDC3BEB3] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\8923FF7B-4878-4DE5-9C49-81AC372CB1D0
2024-02-18 18:27 - 2024-02-19 18:28 - 000003872 ____A [0C45B546407CC366A537FB2FDAE67741] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\AF846D2E-B6BA-4208-BBFB-B92A99532A57
2024-02-18 14:36 - 2024-02-19 15:03 - 000002400 ____A [42E2644D9207518D2E414F4E0B8F0B74] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\CA02B8B5-4532-42E1-9122-95FEA8F22FCA
2024-02-18 10:39 - 2024-02-19 11:01 - 000002400 ____A [0B70422A4F8D1913457DBD46FCAA6A1F] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\CA9A60EA-E034-4801-83AE-5777B092DD48
2024-02-18 11:37 - 2024-02-20 12:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09
2024-02-18 12:42 - 2024-02-19 13:01 - 000002400 ____A [CF6478E962D15D92334E2DDBAC357833] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\0C5404B8-ECF9-4EE5-AA85-23E16586EF67
2024-02-18 12:41 - 2024-02-19 13:01 - 000012704 ____A [AD4CC2480E00E0887079DAB67A493BFC] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\7B6A300C-28F7-4859-848C-576A0DACE409
2024-02-18 11:37 - 2024-02-19 12:01 - 000002400 ____A [8A6F552706C3BE7915A1755147892466] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\7BF94CE5-3856-4162-83B0-72BE27DD84B0
2024-02-18 18:30 - 2024-02-19 18:35 - 000002400 ____A [7AE7DFC3999875BBD39788280A1481A2] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\7DD7E251-4FE1-4F92-B3B4-4CAC022747E5
2024-02-20 12:44 - 2024-02-20 12:44 - 000003800 ____A [F3940BF3B6C15780ED742B3527ECCC55] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\AEB8BEE3-B1EE-46C6-9531-CB35A756E6AF
2024-02-18 13:43 - 2024-02-20 15:25 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10
2024-02-18 14:35 - 2024-02-19 15:03 - 000002400 ____A [A52DD030E0DB7417A0E95BA0807119CA] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\09B158F2-543A-4D06-89C6-E98060E3186D
2024-02-18 13:45 - 2024-02-19 14:01 - 000002400 ____A [A6365CF0712028409751AD1ECF57D472] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\17013DD6-AC6A-47B5-86CF-AD8679A92BF1
2024-02-20 15:25 - 2024-02-25 15:34 - 000008256 ____A [1C076998EE7FAA221D665B6DC76E8AE6] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\63971D81-CD75-467D-BCB9-3CFB46E496D7
2024-02-18 13:43 - 2024-02-19 14:01 - 000002400 ____A [F57D163C3F4912385FE8F204F53995DA] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\8D85791B-1198-419A-8CDB-0A99006E28B3
2024-02-19 20:24 - 2024-02-21 00:22 - 000006784 ____A [32A27DFAD9CAA9F1355CBB902E1DD1D5] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\FCAB6EB7-6D1A-4931-9DB3-3F73D8DA6156
2024-02-18 12:42 - 2024-02-18 12:42 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\12
2024-02-18 12:42 - 2024-02-19 13:01 - 000002400 ____A [92EB3B6CFFDD76E2FD5F0E3A237B7BAA] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\12\28AA50B2-ACD0-4103-BD6C-F5343B9C7F11
2024-02-18 12:42 - 2024-02-18 14:35 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\13
2024-02-18 14:35 - 2024-02-19 15:03 - 000002400 ____A [8265840D88E21A5494BF0E5EFBD8965E] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\13\0A44F5D5-D57E-44D3-AC62-9D306F2DDE0E
2024-02-18 12:42 - 2024-02-19 13:01 - 000002400 ____A [B1A049750A7A7D40765F30791BE16FF7] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\13\7B9EAD3E-2233-4CBE-ACDA-CF1E964B4058
2024-02-18 12:41 - 2024-02-20 13:41 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\14
2024-02-18 12:41 - 2024-02-19 13:01 - 000003872 ____A [1998B18AF0E550DFBDE4F5289CA8B1B6] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\14\240CC862-0440-4CFF-931F-F02827E0C52F
2024-02-20 13:41 - 2024-02-20 13:41 - 000108304 ____A [7DC9DF306A776E0362D023AB251D7DE1] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\14\7BA422C8-245F-457B-8626-6D68E698C36A
2024-02-18 18:31 - 2024-02-19 18:35 - 000015648 ____A [6BA6C0B7AEC29A47CC0DB79684051B5D] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\14\889D6D11-9284-4478-A34A-C010115B8435
2024-02-18 14:32 - 2024-02-19 15:03 - 000002400 ____A [C07C97983D157EB7D5E481C1805516CD] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\14\E07D5B87-2450-492C-8798-9074698DE7E3
2024-02-18 12:42 - 2024-02-19 21:43 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15
2024-02-19 20:44 - 2024-02-21 00:22 - 000006784 ____A [89E0055D624C5ADEEEED090F40FFFDA7] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\10AA97DE-D619-4CB4-98D0-B897482DF9BD
2024-02-18 14:33 - 2024-02-19 15:03 - 000002400 ____A [2B381BB210A72DCBF7560C678FE484DE] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\218E2A9C-ADF8-44DB-8B85-2072C5764C2C
2024-02-18 14:35 - 2024-02-18 14:35 - 000002360 ____A [73E8FF15A4E70BC69B9501EFC6A9D9B3] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\22D796C3-75E5-4F00-BD5F-DC6540448876
2024-02-19 21:43 - 2024-02-21 00:22 - 000006784 ____A [67817122AEE55DA12E5D0474F4067D98] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\22F660BA-1EE2-4FAC-B39C-1DD5901DEFB7
2024-02-18 12:42 - 2024-02-19 13:01 - 000006808 ____A [AF45144D52BD01545E22B92321C33400] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\7C3C7A6C-784F-41E7-B46F-9331478F9B93
2024-02-18 12:45 - 2024-02-19 13:01 - 000002400 ____A [46B2ADE443C83EDFFBD07043074B7E9F] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\A0FFFFBB-08A0-45A0-BF89-20D294CF146C
2024-02-18 14:35 - 2024-02-19 15:03 - 000002400 ____A [B2A62B6EDDC3D5BE35F977589036568E] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\A2321AAA-3188-4B28-82EC-DA6D402D0C8F
2024-02-18 18:27 - 2024-02-19 18:27 - 000006816 ____A [5775456E6F90EC701BB60061E52FC96F] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\B8B4A18A-97C2-4569-A2B0-86F63A842C0E
2024-02-19 18:59 - 2024-02-21 00:22 - 000006784 ____A [D54055932DD0B7469D128ECF832D618F] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\F087D243-A092-4A7E-AB7C-1CD84A1BD6A5
2024-02-18 14:35 - 2024-02-26 12:46 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16
2024-02-18 14:35 - 2024-02-19 15:03 - 000003872 ____A [96FFF397248C271813A1405031419D15] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16\5635FAE5-C201-4EDC-9E45-9A2934D53C83
2024-02-26 12:46 - 2024-02-26 12:46 - 000108344 ____A [9C5472C783906413CFBC27A4E67DA28B] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16\61C556E3-16B7-4C54-89B5-22CBB7BC08DF
2024-02-20 14:40 - 2024-02-25 15:34 - 000108344 ____A [D7FFADFC32E29AC3FB16924D1C77092E] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16\A3A14702-6785-49B2-88F1-6D48A28C4C6E
2024-02-20 15:15 - 2024-02-25 15:34 - 000008256 ____A [EBB0275C56F534FE4931A36232B5ACFF] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16\B1B09F1C-F3D1-44CE-A9A2-AA4AF144DB5E
2024-02-19 18:59 - 2024-02-21 00:22 - 000103928 ____A [2E99357DCD32CFE90F98E137B076EE2B] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16\DC649A37-7729-4D0B-B11C-E6C37634E0D0
2024-02-18 11:46 - 2024-02-20 12:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\17
2024-02-19 20:24 - 2024-02-19 20:24 - 000003800 ____A [F3D99D4AE6853F7F33BBB3CFDB07C8AC] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\17\19D774AC-2CCD-4949-907B-9E5990151EF9
2024-02-20 11:01 - 2024-02-21 11:27 - 000006784 ____A [72199776A4F59DFDB0062F91DB447A15] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\17\2346C56E-6591-4B54-A2CD-14BF6A10E72D
2024-02-20 12:44 - 2024-02-21 12:50 - 000108344 ____A [531CCF03F528A4CE42BF63CC3400E079] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\17\44E8F266-EB5E-42C6-AC2C-981EBCF9443E
2024-02-18 11:46 - 2024-02-19 12:01 - 000002400 ____A [3480DEC19723B84BD622C1EEE367C70F] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\17\E195CA70-2BA8-4D48-8500-0920CF5BB1D8
2024-02-18 10:39 - 2024-02-18 10:39 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\18
2024-02-18 10:39 - 2024-02-19 11:01 - 000002400 ____A [9D6925F8E61A6E4E60EC9C86DBB69A38] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\18\72E37C91-50A7-4ABC-A6E9-824A7307D7E1
2024-02-18 14:32 - 2024-02-26 15:06 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19
2024-02-20 14:40 - 2024-02-25 15:34 - 000008256 ____A [7C679B28B15E670561D6970FAA8CD86A] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\0322EDA7-BED4-4CAB-99FF-C087720AC7B0
2024-02-20 15:15 - 2024-02-25 15:34 - 000108344 ____A [2F7BF224F5796BAE669E722FEE0AB997] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\06A990B0-C3E9-439E-A614-6ABC13659C44
2024-02-18 14:32 - 2024-02-19 15:03 - 000003872 ____A [FB62C2E18DDC48940E548BA713632546] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\2E73BCE7-2246-437E-850D-1B2AE165926D
2024-02-20 18:18 - 2024-02-25 15:34 - 000108344 ____A [66580B8CAA0C51AE2DC1D988D48FD257] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\5FAC96FE-2AE2-4F5C-A1CF-B77F28A2F04B
2024-02-20 11:01 - 2024-02-21 11:27 - 000108344 ____A [BD25A91D7FFDDEBBA55C6DA804E24B40] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\64272F82-0873-4C8F-8F18-428573E6A159
2024-02-20 18:18 - 2024-02-25 15:34 - 000008256 ____A [D53B165E8894CB61CBA047EEF5CDF9CE] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\8E43E3BD-1094-48FD-90DC-D0DD191B1129
2024-02-26 15:06 - 2024-02-26 15:07 - 000108344 ____A [6AB6BA9D57F064DC77295EDCCC32D714] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\C0403A41-F87E-4E1C-A77E-591739EF7666
2024-02-19 20:24 - 2024-02-21 00:22 - 000033272 ____A [DA6AF6C37C6A776C7EBF39B01FC8C379] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\FD9D98E3-70EE-4AB1-84B0-0F1030B4E881
2024-02-18 12:42 - 2024-02-26 15:06 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\20
2024-02-18 12:42 - 2024-02-19 13:01 - 000002400 ____A [0203AEDBDD04BD84FE07547B73F8F423] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\20\B92B57DE-3842-49BE-AF23-9B485896F7CE
2024-02-26 15:06 - 2024-02-26 15:07 - 000008256 ____A [9A3233C9D3B60DAC3ABFCFD2169A8C94] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\20\F2EFD63E-0253-4A44-891B-BC4C4DBD5F91
2024-02-18 18:27 - 2024-02-18 18:27 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\21
2024-02-18 18:27 - 2024-02-19 18:28 - 000020064 ____A [3F525326577E21C49A0DCD6A944BEEB3] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\21\2167A3E2-7832-4393-8E58-8BBD7117C1AD
2024-02-18 18:31 - 2024-02-18 18:31 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\22
2024-02-18 18:31 - 2024-02-19 18:35 - 000002400 ____A [F31331887FC8EAF3E434FA751A895EE4] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\22\AA5FDCDC-D491-4FF2-B527-BC039A5F1DBF

====== End of Folder: ======

========= Get-MpThreatDetection =========

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {AA5FDCDC-D491-4FF2-B527-BC039A5F1DBF}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 6:31:44 PM
LastThreatStatusChangeTime     : 2/18/2024 6:31:50 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 6:31:50 PM
Resources                      : {file:_C:\Windows\Temp\PF600A.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {2167A3E2-7832-4393-8E58-8BBD7117C1AD}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 6:27:59 PM
LastThreatStatusChangeTime     : 2/18/2024 6:28:30 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 6:28:30 PM
Resources                      : {file:_C:\Windows\Temp\PF1444.pdf, file:_C:\Windows\Temp\PF18F8.pdf,
                                 file:_C:\Windows\Temp\PF1E.pdf, file:_C:\Windows\Temp\PF1E58.pdf...}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {B92B57DE-3842-49BE-AF23-9B485896F7CE}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 12:42:17 PM
LastThreatStatusChangeTime     : 2/18/2024 12:42:24 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 12:42:24 PM
Resources                      : {file:_C:\Windows\Temp\PF72E2.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {F2EFD63E-0253-4A44-891B-BC4C4DBD5F91}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/20/2024 1:41:15 PM
LastThreatStatusChangeTime     : 2/26/2024 3:07:00 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/26/2024 3:07:00 PM
Resources                      : {file:_C:\Windows\Temp\PF4592.pdf, file:_C:\Windows\Temp\PF46EE.pdf,
                                 file:_C:\Windows\Temp\PF4891.pdf, file:_C:\Windows\Temp\PFC4A5.pdf...}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {0322EDA7-BED4-4CAB-99FF-C087720AC7B0}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/20/2024 1:41:15 PM
LastThreatStatusChangeTime     : 2/20/2024 2:40:18 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/20/2024 2:40:18 PM
Resources                      : {file:_C:\Windows\Temp\PF4592.pdf, file:_C:\Windows\Temp\PF46EE.pdf,
                                 file:_C:\Windows\Temp\PF4891.pdf, file:_C:\Windows\Temp\PFC4A5.pdf...}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {06A990B0-C3E9-439E-A614-6ABC13659C44}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:31:03 PM
LastThreatStatusChangeTime     : 2/20/2024 3:15:32 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/20/2024 3:15:32 PM
Resources                      : {file:_C:\Windows\Temp\PF14F4.pdf, file:_C:\Windows\Temp\PF150D.pdf,
                                 file:_C:\Windows\Temp\PF1ADB.pdf, file:_C:\Windows\Temp\PF2771.pdf...}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {2E73BCE7-2246-437E-850D-1B2AE165926D}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 2:32:29 PM
LastThreatStatusChangeTime     : 2/18/2024 2:32:38 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 2:32:38 PM
Resources                      : {file:_C:\Windows\Temp\PF5705.pdf, file:_C:\Windows\Temp\PF5E6A.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {5FAC96FE-2AE2-4F5C-A1CF-B77F28A2F04B}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:31:03 PM
LastThreatStatusChangeTime     : 2/20/2024 6:18:22 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/20/2024 6:18:22 PM
Resources                      : {file:_C:\Windows\Temp\PF14F4.pdf, file:_C:\Windows\Temp\PF150D.pdf,
                                 file:_C:\Windows\Temp\PF1ADB.pdf, file:_C:\Windows\Temp\PF2771.pdf...}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {64272F82-0873-4C8F-8F18-428573E6A159}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:31:03 PM
LastThreatStatusChangeTime     : 2/20/2024 11:01:56 AM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/20/2024 11:01:56 AM
Resources                      : {file:_C:\Windows\Temp\PF14F4.pdf, file:_C:\Windows\Temp\PF150D.pdf,
                                 file:_C:\Windows\Temp\PF1ADB.pdf, file:_C:\Windows\Temp\PF2771.pdf...}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {8E43E3BD-1094-48FD-90DC-D0DD191B1129}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/20/2024 1:41:15 PM
LastThreatStatusChangeTime     : 2/20/2024 6:18:22 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/20/2024 6:18:22 PM
Resources                      : {file:_C:\Windows\Temp\PF4592.pdf, file:_C:\Windows\Temp\PF46EE.pdf,
                                 file:_C:\Windows\Temp\PF4891.pdf, file:_C:\Windows\Temp\PFC4A5.pdf...}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {C0403A41-F87E-4E1C-A77E-591739EF7666}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:31:03 PM
LastThreatStatusChangeTime     : 2/26/2024 3:07:00 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/26/2024 3:07:00 PM
Resources                      : {file:_C:\Windows\Temp\PF14F4.pdf, file:_C:\Windows\Temp\PF150D.pdf,
                                 file:_C:\Windows\Temp\PF1ADB.pdf, file:_C:\Windows\Temp\PF2771.pdf...}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {FD9D98E3-70EE-4AB1-84B0-0F1030B4E881}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 2:35:48 PM
LastThreatStatusChangeTime     : 2/19/2024 8:24:16 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/19/2024 8:24:16 PM
Resources                      : {file:_C:\Windows\Temp\PF150D.pdf, file:_C:\Windows\Temp\PF3E9.pdf,
                                 file:_C:\Windows\Temp\PF6079.pdf, file:_C:\Windows\Temp\PF60C.pdf...}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {72E37C91-50A7-4ABC-A6E9-824A7307D7E1}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 10:39:20 AM
LastThreatStatusChangeTime     : 2/18/2024 10:39:26 AM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 10:39:26 AM
Resources                      : {file:_C:\Windows\Temp\PFC56D.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 9
CurrentThreatExecutionStatusID : 1
DetectionID                    : {19D774AC-2CCD-4949-907B-9E5990151EF9}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:31:03 PM
LastThreatStatusChangeTime     : 2/18/2024 6:31:03 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                :
Resources                      : {file:_C:\Windows\Temp\PFBE26.pdf, file:_C:\Windows\Temp\PFC03A.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 1
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {2346C56E-6591-4B54-A2CD-14BF6A10E72D}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:30:32 PM
LastThreatStatusChangeTime     : 2/20/2024 11:01:56 AM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/20/2024 11:01:56 AM
Resources                      : {file:_C:\Windows\Temp\PF4592.pdf, file:_C:\Windows\Temp\PF46EE.pdf,
                                 file:_C:\Windows\Temp\PF4891.pdf, file:_C:\Windows\Temp\PFE427.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {44E8F266-EB5E-42C6-AC2C-981EBCF9443E}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:31:03 PM
LastThreatStatusChangeTime     : 2/20/2024 12:44:38 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/20/2024 12:44:38 PM
Resources                      : {file:_C:\Windows\Temp\PF14F4.pdf, file:_C:\Windows\Temp\PF150D.pdf,
                                 file:_C:\Windows\Temp\PF1ADB.pdf, file:_C:\Windows\Temp\PF2771.pdf...}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {E195CA70-2BA8-4D48-8500-0920CF5BB1D8}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 11:46:02 AM
LastThreatStatusChangeTime     : 2/18/2024 11:46:09 AM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 11:46:09 AM
Resources                      : {file:_C:\Windows\Temp\PFD939.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {5635FAE5-C201-4EDC-9E45-9A2934D53C83}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 2:35:41 PM
LastThreatStatusChangeTime     : 2/18/2024 2:35:49 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 2:35:49 PM
Resources                      : {file:_C:\Windows\Temp\PF3D5B.pdf, file:_C:\Windows\Temp\PF4A2D.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {61C556E3-16B7-4C54-89B5-22CBB7BC08DF}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:31:03 PM
LastThreatStatusChangeTime     : 2/26/2024 12:46:27 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/26/2024 12:46:27 PM
Resources                      : {file:_C:\Windows\Temp\PF14F4.pdf, file:_C:\Windows\Temp\PF150D.pdf,
                                 file:_C:\Windows\Temp\PF1ADB.pdf, file:_C:\Windows\Temp\PF2771.pdf...}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {A3A14702-6785-49B2-88F1-6D48A28C4C6E}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:31:03 PM
LastThreatStatusChangeTime     : 2/20/2024 2:40:18 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/20/2024 2:40:18 PM
Resources                      : {file:_C:\Windows\Temp\PF14F4.pdf, file:_C:\Windows\Temp\PF150D.pdf,
                                 file:_C:\Windows\Temp\PF1ADB.pdf, file:_C:\Windows\Temp\PF2771.pdf...}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {B1B09F1C-F3D1-44CE-A9A2-AA4AF144DB5E}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/20/2024 1:41:15 PM
LastThreatStatusChangeTime     : 2/20/2024 3:15:32 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/20/2024 3:15:32 PM
Resources                      : {file:_C:\Windows\Temp\PF4592.pdf, file:_C:\Windows\Temp\PF46EE.pdf,
                                 file:_C:\Windows\Temp\PF4891.pdf, file:_C:\Windows\Temp\PFC4A5.pdf...}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {DC649A37-7729-4D0B-B11C-E6C37634E0D0}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 2:35:48 PM
LastThreatStatusChangeTime     : 2/19/2024 6:59:19 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/19/2024 6:59:19 PM
Resources                      : {file:_C:\Windows\Temp\PF14F4.pdf, file:_C:\Windows\Temp\PF150D.pdf,
                                 file:_C:\Windows\Temp\PF1ADB.pdf, file:_C:\Windows\Temp\PF2771.pdf...}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {10AA97DE-D619-4CB4-98D0-B897482DF9BD}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:30:32 PM
LastThreatStatusChangeTime     : 2/19/2024 8:44:47 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/19/2024 8:44:47 PM
Resources                      : {file:_C:\Windows\Temp\PF4592.pdf, file:_C:\Windows\Temp\PF46EE.pdf,
                                 file:_C:\Windows\Temp\PF4891.pdf, file:_C:\Windows\Temp\PFE427.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {218E2A9C-ADF8-44DB-8B85-2072C5764C2C}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 2:33:04 PM
LastThreatStatusChangeTime     : 2/18/2024 2:33:10 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 2:33:10 PM
Resources                      : {file:_C:\Windows\Temp\PFDFAD.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 9
CurrentThreatExecutionStatusID : 1
DetectionID                    : {22D796C3-75E5-4F00-BD5F-DC6540448876}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 2:35:48 PM
LastThreatStatusChangeTime     : 2/18/2024 2:35:48 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                :
Resources                      : {file:_C:\Windows\Temp\PF6079.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 1
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {22F660BA-1EE2-4FAC-B39C-1DD5901DEFB7}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:30:32 PM
LastThreatStatusChangeTime     : 2/19/2024 9:43:20 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/19/2024 9:43:20 PM
Resources                      : {file:_C:\Windows\Temp\PF4592.pdf, file:_C:\Windows\Temp\PF46EE.pdf,
                                 file:_C:\Windows\Temp\PF4891.pdf, file:_C:\Windows\Temp\PFE427.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {7C3C7A6C-784F-41E7-B46F-9331478F9B93}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 12:42:49 PM
LastThreatStatusChangeTime     : 2/18/2024 12:43:09 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 12:43:09 PM
Resources                      : {file:_C:\Windows\Temp\PF150D.pdf, file:_C:\Windows\Temp\PF8.pdf,
                                 file:_C:\Windows\Temp\PFD1B.pdf, file:_C:\Windows\Temp\PFF007.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {A0FFFFBB-08A0-45A0-BF89-20D294CF146C}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 12:45:04 PM
LastThreatStatusChangeTime     : 2/18/2024 12:45:11 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 12:45:11 PM
Resources                      : {file:_C:\Windows\Temp\PFF94F.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {A2321AAA-3188-4B28-82EC-DA6D402D0C8F}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 2:35:11 PM
LastThreatStatusChangeTime     : 2/18/2024 2:35:17 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 2:35:17 PM
Resources                      : {file:_C:\Windows\Temp\PFCD6A.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {B8B4A18A-97C2-4569-A2B0-86F63A842C0E}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 6:27:43 PM
LastThreatStatusChangeTime     : 2/18/2024 6:27:57 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 6:27:57 PM
Resources                      : {file:_C:\Windows\Temp\PFB26A.pdf, file:_C:\Windows\Temp\PFBBA3.pdf,
                                 file:_C:\Windows\Temp\PFC057.pdf, file:_C:\Windows\Temp\PFCE44.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {F087D243-A092-4A7E-AB7C-1CD84A1BD6A5}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:30:32 PM
LastThreatStatusChangeTime     : 2/19/2024 6:59:19 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/19/2024 6:59:19 PM
Resources                      : {file:_C:\Windows\Temp\PF4592.pdf, file:_C:\Windows\Temp\PF46EE.pdf,
                                 file:_C:\Windows\Temp\PF4891.pdf, file:_C:\Windows\Temp\PFE427.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {240CC862-0440-4CFF-931F-F02827E0C52F}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 12:41:31 PM
LastThreatStatusChangeTime     : 2/18/2024 12:41:41 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 12:41:41 PM
Resources                      : {file:_C:\Windows\Temp\PFBA24.pdf, file:_C:\Windows\Temp\PFC7A3.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 9
CurrentThreatExecutionStatusID : 1
DetectionID                    : {7BA422C8-245F-457B-8626-6D68E698C36A}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:31:03 PM
LastThreatStatusChangeTime     : 2/20/2024 1:41:15 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                :
Resources                      : {file:_C:\Windows\Temp\PF14F4.pdf, file:_C:\Windows\Temp\PF150D.pdf,
                                 file:_C:\Windows\Temp\PF1ADB.pdf, file:_C:\Windows\Temp\PF2771.pdf...}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 1
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {889D6D11-9284-4478-A34A-C010115B8435}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 6:31:07 PM
LastThreatStatusChangeTime     : 2/18/2024 6:31:28 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 6:31:28 PM
Resources                      : {file:_C:\Windows\Temp\PF3E9.pdf, file:_C:\Windows\Temp\PF60C.pdf,
                                 file:_C:\Windows\Temp\PFCF4F.pdf, file:_C:\Windows\Temp\PFD461.pdf...}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {E07D5B87-2450-492C-8798-9074698DE7E3}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 2:32:45 PM
LastThreatStatusChangeTime     : 2/18/2024 2:32:51 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 2:32:51 PM
Resources                      : {file:_C:\Windows\Temp\PF945A.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {0A44F5D5-D57E-44D3-AC62-9D306F2DDE0E}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 2:35:58 PM
LastThreatStatusChangeTime     : 2/18/2024 2:36:04 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 2:36:04 PM
Resources                      : {file:_C:\Windows\Temp\PF8679.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {7B9EAD3E-2233-4CBE-ACDA-CF1E964B4058}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 12:42:48 PM
LastThreatStatusChangeTime     : 2/18/2024 12:42:55 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 12:42:55 PM
Resources                      : {file:_C:\Windows\Temp\PFED76.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {28AA50B2-ACD0-4103-BD6C-F5343B9C7F11}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 12:42:07 PM
LastThreatStatusChangeTime     : 2/18/2024 12:42:14 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 12:42:14 PM
Resources                      : {file:_C:\Windows\Temp\PF4A13.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {09B158F2-543A-4D06-89C6-E98060E3186D}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 2:35:11 PM
LastThreatStatusChangeTime     : 2/18/2024 2:35:18 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 2:35:18 PM
Resources                      : {file:_C:\Windows\Temp\PFCFEC.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {17013DD6-AC6A-47B5-86CF-AD8679A92BF1}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 1:45:13 PM
LastThreatStatusChangeTime     : 2/18/2024 1:45:20 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 1:45:20 PM
Resources                      : {file:_C:\Windows\Temp\PFBA1.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {63971D81-CD75-467D-BCB9-3CFB46E496D7}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/20/2024 1:41:15 PM
LastThreatStatusChangeTime     : 2/20/2024 3:25:32 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/20/2024 3:25:32 PM
Resources                      : {file:_C:\Windows\Temp\PF4592.pdf, file:_C:\Windows\Temp\PF46EE.pdf,
                                 file:_C:\Windows\Temp\PF4891.pdf, file:_C:\Windows\Temp\PFC4A5.pdf...}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {8D85791B-1198-419A-8CDB-0A99006E28B3}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 1:43:16 PM
LastThreatStatusChangeTime     : 2/18/2024 1:43:23 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 1:43:23 PM
Resources                      : {file:_C:\Windows\Temp\PF4824.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {FCAB6EB7-6D1A-4931-9DB3-3F73D8DA6156}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:30:32 PM
LastThreatStatusChangeTime     : 2/19/2024 8:24:16 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/19/2024 8:24:16 PM
Resources                      : {file:_C:\Windows\Temp\PF4592.pdf, file:_C:\Windows\Temp\PF46EE.pdf,
                                 file:_C:\Windows\Temp\PF4891.pdf, file:_C:\Windows\Temp\PFE427.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {0C5404B8-ECF9-4EE5-AA85-23E16586EF67}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 12:42:56 PM
LastThreatStatusChangeTime     : 2/18/2024 12:43:03 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 12:43:03 PM
Resources                      : {file:_C:\Windows\Temp\PFA8A.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {7B6A300C-28F7-4859-848C-576A0DACE409}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 12:41:55 PM
LastThreatStatusChangeTime     : 2/18/2024 12:42:26 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 12:42:26 PM
Resources                      : {file:_C:\Windows\Temp\PF1ADB.pdf, file:_C:\Windows\Temp\PF2771.pdf,
                                 file:_C:\Windows\Temp\PF3270.pdf, file:_C:\Windows\Temp\PF3ACF.pdf...}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {7BF94CE5-3856-4162-83B0-72BE27DD84B0}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 11:37:17 AM
LastThreatStatusChangeTime     : 2/18/2024 11:37:24 AM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 11:37:24 AM
Resources                      : {file:_C:\Windows\Temp\PFD938.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {7DD7E251-4FE1-4F92-B3B4-4CAC022747E5}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 6:30:26 PM
LastThreatStatusChangeTime     : 2/18/2024 6:30:32 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 6:30:32 PM
Resources                      : {file:_C:\Windows\Temp\PF2F3A.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 9
CurrentThreatExecutionStatusID : 1
DetectionID                    : {AEB8BEE3-B1EE-46C6-9531-CB35A756E6AF}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:31:03 PM
LastThreatStatusChangeTime     : 2/18/2024 6:31:03 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                :
Resources                      : {file:_C:\Windows\Temp\PFBE26.pdf, file:_C:\Windows\Temp\PFC03A.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 1
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {27984321-6B4F-4DA7-8437-B0430BD41E8B}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:31:03 PM
LastThreatStatusChangeTime     : 2/19/2024 8:44:47 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/19/2024 8:44:47 PM
Resources                      : {file:_C:\Windows\Temp\PF14F4.pdf, file:_C:\Windows\Temp\PF150D.pdf,
                                 file:_C:\Windows\Temp\PF1ADB.pdf, file:_C:\Windows\Temp\PF2771.pdf...}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {8923FF7B-4878-4DE5-9C49-81AC372CB1D0}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 12:42:00 PM
LastThreatStatusChangeTime     : 2/18/2024 12:42:07 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 12:42:07 PM
Resources                      : {file:_C:\Windows\Temp\PF2FDF.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {AF846D2E-B6BA-4208-BBFB-B92A99532A57}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 6:27:57 PM
LastThreatStatusChangeTime     : 2/18/2024 6:28:06 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 6:28:06 PM
Resources                      : {file:_C:\Windows\Temp\PFEA0E.pdf, file:_C:\Windows\Temp\PFF5BB.pdf}
ThreatID                       : 2147763059
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {CA02B8B5-4532-42E1-9122-95FEA8F22FCA}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 2:36:35 PM
LastThreatStatusChangeTime     : 2/18/2024 2:36:41 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 2:36:41 PM
Resources                      : {file:_C:\Windows\Temp\PF14F4.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {CA9A60EA-E034-4801-83AE-5777B092DD48}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 10:39:21 AM
LastThreatStatusChangeTime     : 2/18/2024 10:39:28 AM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 10:39:28 AM
Resources                      : {file:_C:\Windows\Temp\PFCFAF.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {0168BA18-4D4E-4ACB-8832-8D9F2421696D}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/20/2024 1:41:15 PM
LastThreatStatusChangeTime     : 2/26/2024 12:46:27 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/26/2024 12:46:27 PM
Resources                      : {file:_C:\Windows\Temp\PF4592.pdf, file:_C:\Windows\Temp\PF46EE.pdf,
                                 file:_C:\Windows\Temp\PF4891.pdf, file:_C:\Windows\Temp\PFC4A5.pdf...}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {787BE465-1E5A-4932-8F2F-4BECE50C08EE}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:30:32 PM
LastThreatStatusChangeTime     : 2/20/2024 12:44:39 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/20/2024 12:44:39 PM
Resources                      : {file:_C:\Windows\Temp\PF4592.pdf, file:_C:\Windows\Temp\PF46EE.pdf,
                                 file:_C:\Windows\Temp\PF4891.pdf, file:_C:\Windows\Temp\PFE427.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {2095979F-C188-465C-85A4-A2EEF414E678}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 2:32:22 PM
LastThreatStatusChangeTime     : 2/18/2024 2:32:28 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 2:32:28 PM
Resources                      : {file:_C:\Windows\Temp\PF3CD4.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {705DC510-FB9A-4E19-B99D-9FF106042EB9}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 6:28:01 PM
LastThreatStatusChangeTime     : 2/18/2024 6:28:08 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 6:28:08 PM
Resources                      : {file:_C:\Windows\Temp\PFFBF6.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {9F50E5F3-1487-47D3-A7E7-85382DE8186B}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 11:45:45 AM
LastThreatStatusChangeTime     : 2/18/2024 11:45:52 AM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 11:45:52 AM
Resources                      : {file:_C:\Windows\Temp\PF9BCD.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {AB03C979-2A02-4F10-8A68-2F48C96B6A34}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 11:45:44 AM
LastThreatStatusChangeTime     : 2/18/2024 11:45:50 AM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 11:45:50 AM
Resources                      : {file:_C:\Windows\Temp\PF8B23.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {DA396ED2-0710-473C-AC20-677450AC5068}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 1:43:14 PM
LastThreatStatusChangeTime     : 2/18/2024 1:43:26 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 1:43:26 PM
Resources                      : {file:_C:\Windows\Temp\PF3FE4.pdf, file:_C:\Windows\Temp\PF4AA5.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 9
CurrentThreatExecutionStatusID : 1
DetectionID                    : {4E4472EB-4AD0-44F3-9C34-DCC3085B9B78}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:30:32 PM
LastThreatStatusChangeTime     : 2/20/2024 1:41:15 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                :
Resources                      : {file:_C:\Windows\Temp\PF4592.pdf, file:_C:\Windows\Temp\PF46EE.pdf,
                                 file:_C:\Windows\Temp\PF4891.pdf, file:_C:\Windows\Temp\PFE427.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 1
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {619EA068-3DC1-45DF-928E-292C176A15A9}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 2:32:43 PM
LastThreatStatusChangeTime     : 2/18/2024 2:33:13 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 2:33:13 PM
Resources                      : {file:_C:\Windows\Temp\PF8A93.pdf, file:_C:\Windows\Temp\PF9862.pdf,
                                 file:_C:\Windows\Temp\PFAB9E.pdf, file:_C:\Windows\Temp\PFB0B0.pdf...}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {661E4FD9-CBCD-4FA8-8CE6-7BBF74625301}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 6:30:53 PM
LastThreatStatusChangeTime     : 2/18/2024 6:31:04 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 6:31:04 PM
Resources                      : {file:_C:\Windows\Temp\PF922B.pdf, file:_C:\Windows\Temp\PFA5D5.pdf,
                                 file:_C:\Windows\Temp\PFA8C4.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {66734316-77A6-4701-A87C-2B2647A6E2A0}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:31:03 PM
LastThreatStatusChangeTime     : 2/20/2024 3:25:31 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/20/2024 3:25:31 PM
Resources                      : {file:_C:\Windows\Temp\PF14F4.pdf, file:_C:\Windows\Temp\PF150D.pdf,
                                 file:_C:\Windows\Temp\PF1ADB.pdf, file:_C:\Windows\Temp\PF2771.pdf...}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {A0D34A26-D7D7-4614-B286-536E502DAF8E}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 6:30:26 PM
LastThreatStatusChangeTime     : 2/18/2024 6:30:36 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 6:30:36 PM
Resources                      : {file:_C:\Windows\Temp\PF31CC.pdf, file:_C:\Windows\Temp\PF3A98.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {D1A19F8E-AAAD-4A4A-95B6-3105F3E14054}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 12:41:33 PM
LastThreatStatusChangeTime     : 2/18/2024 12:41:39 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 12:41:39 PM
Resources                      : {file:_C:\Windows\Temp\PFC4A5.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 9
CurrentThreatExecutionStatusID : 1
DetectionID                    : {48AE6C47-8D2A-4974-BC51-91C80A2A07D7}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 6:30:32 PM
LastThreatStatusChangeTime     : 2/18/2024 6:30:32 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                :
Resources                      : {file:_C:\Windows\Temp\PF46EE.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 1
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {55F9DC82-F73C-413C-8DC5-386D98D6A8D0}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 12:42:29 PM
LastThreatStatusChangeTime     : 2/18/2024 12:42:35 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 12:42:35 PM
Resources                      : {file:_C:\Windows\Temp\PF98FB.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {FE41773B-4573-43B8-B51F-13AE05A460D6}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:31:03 PM
LastThreatStatusChangeTime     : 2/19/2024 9:43:20 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/19/2024 9:43:20 PM
Resources                      : {file:_C:\Windows\Temp\PF14F4.pdf, file:_C:\Windows\Temp\PF150D.pdf,
                                 file:_C:\Windows\Temp\PF1ADB.pdf, file:_C:\Windows\Temp\PF2771.pdf...}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {0FFD7B17-8F57-4205-BE70-83CB6513970F}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:31:03 PM
LastThreatStatusChangeTime     : 2/20/2024 11:54:46 AM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/20/2024 11:54:46 AM
Resources                      : {file:_C:\Windows\Temp\PF14F4.pdf, file:_C:\Windows\Temp\PF150D.pdf,
                                 file:_C:\Windows\Temp\PF1ADB.pdf, file:_C:\Windows\Temp\PF2771.pdf...}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {612B4987-A487-4629-91F2-87044198CA30}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 6:28:21 PM
LastThreatStatusChangeTime     : 2/18/2024 6:28:28 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 6:28:28 PM
Resources                      : {file:_C:\Windows\Temp\PF4592.pdf, file:_C:\Windows\Temp\PF4891.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {8BC127E9-820D-4324-8515-A7CFC9BB75E0}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 2:32:40 PM
LastThreatStatusChangeTime     : 2/18/2024 2:32:50 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 2:32:50 PM
Resources                      : {file:_C:\Windows\Temp\PF7FC2.pdf, file:_C:\Windows\Temp\PF8E3D.pdf}
ThreatID                       : 2147763059
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {585465EC-D86C-4C2D-9726-79160A2B9983}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/20/2024 1:41:15 PM
LastThreatStatusChangeTime     : 2/26/2024 3:11:46 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/26/2024 3:11:46 PM
Resources                      : {file:_C:\Windows\Temp\PF4592.pdf, file:_C:\Windows\Temp\PF46EE.pdf,
                                 file:_C:\Windows\Temp\PF4891.pdf, file:_C:\Windows\Temp\PFC4A5.pdf...}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {0F2469C8-A0F7-4113-B2D5-54AC8327F83D}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 11:46:03 AM
LastThreatStatusChangeTime     : 2/18/2024 11:46:11 AM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 11:46:11 AM
Resources                      : {file:_C:\Windows\Temp\PFE427.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {3FB1222C-D66A-462B-9C79-BFDA7205F09A}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 2:35:49 PM
LastThreatStatusChangeTime     : 2/18/2024 2:36:22 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 2:36:22 PM
Resources                      : {file:_C:\Windows\Temp\PF628E.pdf, file:_C:\Windows\Temp\PF6D7C.pdf,
                                 file:_C:\Windows\Temp\PF7BB8.pdf, file:_C:\Windows\Temp\PF890A.pdf...}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {81CEF074-05C0-4C02-B743-39D01F6E5CBC}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:31:03 PM
LastThreatStatusChangeTime     : 2/26/2024 3:11:45 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/26/2024 3:11:45 PM
Resources                      : {file:_C:\Windows\Temp\PF14F4.pdf, file:_C:\Windows\Temp\PF150D.pdf,
                                 file:_C:\Windows\Temp\PF1ADB.pdf, file:_C:\Windows\Temp\PF2771.pdf...}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 9
CurrentThreatExecutionStatusID : 1
DetectionID                    : {88848C46-D049-4F06-9F56-3139CCAD3E5C}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 6:31:02 PM
LastThreatStatusChangeTime     : 2/18/2024 6:31:03 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                :
Resources                      : {file:_C:\Windows\Temp\PFBE26.pdf, file:_C:\Windows\Temp\PFC03A.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 1
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.23110.3
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {AE02AAA3-145B-42C8-85A6-AFAF3EE3BB0D}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:30:32 PM
LastThreatStatusChangeTime     : 2/20/2024 11:54:47 AM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/20/2024 11:54:47 AM
Resources                      : {file:_C:\Windows\Temp\PF4592.pdf, file:_C:\Windows\Temp\PF46EE.pdf,
                                 file:_C:\Windows\Temp\PF4891.pdf, file:_C:\Windows\Temp\PFE427.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

========= End of Powershell: =========

==== End of Fixlog 10:51:57 ====

Back to top"> Back to top

#6 Oh My!

Adware and Spyware and Malware

Malware Response Instructor
57,028 posts
OFFLINE

Gender:Male
Location:California
Local time:07:58 PM

Posted 27 February 2024 - 10:12 PM

Thank you for all the information.

Please do this.

===================================================

Farbar Recovery Scan Tool Fix

--------------------

Right click on the FRST64 icon and select Run as administrator
Highlight the below information then hit the Ctrl + C keys at the same time and the text will be copied
There is no need to paste the information anywhere, FRST64 will do it for you

Start::
SystemRestore: On
CreateRestorePoint:
CloseProcesses:
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (No File) 
Task: {C77AB6C0-B0CC-48DB-9307-AAD139861E27} - System32\Tasks\MyDell.Updater => %ProgramFiles%\Dell\MyDell\Updater\MyDell.Updater.exe  (No File) 
CustomCLSID: HKU\S-1-5-21-883358396-3808688255-3020804061-1001_Classes\CLSID\{02f99b13-b4a2-e116-29df-b7441da8d960}\localserver32 -> "C:\Program Files\Dell\MyDell\Console\NGA.Systray.exe" -ToastActivated => No File 
CustomCLSID: HKU\S-1-5-21-883358396-3808688255-3020804061-1001_Classes\CLSID\{6da32e32-0686-8d4f-e799-79dc9f129f0f}\localserver32 -> "C:\Program Files\Dell\MyDell\Console\NGA.ThickClient.exe" -ToastActivated => No File 
FirewallRules: [{4B651BEF-61A0-4EBF-B956-1A1BDF5480F6}] => (Allow) C:\Users\jenfr\AppData\Roaming\Zoom\bin\airhost.exe => No File 
FirewallRules: [{372C52D4-17BB-4BE3-9BE1-DE541C9497FA}] => (Allow) C:\Users\jenfr\AppData\Roaming\Zoom\bin\airhost.exe => No File 
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (No File) 
Task: {C77AB6C0-B0CC-48DB-9307-AAD139861E27} - System32\Tasks\MyDell.Updater => %ProgramFiles%\Dell\MyDell\Updater\MyDell.Updater.exe  (No File) 
2024-02-11 20:07 - 2024-02-11 20:07 - 000000000 ____D C:\ProgramData\zeon
2024-02-11 20:07 - 2024-02-20 11:50 - 000000000 ____D C:\ProgramData\Nuance
2024-02-11 20:07 - 2024-02-20 11:48 - 000000000 ____D C:\ProgramData\ScanSoft
2024-02-11 20:07 - 2024-02-11 20:31 - 000000000 ____D C:\Users\jenfr\AppData\Local\Nuance
C:\Program Files (x86)\Nuance
C:\Windows\Temp
2024-02-20 13:24 - 2024-02-20 13:24 - 000000128 _____ C:\Users\jenfr\AppData\LocalLow\48efb6e00dfe354ed4139123e9b35089d2d86424274e14250c30b27cae920926
2024-02-20 13:24 - 2024-02-20 13:24 - 000000026 _____ C:\Users\jenfr\AppData\LocalLow\da7068dc0fa153cbfafb66cba6e437fe55284af4bd99acf3dea49367f07092b0
2024-02-20 12:00 - 2024-02-20 12:43 - 000025438 _____ C:\Users\Boss\AppData\LocalLow\1abc63b7c987f217521b29e18445c9b2a0b8a27bd4397fcda74dd662205af57f
2024-02-20 12:00 - 2024-02-20 12:00 - 000000026 _____ C:\Users\Boss\AppData\LocalLow\fd153706050abcf0886e001cfa6502f84dcec6faebb4c413e24263d44a873e5b
2024-02-20 11:58 - 2024-02-20 11:58 - 000144867 _____ C:\Users\Boss\AppData\LocalLow\eda39b108ad638a48a673331ae068f49baf340b2c89c11e017eca6260bfb2885
2024-02-20 11:58 - 2024-02-20 11:58 - 000000026 _____ C:\Users\Boss\AppData\LocalLow\7b5173d5fafc7ca7c2520d2a81837743e862da40c610545fd677456daf0b5c62
2024-02-20 11:57 - 2024-02-20 11:57 - 000011196 _____ C:\Users\Boss\AppData\LocalLow\5752342e1f6b5997da6bd26b4ee1e88066d4516920bf2256a193be7e50a78847
2024-02-20 11:57 - 2024-02-20 11:57 - 000000026 _____ C:\Users\Boss\AppData\LocalLow\283c655cd507333ccf40a7d3581da4ba21fa601ca8cc530b458d2a49ad7b4b8e
2024-02-20 11:03 - 2024-02-20 11:05 - 000000128 _____ C:\Users\jenfr\AppData\LocalLow\3e159baba4b2bab46a762f3691e863f7bb0f762734abbe34a54a265ba13a1676
2024-02-20 11:03 - 2024-02-20 11:03 - 000026462 _____ C:\Users\jenfr\AppData\LocalLow\5f4d94ed6a04f6b82b9d20d874086d16e1dc9a62e8fe9d5226147ebb3f6b63f9
2024-02-19 12:33 - 2024-02-26 14:47 - 000000128 _____ C:\Users\jenfr\AppData\LocalLow\69a789ecc2248ac851c5b7748341e0df97b19b51fc48632a1b8629e8974d6578
2024-02-19 12:33 - 2024-02-26 13:23 - 000031209 _____ C:\Users\jenfr\AppData\LocalLow\e2e71d94b4a2d1ac543c9730c8edeb3f9c24f3df239f5830d59588abcd2d97d3
2024-02-01 14:25 - 2024-02-09 17:07 - 000000128 _____ C:\Users\CBT_MKE\AppData\LocalLow\69a789ecc2248ac851c5b7748341e0df97b19b51fc48632a1b8629e8974d6578
2024-02-01 14:25 - 2024-02-09 17:04 - 000023390 _____ C:\Users\CBT_MKE\AppData\LocalLow\e2e71d94b4a2d1ac543c9730c8edeb3f9c24f3df239f5830d59588abcd2d97d3
2024-02-01 11:46 - 2024-02-01 11:46 - 000002260 _____ C:\Users\CBT_MKE\AppData\LocalLow\e7cc40f51e4c3980d50372beb28d8d931dd6df11132245b06d72bea14a9bee18
2024-01-27 11:14 - 2024-01-27 11:14 - 000002260 _____ C:\Users\jenfr\AppData\LocalLow\126014fef63f2dff36f1fc26cfb7c085ebf4ea9543a703cfe75d5e45d8607cb2
2024-02-26 15:12 - 2024-01-24 16:27 - 000025438 _____ C:\Users\jenfr\AppData\LocalLow\1abc63b7c987f217521b29e18445c9b2a0b8a27bd4397fcda74dd662205af57f
2024-02-26 15:11 - 2024-01-24 16:37 - 000016781 _____ C:\Users\CBT_MKE\AppData\LocalLow\1abc63b7c987f217521b29e18445c9b2a0b8a27bd4397fcda74dd662205af57f
2024-02-20 11:05 - 2024-01-24 16:29 - 000033164 _____ C:\Users\jenfr\AppData\LocalLow\30fe1ad87c7a915f35214d537895d60e85a488378022b8dff9a42476846a224e
2024-02-20 13:24 - 2024-02-20 13:24 - 000000026 _____ C:\Users\jenfr\AppData\LocalLow\da7068dc0fa153cbfafb66cba6e437fe55284af4bd99acf3dea49367f07092b0
2024-02-20 12:00 - 2024-02-20 12:43 - 000025438 _____ C:\Users\Boss\AppData\LocalLow\1abc63b7c987f217521b29e18445c9b2a0b8a27bd4397fcda74dd662205af57f
2024-02-20 12:00 - 2024-02-20 12:00 - 000000026 _____ C:\Users\Boss\AppData\LocalLow\fd153706050abcf0886e001cfa6502f84dcec6faebb4c413e24263d44a873e5b
2024-02-20 11:58 - 2024-02-20 11:58 - 000144867 _____ C:\Users\Boss\AppData\LocalLow\eda39b108ad638a48a673331ae068f49baf340b2c89c11e017eca6260bfb2885
2024-02-20 11:58 - 2024-02-20 11:58 - 000000026 _____ C:\Users\Boss\AppData\LocalLow\7b5173d5fafc7ca7c2520d2a81837743e862da40c610545fd677456daf0b5c62
2024-02-20 11:57 - 2024-02-20 11:57 - 000011196 _____ C:\Users\Boss\AppData\LocalLow\5752342e1f6b5997da6bd26b4ee1e88066d4516920bf2256a193be7e50a78847
2024-02-20 11:57 - 2024-02-20 11:57 - 000000026 _____ C:\Users\Boss\AppData\LocalLow\283c655cd507333ccf40a7d3581da4ba21fa601ca8cc530b458d2a49ad7b4b8e
2024-02-20 11:03 - 2024-02-20 11:05 - 000000128 _____ C:\Users\jenfr\AppData\LocalLow\3e159baba4b2bab46a762f3691e863f7bb0f762734abbe34a54a265ba13a1676
2024-02-20 11:03 - 2024-02-20 11:03 - 000026462 _____ C:\Users\jenfr\AppData\LocalLow\5f4d94ed6a04f6b82b9d20d874086d16e1dc9a62e8fe9d5226147ebb3f6b63f9
Powershell: Set-MpPreference -EnableControlledFolderAccess Disabled
Powershell: Set-MpPreference -DisableRealtimeMonitoring $true
cmd: del /f /s /q "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\Detections.log"
cmd: del /f /s /q "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\History.Log"
cmd: del /f /s /q "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\Unknown.Log"
cmd: del /f /s /q "C:\ProgramData\Microsoft\Windows Defender\Scans\mpenginedb.db"
2024-02-18 11:46 - 2024-02-19 12:01 - 000002400 ____A [15B9394991615A45B79180EAB8EC21E9] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00\0F2469C8-A0F7-4113-B2D5-54AC8327F83D
2024-02-18 14:35 - 2024-02-19 15:03 - 000020064 ____A [22B835438A84A8CF5C4E675ED1A974F9] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00\3FB1222C-D66A-462B-9C79-BFDA7205F09A
2024-02-26 15:11 - 2024-02-26 15:11 - 000108344 ____A [4FEEDD36D21AB4CE536F5ABB1A15F271] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00\81CEF074-05C0-4C02-B743-39D01F6E5CBC
2024-02-18 18:31 - 2024-02-18 18:31 - 000003832 ____A [A260EEBAF5D72806E420A09A746C6096] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00\88848C46-D049-4F06-9F56-3139CCAD3E5C
2024-02-20 11:54 - 2024-02-21 12:28 - 000006784 ____A [08502259B3C190802E278C2C098999AF] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00\AE02AAA3-145B-42C8-85A6-AFAF3EE3BB0D
2024-02-26 15:11 - 2024-02-26 15:11 - 000008256 ____A [063CB81D85616E691C7D16EF5B3EED31] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\01\585465EC-D86C-4C2D-9726-79160A2B9983
2024-02-20 11:54 - 2024-02-21 12:28 - 000108344 ____A [048FD88C3BCFC9A2B42FE1D1DB27BF4A] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\02\0FFD7B17-8F57-4205-BE70-83CB6513970F
2024-02-18 18:28 - 2024-02-19 18:28 - 000003872 ____A [CA0E5E2BEB774AAF4325E8168931C27F] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\02\612B4987-A487-4629-91F2-87044198CA30
2024-02-18 14:32 - 2024-02-19 15:03 - 000003872 ____A [FA543CCCE2FACB6583411060F087C1FD] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\02\8BC127E9-820D-4324-8515-A7CFC9BB75E0
2024-02-18 18:30 - 2024-02-18 18:30 - 000002360 ____A [C1A04AE40F1412CB57AE7018A1BA77FC] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\03\48AE6C47-8D2A-4974-BC51-91C80A2A07D7
2024-02-18 12:42 - 2024-02-19 13:01 - 000002400 ____A [4D45C38C578ADBFF98EA9EF77904D912] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\03\55F9DC82-F73C-413C-8DC5-386D98D6A8D0
2024-02-19 21:43 - 2024-02-21 00:22 - 000108344 ____A [60B113A6FFEB781010BD3B504E5470E9] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\03\FE41773B-4573-43B8-B51F-13AE05A460D6
2024-02-20 13:41 - 2024-02-20 13:41 - 000006744 ____A [84036B229E2BCDB6ED813E020D87CB6A] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\4E4472EB-4AD0-44F3-9C34-DCC3085B9B78
2024-02-18 14:32 - 2024-02-19 15:03 - 000017120 ____A [2C67165C98251DDCFB59EFC773827473] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\619EA068-3DC1-45DF-928E-292C176A15A9
2024-02-18 18:30 - 2024-02-19 18:35 - 000005344 ____A [0BD896031FB62F9058AA35E153673C34] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\661E4FD9-CBCD-4FA8-8CE6-7BBF74625301
2024-02-20 15:25 - 2024-02-25 15:34 - 000108344 ____A [981323C7A3566B450AD950492DEF4D55] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\66734316-77A6-4701-A87C-2B2647A6E2A0
2024-02-18 18:30 - 2024-02-19 18:35 - 000003872 ____A [66CD84FE85396848DCAB320B50B3DA83] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\A0D34A26-D7D7-4614-B286-536E502DAF8E
2024-02-18 12:41 - 2024-02-19 13:01 - 000002400 ____A [51E7B98BF88D547737191D134EE6F412] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\D1A19F8E-AAAD-4A4A-95B6-3105F3E14054
2024-02-18 14:32 - 2024-02-19 15:03 - 000002400 ____A [FFA1049B0288079D474E747E813A9B33] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\2095979F-C188-465C-85A4-A2EEF414E678
2024-02-18 18:28 - 2024-02-19 18:28 - 000002400 ____A [8DE298FCC2E594964133730F48DCEA80] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\705DC510-FB9A-4E19-B99D-9FF106042EB9
2024-02-18 11:45 - 2024-02-19 12:01 - 000002400 ____A [6851C9D25CCABBFDE909EC4C37709D4D] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\9F50E5F3-1487-47D3-A7E7-85382DE8186B
2024-02-18 11:45 - 2024-02-19 12:01 - 000002400 ____A [976C9A5BEFD6C1656B04BE8B3D938F2F] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\AB03C979-2A02-4F10-8A68-2F48C96B6A34
2024-02-18 13:43 - 2024-02-19 14:01 - 000003872 ____A [23F5569DFABC24CB6FD89F9EEF2363E0] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\DA396ED2-0710-473C-AC20-677450AC5068
2024-02-26 12:46 - 2024-02-26 12:46 - 000008256 ____A [3B502633F119E49D0F5FC0EB382F7D32] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\07\0168BA18-4D4E-4ACB-8832-8D9F2421696D
2024-02-20 12:44 - 2024-02-21 12:50 - 000006784 ____A [6BAED2F2FA4585FA8E9B4A424D90A5EE] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\07\787BE465-1E5A-4932-8F2F-4BECE50C08EE
2024-02-19 20:44 - 2024-02-21 00:22 - 000108344 ____A [D844F7B1FB0787B779F36DA407BFBD40] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\27984321-6B4F-4DA7-8437-B0430BD41E8B
2024-02-18 12:42 - 2024-02-19 13:01 - 000002400 ____A [453714E3D28A0396AEE8BD4EDDC3BEB3] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\8923FF7B-4878-4DE5-9C49-81AC372CB1D0
2024-02-18 18:27 - 2024-02-19 18:28 - 000003872 ____A [0C45B546407CC366A537FB2FDAE67741] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\AF846D2E-B6BA-4208-BBFB-B92A99532A57
2024-02-18 14:36 - 2024-02-19 15:03 - 000002400 ____A [42E2644D9207518D2E414F4E0B8F0B74] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\CA02B8B5-4532-42E1-9122-95FEA8F22FCA
2024-02-18 10:39 - 2024-02-19 11:01 - 000002400 ____A [0B70422A4F8D1913457DBD46FCAA6A1F] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\CA9A60EA-E034-4801-83AE-5777B092DD48
2024-02-18 12:42 - 2024-02-19 13:01 - 000002400 ____A [CF6478E962D15D92334E2DDBAC357833] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\0C5404B8-ECF9-4EE5-AA85-23E16586EF67
2024-02-18 12:41 - 2024-02-19 13:01 - 000012704 ____A [AD4CC2480E00E0887079DAB67A493BFC] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\7B6A300C-28F7-4859-848C-576A0DACE409
2024-02-18 11:37 - 2024-02-19 12:01 - 000002400 ____A [8A6F552706C3BE7915A1755147892466] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\7BF94CE5-3856-4162-83B0-72BE27DD84B0
2024-02-18 18:30 - 2024-02-19 18:35 - 000002400 ____A [7AE7DFC3999875BBD39788280A1481A2] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\7DD7E251-4FE1-4F92-B3B4-4CAC022747E5
2024-02-20 12:44 - 2024-02-20 12:44 - 000003800 ____A [F3940BF3B6C15780ED742B3527ECCC55] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\AEB8BEE3-B1EE-46C6-9531-CB35A756E6AF
2024-02-18 14:35 - 2024-02-19 15:03 - 000002400 ____A [A52DD030E0DB7417A0E95BA0807119CA] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\09B158F2-543A-4D06-89C6-E98060E3186D
2024-02-18 13:45 - 2024-02-19 14:01 - 000002400 ____A [A6365CF0712028409751AD1ECF57D472] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\17013DD6-AC6A-47B5-86CF-AD8679A92BF1
2024-02-20 15:25 - 2024-02-25 15:34 - 000008256 ____A [1C076998EE7FAA221D665B6DC76E8AE6] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\63971D81-CD75-467D-BCB9-3CFB46E496D7
2024-02-18 13:43 - 2024-02-19 14:01 - 000002400 ____A [F57D163C3F4912385FE8F204F53995DA] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\8D85791B-1198-419A-8CDB-0A99006E28B3
2024-02-19 20:24 - 2024-02-21 00:22 - 000006784 ____A [32A27DFAD9CAA9F1355CBB902E1DD1D5] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\FCAB6EB7-6D1A-4931-9DB3-3F73D8DA6156
2024-02-18 12:42 - 2024-02-19 13:01 - 000002400 ____A [92EB3B6CFFDD76E2FD5F0E3A237B7BAA] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\12\28AA50B2-ACD0-4103-BD6C-F5343B9C7F11
2024-02-18 14:35 - 2024-02-19 15:03 - 000002400 ____A [8265840D88E21A5494BF0E5EFBD8965E] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\13\0A44F5D5-D57E-44D3-AC62-9D306F2DDE0E
2024-02-18 12:42 - 2024-02-19 13:01 - 000002400 ____A [B1A049750A7A7D40765F30791BE16FF7] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\13\7B9EAD3E-2233-4CBE-ACDA-CF1E964B4058
2024-02-18 12:41 - 2024-02-19 13:01 - 000003872 ____A [1998B18AF0E550DFBDE4F5289CA8B1B6] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\14\240CC862-0440-4CFF-931F-F02827E0C52F
2024-02-20 13:41 - 2024-02-20 13:41 - 000108304 ____A [7DC9DF306A776E0362D023AB251D7DE1] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\14\7BA422C8-245F-457B-8626-6D68E698C36A
2024-02-18 18:31 - 2024-02-19 18:35 - 000015648 ____A [6BA6C0B7AEC29A47CC0DB79684051B5D] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\14\889D6D11-9284-4478-A34A-C010115B8435
2024-02-18 14:32 - 2024-02-19 15:03 - 000002400 ____A [C07C97983D157EB7D5E481C1805516CD] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\14\E07D5B87-2450-492C-8798-9074698DE7E3
2024-02-19 20:44 - 2024-02-21 00:22 - 000006784 ____A [89E0055D624C5ADEEEED090F40FFFDA7] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\10AA97DE-D619-4CB4-98D0-B897482DF9BD
2024-02-18 14:33 - 2024-02-19 15:03 - 000002400 ____A [2B381BB210A72DCBF7560C678FE484DE] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\218E2A9C-ADF8-44DB-8B85-2072C5764C2C
2024-02-18 14:35 - 2024-02-18 14:35 - 000002360 ____A [73E8FF15A4E70BC69B9501EFC6A9D9B3] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\22D796C3-75E5-4F00-BD5F-DC6540448876
2024-02-19 21:43 - 2024-02-21 00:22 - 000006784 ____A [67817122AEE55DA12E5D0474F4067D98] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\22F660BA-1EE2-4FAC-B39C-1DD5901DEFB7
2024-02-18 12:42 - 2024-02-19 13:01 - 000006808 ____A [AF45144D52BD01545E22B92321C33400] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\7C3C7A6C-784F-41E7-B46F-9331478F9B93
2024-02-18 12:45 - 2024-02-19 13:01 - 000002400 ____A [46B2ADE443C83EDFFBD07043074B7E9F] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\A0FFFFBB-08A0-45A0-BF89-20D294CF146C
2024-02-18 14:35 - 2024-02-19 15:03 - 000002400 ____A [B2A62B6EDDC3D5BE35F977589036568E] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\A2321AAA-3188-4B28-82EC-DA6D402D0C8F
2024-02-18 18:27 - 2024-02-19 18:27 - 000006816 ____A [5775456E6F90EC701BB60061E52FC96F] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\B8B4A18A-97C2-4569-A2B0-86F63A842C0E
2024-02-19 18:59 - 2024-02-21 00:22 - 000006784 ____A [D54055932DD0B7469D128ECF832D618F] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\F087D243-A092-4A7E-AB7C-1CD84A1BD6A5
2024-02-18 14:35 - 2024-02-19 15:03 - 000003872 ____A [96FFF397248C271813A1405031419D15] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16\5635FAE5-C201-4EDC-9E45-9A2934D53C83
2024-02-26 12:46 - 2024-02-26 12:46 - 000108344 ____A [9C5472C783906413CFBC27A4E67DA28B] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16\61C556E3-16B7-4C54-89B5-22CBB7BC08DF
2024-02-20 14:40 - 2024-02-25 15:34 - 000108344 ____A [D7FFADFC32E29AC3FB16924D1C77092E] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16\A3A14702-6785-49B2-88F1-6D48A28C4C6E
2024-02-20 15:15 - 2024-02-25 15:34 - 000008256 ____A [EBB0275C56F534FE4931A36232B5ACFF] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16\B1B09F1C-F3D1-44CE-A9A2-AA4AF144DB5E
2024-02-19 18:59 - 2024-02-21 00:22 - 000103928 ____A [2E99357DCD32CFE90F98E137B076EE2B] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16\DC649A37-7729-4D0B-B11C-E6C37634E0D0
2024-02-19 20:24 - 2024-02-19 20:24 - 000003800 ____A [F3D99D4AE6853F7F33BBB3CFDB07C8AC] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\17\19D774AC-2CCD-4949-907B-9E5990151EF9
2024-02-20 11:01 - 2024-02-21 11:27 - 000006784 ____A [72199776A4F59DFDB0062F91DB447A15] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\17\2346C56E-6591-4B54-A2CD-14BF6A10E72D
2024-02-20 12:44 - 2024-02-21 12:50 - 000108344 ____A [531CCF03F528A4CE42BF63CC3400E079] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\17\44E8F266-EB5E-42C6-AC2C-981EBCF9443E
2024-02-18 11:46 - 2024-02-19 12:01 - 000002400 ____A [3480DEC19723B84BD622C1EEE367C70F] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\17\E195CA70-2BA8-4D48-8500-0920CF5BB1D8
2024-02-18 10:39 - 2024-02-19 11:01 - 000002400 ____A [9D6925F8E61A6E4E60EC9C86DBB69A38] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\18\72E37C91-50A7-4ABC-A6E9-824A7307D7E1
2024-02-20 14:40 - 2024-02-25 15:34 - 000008256 ____A [7C679B28B15E670561D6970FAA8CD86A] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\0322EDA7-BED4-4CAB-99FF-C087720AC7B0
2024-02-20 15:15 - 2024-02-25 15:34 - 000108344 ____A [2F7BF224F5796BAE669E722FEE0AB997] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\06A990B0-C3E9-439E-A614-6ABC13659C44
2024-02-18 14:32 - 2024-02-19 15:03 - 000003872 ____A [FB62C2E18DDC48940E548BA713632546] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\2E73BCE7-2246-437E-850D-1B2AE165926D
2024-02-20 18:18 - 2024-02-25 15:34 - 000108344 ____A [66580B8CAA0C51AE2DC1D988D48FD257] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\5FAC96FE-2AE2-4F5C-A1CF-B77F28A2F04B
2024-02-20 11:01 - 2024-02-21 11:27 - 000108344 ____A [BD25A91D7FFDDEBBA55C6DA804E24B40] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\64272F82-0873-4C8F-8F18-428573E6A159
2024-02-20 18:18 - 2024-02-25 15:34 - 000008256 ____A [D53B165E8894CB61CBA047EEF5CDF9CE] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\8E43E3BD-1094-48FD-90DC-D0DD191B1129
2024-02-26 15:06 - 2024-02-26 15:07 - 000108344 ____A [6AB6BA9D57F064DC77295EDCCC32D714] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\C0403A41-F87E-4E1C-A77E-591739EF7666
2024-02-19 20:24 - 2024-02-21 00:22 - 000033272 ____A [DA6AF6C37C6A776C7EBF39B01FC8C379] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\FD9D98E3-70EE-4AB1-84B0-0F1030B4E881
2024-02-18 12:42 - 2024-02-19 13:01 - 000002400 ____A [0203AEDBDD04BD84FE07547B73F8F423] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\20\B92B57DE-3842-49BE-AF23-9B485896F7CE
2024-02-26 15:06 - 2024-02-26 15:07 - 000008256 ____A [9A3233C9D3B60DAC3ABFCFD2169A8C94] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\20\F2EFD63E-0253-4A44-891B-BC4C4DBD5F91
2024-02-18 18:27 - 2024-02-19 18:28 - 000020064 ____A [3F525326577E21C49A0DCD6A944BEEB3] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\21\2167A3E2-7832-4393-8E58-8BBD7117C1AD
2024-02-18 18:31 - 2024-02-19 18:35 - 000002400 ____A [F31331887FC8EAF3E434FA751A895EE4] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\22\AA5FDCDC-D491-4FF2-B527-BC039A5F1DBF
Powershell: Set-MpPreference -EnableControlledFolderAccess Enabled
Powershell: Set-MpPreference -DisableRealtimeMonitoring $false
Powershell: Get-MpThreatDetection
cmd: sfc /scannow
cmd: DISM /Online /Cleanup-Image /CheckHealth
Emptytemp:
End::

Click Fix
When completed the tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
Note: The Emptytemp: command will remove cookies and may result in some websites (like banking) indicating they do not recognize your computer. It may be necessary to receive and apply a verification code.
Upon reboot check for Windows Defender detections

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it.

Fixlog
Windows Defender detections?

Gary

Lord, to whom shall we go? You have the words of eternal life. We have come to believe and to know that you are the Holy One of God.
John 6:68-69

Back to top"> Back to top

#7 FlaxenV

Topic Starter

Members
19 posts
OFFLINE

Gender:Male
Local time:09:58 PM

Posted 28 February 2024 - 10:41 AM

Of note: Before I ran the above fix I noticed that Defender was no longer reporting 'Active Threats'. It says last quick scan was 6:19pm on 2/27.

I went ahead and ran the new Fixlog and Defender remains clear.

I am getting a message to divide the post into 2 smaller ones.

------

Fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version: 26.02.2024 01
Ran by jenfr (28-02-2024 09:13:46) Run:2
Running from C:\Users\jenfr\Downloads
Loaded Profiles: jenfr & Boss & CBT_MKE
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start::
SystemRestore: On
CreateRestorePoint:
CloseProcesses:
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {C77AB6C0-B0CC-48DB-9307-AAD139861E27} - System32\Tasks\MyDell.Updater => %ProgramFiles%\Dell\MyDell\Updater\MyDell.Updater.exe (No File)
CustomCLSID: HKU\S-1-5-21-883358396-3808688255-3020804061-1001_Classes\CLSID\{02f99b13-b4a2-e116-29df-b7441da8d960}\localserver32 -> "C:\Program Files\Dell\MyDell\Console\NGA.Systray.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-883358396-3808688255-3020804061-1001_Classes\CLSID\{6da32e32-0686-8d4f-e799-79dc9f129f0f}\localserver32 -> "C:\Program Files\Dell\MyDell\Console\NGA.ThickClient.exe" -ToastActivated => No File
FirewallRules: [{4B651BEF-61A0-4EBF-B956-1A1BDF5480F6}] => (Allow) C:\Users\jenfr\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{372C52D4-17BB-4BE3-9BE1-DE541C9497FA}] => (Allow) C:\Users\jenfr\AppData\Roaming\Zoom\bin\airhost.exe => No File
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {C77AB6C0-B0CC-48DB-9307-AAD139861E27} - System32\Tasks\MyDell.Updater => %ProgramFiles%\Dell\MyDell\Updater\MyDell.Updater.exe (No File)
2024-02-11 20:07 - 2024-02-11 20:07 - 000000000 ____D C:\ProgramData\zeon
2024-02-11 20:07 - 2024-02-20 11:50 - 000000000 ____D C:\ProgramData\Nuance
2024-02-11 20:07 - 2024-02-20 11:48 - 000000000 ____D C:\ProgramData\ScanSoft
2024-02-11 20:07 - 2024-02-11 20:31 - 000000000 ____D C:\Users\jenfr\AppData\Local\Nuance
C:\Program Files (x86)\Nuance
C:\Windows\Temp
2024-02-20 13:24 - 2024-02-20 13:24 - 000000128 _____ C:\Users\jenfr\AppData\LocalLow\48efb6e00dfe354ed4139123e9b35089d2d86424274e14250c30b27cae920926
2024-02-20 13:24 - 2024-02-20 13:24 - 000000026 _____ C:\Users\jenfr\AppData\LocalLow\da7068dc0fa153cbfafb66cba6e437fe55284af4bd99acf3dea49367f07092b0
2024-02-20 12:00 - 2024-02-20 12:43 - 000025438 _____ C:\Users\Boss\AppData\LocalLow\1abc63b7c987f217521b29e18445c9b2a0b8a27bd4397fcda74dd662205af57f
2024-02-20 12:00 - 2024-02-20 12:00 - 000000026 _____ C:\Users\Boss\AppData\LocalLow\fd153706050abcf0886e001cfa6502f84dcec6faebb4c413e24263d44a873e5b
2024-02-20 11:58 - 2024-02-20 11:58 - 000144867 _____ C:\Users\Boss\AppData\LocalLow\eda39b108ad638a48a673331ae068f49baf340b2c89c11e017eca6260bfb2885
2024-02-20 11:58 - 2024-02-20 11:58 - 000000026 _____ C:\Users\Boss\AppData\LocalLow\7b5173d5fafc7ca7c2520d2a81837743e862da40c610545fd677456daf0b5c62
2024-02-20 11:57 - 2024-02-20 11:57 - 000011196 _____ C:\Users\Boss\AppData\LocalLow\5752342e1f6b5997da6bd26b4ee1e88066d4516920bf2256a193be7e50a78847
2024-02-20 11:57 - 2024-02-20 11:57 - 000000026 _____ C:\Users\Boss\AppData\LocalLow\283c655cd507333ccf40a7d3581da4ba21fa601ca8cc530b458d2a49ad7b4b8e
2024-02-20 11:03 - 2024-02-20 11:05 - 000000128 _____ C:\Users\jenfr\AppData\LocalLow\3e159baba4b2bab46a762f3691e863f7bb0f762734abbe34a54a265ba13a1676
2024-02-20 11:03 - 2024-02-20 11:03 - 000026462 _____ C:\Users\jenfr\AppData\LocalLow\5f4d94ed6a04f6b82b9d20d874086d16e1dc9a62e8fe9d5226147ebb3f6b63f9
2024-02-19 12:33 - 2024-02-26 14:47 - 000000128 _____ C:\Users\jenfr\AppData\LocalLow\69a789ecc2248ac851c5b7748341e0df97b19b51fc48632a1b8629e8974d6578
2024-02-19 12:33 - 2024-02-26 13:23 - 000031209 _____ C:\Users\jenfr\AppData\LocalLow\e2e71d94b4a2d1ac543c9730c8edeb3f9c24f3df239f5830d59588abcd2d97d3
2024-02-01 14:25 - 2024-02-09 17:07 - 000000128 _____ C:\Users\CBT_MKE\AppData\LocalLow\69a789ecc2248ac851c5b7748341e0df97b19b51fc48632a1b8629e8974d6578
2024-02-01 14:25 - 2024-02-09 17:04 - 000023390 _____ C:\Users\CBT_MKE\AppData\LocalLow\e2e71d94b4a2d1ac543c9730c8edeb3f9c24f3df239f5830d59588abcd2d97d3
2024-02-01 11:46 - 2024-02-01 11:46 - 000002260 _____ C:\Users\CBT_MKE\AppData\LocalLow\e7cc40f51e4c3980d50372beb28d8d931dd6df11132245b06d72bea14a9bee18
2024-01-27 11:14 - 2024-01-27 11:14 - 000002260 _____ C:\Users\jenfr\AppData\LocalLow\126014fef63f2dff36f1fc26cfb7c085ebf4ea9543a703cfe75d5e45d8607cb2
2024-02-26 15:12 - 2024-01-24 16:27 - 000025438 _____ C:\Users\jenfr\AppData\LocalLow\1abc63b7c987f217521b29e18445c9b2a0b8a27bd4397fcda74dd662205af57f
2024-02-26 15:11 - 2024-01-24 16:37 - 000016781 _____ C:\Users\CBT_MKE\AppData\LocalLow\1abc63b7c987f217521b29e18445c9b2a0b8a27bd4397fcda74dd662205af57f
2024-02-20 11:05 - 2024-01-24 16:29 - 000033164 _____ C:\Users\jenfr\AppData\LocalLow\30fe1ad87c7a915f35214d537895d60e85a488378022b8dff9a42476846a224e
2024-02-20 13:24 - 2024-02-20 13:24 - 000000026 _____ C:\Users\jenfr\AppData\LocalLow\da7068dc0fa153cbfafb66cba6e437fe55284af4bd99acf3dea49367f07092b0
2024-02-20 12:00 - 2024-02-20 12:43 - 000025438 _____ C:\Users\Boss\AppData\LocalLow\1abc63b7c987f217521b29e18445c9b2a0b8a27bd4397fcda74dd662205af57f
2024-02-20 12:00 - 2024-02-20 12:00 - 000000026 _____ C:\Users\Boss\AppData\LocalLow\fd153706050abcf0886e001cfa6502f84dcec6faebb4c413e24263d44a873e5b
2024-02-20 11:58 - 2024-02-20 11:58 - 000144867 _____ C:\Users\Boss\AppData\LocalLow\eda39b108ad638a48a673331ae068f49baf340b2c89c11e017eca6260bfb2885
2024-02-20 11:58 - 2024-02-20 11:58 - 000000026 _____ C:\Users\Boss\AppData\LocalLow\7b5173d5fafc7ca7c2520d2a81837743e862da40c610545fd677456daf0b5c62
2024-02-20 11:57 - 2024-02-20 11:57 - 000011196 _____ C:\Users\Boss\AppData\LocalLow\5752342e1f6b5997da6bd26b4ee1e88066d4516920bf2256a193be7e50a78847
2024-02-20 11:57 - 2024-02-20 11:57 - 000000026 _____ C:\Users\Boss\AppData\LocalLow\283c655cd507333ccf40a7d3581da4ba21fa601ca8cc530b458d2a49ad7b4b8e
2024-02-20 11:03 - 2024-02-20 11:05 - 000000128 _____ C:\Users\jenfr\AppData\LocalLow\3e159baba4b2bab46a762f3691e863f7bb0f762734abbe34a54a265ba13a1676
2024-02-20 11:03 - 2024-02-20 11:03 - 000026462 _____ C:\Users\jenfr\AppData\LocalLow\5f4d94ed6a04f6b82b9d20d874086d16e1dc9a62e8fe9d5226147ebb3f6b63f9
Powershell: Set-MpPreference -EnableControlledFolderAccess Disabled
Powershell: Set-MpPreference -DisableRealtimeMonitoring $true
cmd: del /f /s /q "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\Detections.log"
cmd: del /f /s /q "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\History.Log"
cmd: del /f /s /q "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\Unknown.Log"
cmd: del /f /s /q "C:\ProgramData\Microsoft\Windows Defender\Scans\mpenginedb.db"
2024-02-18 11:46 - 2024-02-19 12:01 - 000002400 ____A [15B9394991615A45B79180EAB8EC21E9] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00\0F2469C8-A0F7-4113-B2D5-54AC8327F83D
2024-02-18 14:35 - 2024-02-19 15:03 - 000020064 ____A [22B835438A84A8CF5C4E675ED1A974F9] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00\3FB1222C-D66A-462B-9C79-BFDA7205F09A
2024-02-26 15:11 - 2024-02-26 15:11 - 000108344 ____A [4FEEDD36D21AB4CE536F5ABB1A15F271] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00\81CEF074-05C0-4C02-B743-39D01F6E5CBC
2024-02-18 18:31 - 2024-02-18 18:31 - 000003832 ____A [A260EEBAF5D72806E420A09A746C6096] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00\88848C46-D049-4F06-9F56-3139CCAD3E5C
2024-02-20 11:54 - 2024-02-21 12:28 - 000006784 ____A [08502259B3C190802E278C2C098999AF] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00\AE02AAA3-145B-42C8-85A6-AFAF3EE3BB0D
2024-02-26 15:11 - 2024-02-26 15:11 - 000008256 ____A [063CB81D85616E691C7D16EF5B3EED31] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\01\585465EC-D86C-4C2D-9726-79160A2B9983
2024-02-20 11:54 - 2024-02-21 12:28 - 000108344 ____A [048FD88C3BCFC9A2B42FE1D1DB27BF4A] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\02\0FFD7B17-8F57-4205-BE70-83CB6513970F
2024-02-18 18:28 - 2024-02-19 18:28 - 000003872 ____A [CA0E5E2BEB774AAF4325E8168931C27F] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\02\612B4987-A487-4629-91F2-87044198CA30
2024-02-18 14:32 - 2024-02-19 15:03 - 000003872 ____A [FA543CCCE2FACB6583411060F087C1FD] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\02\8BC127E9-820D-4324-8515-A7CFC9BB75E0
2024-02-18 18:30 - 2024-02-18 18:30 - 000002360 ____A [C1A04AE40F1412CB57AE7018A1BA77FC] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\03\48AE6C47-8D2A-4974-BC51-91C80A2A07D7
2024-02-18 12:42 - 2024-02-19 13:01 - 000002400 ____A [4D45C38C578ADBFF98EA9EF77904D912] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\03\55F9DC82-F73C-413C-8DC5-386D98D6A8D0
2024-02-19 21:43 - 2024-02-21 00:22 - 000108344 ____A [60B113A6FFEB781010BD3B504E5470E9] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\03\FE41773B-4573-43B8-B51F-13AE05A460D6
2024-02-20 13:41 - 2024-02-20 13:41 - 000006744 ____A [84036B229E2BCDB6ED813E020D87CB6A] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\4E4472EB-4AD0-44F3-9C34-DCC3085B9B78
2024-02-18 14:32 - 2024-02-19 15:03 - 000017120 ____A [2C67165C98251DDCFB59EFC773827473] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\619EA068-3DC1-45DF-928E-292C176A15A9
2024-02-18 18:30 - 2024-02-19 18:35 - 000005344 ____A [0BD896031FB62F9058AA35E153673C34] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\661E4FD9-CBCD-4FA8-8CE6-7BBF74625301
2024-02-20 15:25 - 2024-02-25 15:34 - 000108344 ____A [981323C7A3566B450AD950492DEF4D55] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\66734316-77A6-4701-A87C-2B2647A6E2A0
2024-02-18 18:30 - 2024-02-19 18:35 - 000003872 ____A [66CD84FE85396848DCAB320B50B3DA83] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\A0D34A26-D7D7-4614-B286-536E502DAF8E
2024-02-18 12:41 - 2024-02-19 13:01 - 000002400 ____A [51E7B98BF88D547737191D134EE6F412] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\D1A19F8E-AAAD-4A4A-95B6-3105F3E14054
2024-02-18 14:32 - 2024-02-19 15:03 - 000002400 ____A [FFA1049B0288079D474E747E813A9B33] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\2095979F-C188-465C-85A4-A2EEF414E678
2024-02-18 18:28 - 2024-02-19 18:28 - 000002400 ____A [8DE298FCC2E594964133730F48DCEA80] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\705DC510-FB9A-4E19-B99D-9FF106042EB9
2024-02-18 11:45 - 2024-02-19 12:01 - 000002400 ____A [6851C9D25CCABBFDE909EC4C37709D4D] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\9F50E5F3-1487-47D3-A7E7-85382DE8186B
2024-02-18 11:45 - 2024-02-19 12:01 - 000002400 ____A [976C9A5BEFD6C1656B04BE8B3D938F2F] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\AB03C979-2A02-4F10-8A68-2F48C96B6A34
2024-02-18 13:43 - 2024-02-19 14:01 - 000003872 ____A [23F5569DFABC24CB6FD89F9EEF2363E0] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\DA396ED2-0710-473C-AC20-677450AC5068
2024-02-26 12:46 - 2024-02-26 12:46 - 000008256 ____A [3B502633F119E49D0F5FC0EB382F7D32] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\07\0168BA18-4D4E-4ACB-8832-8D9F2421696D
2024-02-20 12:44 - 2024-02-21 12:50 - 000006784 ____A [6BAED2F2FA4585FA8E9B4A424D90A5EE] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\07\787BE465-1E5A-4932-8F2F-4BECE50C08EE
2024-02-19 20:44 - 2024-02-21 00:22 - 000108344 ____A [D844F7B1FB0787B779F36DA407BFBD40] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\27984321-6B4F-4DA7-8437-B0430BD41E8B
2024-02-18 12:42 - 2024-02-19 13:01 - 000002400 ____A [453714E3D28A0396AEE8BD4EDDC3BEB3] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\8923FF7B-4878-4DE5-9C49-81AC372CB1D0
2024-02-18 18:27 - 2024-02-19 18:28 - 000003872 ____A [0C45B546407CC366A537FB2FDAE67741] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\AF846D2E-B6BA-4208-BBFB-B92A99532A57
2024-02-18 14:36 - 2024-02-19 15:03 - 000002400 ____A [42E2644D9207518D2E414F4E0B8F0B74] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\CA02B8B5-4532-42E1-9122-95FEA8F22FCA
2024-02-18 10:39 - 2024-02-19 11:01 - 000002400 ____A [0B70422A4F8D1913457DBD46FCAA6A1F] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\CA9A60EA-E034-4801-83AE-5777B092DD48
2024-02-18 12:42 - 2024-02-19 13:01 - 000002400 ____A [CF6478E962D15D92334E2DDBAC357833] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\0C5404B8-ECF9-4EE5-AA85-23E16586EF67
2024-02-18 12:41 - 2024-02-19 13:01 - 000012704 ____A [AD4CC2480E00E0887079DAB67A493BFC] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\7B6A300C-28F7-4859-848C-576A0DACE409
2024-02-18 11:37 - 2024-02-19 12:01 - 000002400 ____A [8A6F552706C3BE7915A1755147892466] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\7BF94CE5-3856-4162-83B0-72BE27DD84B0
2024-02-18 18:30 - 2024-02-19 18:35 - 000002400 ____A [7AE7DFC3999875BBD39788280A1481A2] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\7DD7E251-4FE1-4F92-B3B4-4CAC022747E5
2024-02-20 12:44 - 2024-02-20 12:44 - 000003800 ____A [F3940BF3B6C15780ED742B3527ECCC55] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\AEB8BEE3-B1EE-46C6-9531-CB35A756E6AF
2024-02-18 14:35 - 2024-02-19 15:03 - 000002400 ____A [A52DD030E0DB7417A0E95BA0807119CA] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\09B158F2-543A-4D06-89C6-E98060E3186D
2024-02-18 13:45 - 2024-02-19 14:01 - 000002400 ____A [A6365CF0712028409751AD1ECF57D472] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\17013DD6-AC6A-47B5-86CF-AD8679A92BF1
2024-02-20 15:25 - 2024-02-25 15:34 - 000008256 ____A [1C076998EE7FAA221D665B6DC76E8AE6] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\63971D81-CD75-467D-BCB9-3CFB46E496D7
2024-02-18 13:43 - 2024-02-19 14:01 - 000002400 ____A [F57D163C3F4912385FE8F204F53995DA] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\8D85791B-1198-419A-8CDB-0A99006E28B3
2024-02-19 20:24 - 2024-02-21 00:22 - 000006784 ____A [32A27DFAD9CAA9F1355CBB902E1DD1D5] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\FCAB6EB7-6D1A-4931-9DB3-3F73D8DA6156
2024-02-18 12:42 - 2024-02-19 13:01 - 000002400 ____A [92EB3B6CFFDD76E2FD5F0E3A237B7BAA] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\12\28AA50B2-ACD0-4103-BD6C-F5343B9C7F11
2024-02-18 14:35 - 2024-02-19 15:03 - 000002400 ____A [8265840D88E21A5494BF0E5EFBD8965E] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\13\0A44F5D5-D57E-44D3-AC62-9D306F2DDE0E
2024-02-18 12:42 - 2024-02-19 13:01 - 000002400 ____A [B1A049750A7A7D40765F30791BE16FF7] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\13\7B9EAD3E-2233-4CBE-ACDA-CF1E964B4058
2024-02-18 12:41 - 2024-02-19 13:01 - 000003872 ____A [1998B18AF0E550DFBDE4F5289CA8B1B6] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\14\240CC862-0440-4CFF-931F-F02827E0C52F
2024-02-20 13:41 - 2024-02-20 13:41 - 000108304 ____A [7DC9DF306A776E0362D023AB251D7DE1] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\14\7BA422C8-245F-457B-8626-6D68E698C36A
2024-02-18 18:31 - 2024-02-19 18:35 - 000015648 ____A [6BA6C0B7AEC29A47CC0DB79684051B5D] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\14\889D6D11-9284-4478-A34A-C010115B8435
2024-02-18 14:32 - 2024-02-19 15:03 - 000002400 ____A [C07C97983D157EB7D5E481C1805516CD] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\14\E07D5B87-2450-492C-8798-9074698DE7E3
2024-02-19 20:44 - 2024-02-21 00:22 - 000006784 ____A [89E0055D624C5ADEEEED090F40FFFDA7] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\10AA97DE-D619-4CB4-98D0-B897482DF9BD
2024-02-18 14:33 - 2024-02-19 15:03 - 000002400 ____A [2B381BB210A72DCBF7560C678FE484DE] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\218E2A9C-ADF8-44DB-8B85-2072C5764C2C
2024-02-18 14:35 - 2024-02-18 14:35 - 000002360 ____A [73E8FF15A4E70BC69B9501EFC6A9D9B3] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\22D796C3-75E5-4F00-BD5F-DC6540448876
2024-02-19 21:43 - 2024-02-21 00:22 - 000006784 ____A [67817122AEE55DA12E5D0474F4067D98] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\22F660BA-1EE2-4FAC-B39C-1DD5901DEFB7
2024-02-18 12:42 - 2024-02-19 13:01 - 000006808 ____A [AF45144D52BD01545E22B92321C33400] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\7C3C7A6C-784F-41E7-B46F-9331478F9B93
2024-02-18 12:45 - 2024-02-19 13:01 - 000002400 ____A [46B2ADE443C83EDFFBD07043074B7E9F] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\A0FFFFBB-08A0-45A0-BF89-20D294CF146C
2024-02-18 14:35 - 2024-02-19 15:03 - 000002400 ____A [B2A62B6EDDC3D5BE35F977589036568E] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\A2321AAA-3188-4B28-82EC-DA6D402D0C8F
2024-02-18 18:27 - 2024-02-19 18:27 - 000006816 ____A [5775456E6F90EC701BB60061E52FC96F] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\B8B4A18A-97C2-4569-A2B0-86F63A842C0E
2024-02-19 18:59 - 2024-02-21 00:22 - 000006784 ____A [D54055932DD0B7469D128ECF832D618F] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\F087D243-A092-4A7E-AB7C-1CD84A1BD6A5
2024-02-18 14:35 - 2024-02-19 15:03 - 000003872 ____A [96FFF397248C271813A1405031419D15] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16\5635FAE5-C201-4EDC-9E45-9A2934D53C83
2024-02-26 12:46 - 2024-02-26 12:46 - 000108344 ____A [9C5472C783906413CFBC27A4E67DA28B] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16\61C556E3-16B7-4C54-89B5-22CBB7BC08DF
2024-02-20 14:40 - 2024-02-25 15:34 - 000108344 ____A [D7FFADFC32E29AC3FB16924D1C77092E] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16\A3A14702-6785-49B2-88F1-6D48A28C4C6E
2024-02-20 15:15 - 2024-02-25 15:34 - 000008256 ____A [EBB0275C56F534FE4931A36232B5ACFF] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16\B1B09F1C-F3D1-44CE-A9A2-AA4AF144DB5E
2024-02-19 18:59 - 2024-02-21 00:22 - 000103928 ____A [2E99357DCD32CFE90F98E137B076EE2B] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16\DC649A37-7729-4D0B-B11C-E6C37634E0D0
2024-02-19 20:24 - 2024-02-19 20:24 - 000003800 ____A [F3D99D4AE6853F7F33BBB3CFDB07C8AC] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\17\19D774AC-2CCD-4949-907B-9E5990151EF9
2024-02-20 11:01 - 2024-02-21 11:27 - 000006784 ____A [72199776A4F59DFDB0062F91DB447A15] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\17\2346C56E-6591-4B54-A2CD-14BF6A10E72D
2024-02-20 12:44 - 2024-02-21 12:50 - 000108344 ____A [531CCF03F528A4CE42BF63CC3400E079] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\17\44E8F266-EB5E-42C6-AC2C-981EBCF9443E
2024-02-18 11:46 - 2024-02-19 12:01 - 000002400 ____A [3480DEC19723B84BD622C1EEE367C70F] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\17\E195CA70-2BA8-4D48-8500-0920CF5BB1D8
2024-02-18 10:39 - 2024-02-19 11:01 - 000002400 ____A [9D6925F8E61A6E4E60EC9C86DBB69A38] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\18\72E37C91-50A7-4ABC-A6E9-824A7307D7E1
2024-02-20 14:40 - 2024-02-25 15:34 - 000008256 ____A [7C679B28B15E670561D6970FAA8CD86A] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\0322EDA7-BED4-4CAB-99FF-C087720AC7B0
2024-02-20 15:15 - 2024-02-25 15:34 - 000108344 ____A [2F7BF224F5796BAE669E722FEE0AB997] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\06A990B0-C3E9-439E-A614-6ABC13659C44
2024-02-18 14:32 - 2024-02-19 15:03 - 000003872 ____A [FB62C2E18DDC48940E548BA713632546] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\2E73BCE7-2246-437E-850D-1B2AE165926D
2024-02-20 18:18 - 2024-02-25 15:34 - 000108344 ____A [66580B8CAA0C51AE2DC1D988D48FD257] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\5FAC96FE-2AE2-4F5C-A1CF-B77F28A2F04B
2024-02-20 11:01 - 2024-02-21 11:27 - 000108344 ____A [BD25A91D7FFDDEBBA55C6DA804E24B40] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\64272F82-0873-4C8F-8F18-428573E6A159
2024-02-20 18:18 - 2024-02-25 15:34 - 000008256 ____A [D53B165E8894CB61CBA047EEF5CDF9CE] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\8E43E3BD-1094-48FD-90DC-D0DD191B1129
2024-02-26 15:06 - 2024-02-26 15:07 - 000108344 ____A [6AB6BA9D57F064DC77295EDCCC32D714] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\C0403A41-F87E-4E1C-A77E-591739EF7666
2024-02-19 20:24 - 2024-02-21 00:22 - 000033272 ____A [DA6AF6C37C6A776C7EBF39B01FC8C379] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\FD9D98E3-70EE-4AB1-84B0-0F1030B4E881
2024-02-18 12:42 - 2024-02-19 13:01 - 000002400 ____A [0203AEDBDD04BD84FE07547B73F8F423] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\20\B92B57DE-3842-49BE-AF23-9B485896F7CE
2024-02-26 15:06 - 2024-02-26 15:07 - 000008256 ____A [9A3233C9D3B60DAC3ABFCFD2169A8C94] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\20\F2EFD63E-0253-4A44-891B-BC4C4DBD5F91
2024-02-18 18:27 - 2024-02-19 18:28 - 000020064 ____A [3F525326577E21C49A0DCD6A944BEEB3] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\21\2167A3E2-7832-4393-8E58-8BBD7117C1AD
2024-02-18 18:31 - 2024-02-19 18:35 - 000002400 ____A [F31331887FC8EAF3E434FA751A895EE4] () C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\22\AA5FDCDC-D491-4FF2-B527-BC039A5F1DBF
Powershell: Set-MpPreference -EnableControlledFolderAccess Enabled
Powershell: Set-MpPreference -DisableRealtimeMonitoring $false
Powershell: Get-MpThreatDetection
cmd: sfc /scannow
cmd: DISM /Online /Cleanup-Image /CheckHealth
Emptytemp:
End::
*****************

SystemRestore: On => completed
Restore point was successfully created.
Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C77AB6C0-B0CC-48DB-9307-AAD139861E27}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C77AB6C0-B0CC-48DB-9307-AAD139861E27}" => removed successfully
C:\WINDOWS\System32\Tasks\MyDell.Updater => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MyDell.Updater" => removed successfully
HKU\S-1-5-21-883358396-3808688255-3020804061-1001_Classes\CLSID\{02f99b13-b4a2-e116-29df-b7441da8d960} => removed successfully
HKU\S-1-5-21-883358396-3808688255-3020804061-1001_Classes\CLSID\{6da32e32-0686-8d4f-e799-79dc9f129f0f} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4B651BEF-61A0-4EBF-B956-1A1BDF5480F6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{372C52D4-17BB-4BE3-9BE1-DE541C9497FA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C77AB6C0-B0CC-48DB-9307-AAD139861E27}" => not found
"C:\WINDOWS\System32\Tasks\MyDell.Updater" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MyDell.Updater" => not found

"C:\ProgramData\zeon" folder move:

C:\ProgramData\zeon => moved successfully

"C:\ProgramData\Nuance" folder move:

C:\ProgramData\Nuance => moved successfully

"C:\ProgramData\ScanSoft" folder move:

C:\ProgramData\ScanSoft => moved successfully

"C:\Users\jenfr\AppData\Local\Nuance" folder move:

C:\Users\jenfr\AppData\Local\Nuance => moved successfully
"C:\Program Files (x86)\Nuance" => not found

"C:\Windows\Temp" folder move:

Could not move "C:\Windows\Temp" => Scheduled to move on reboot.

C:\Users\jenfr\AppData\LocalLow\48efb6e00dfe354ed4139123e9b35089d2d86424274e14250c30b27cae920926 => moved successfully
C:\Users\jenfr\AppData\LocalLow\da7068dc0fa153cbfafb66cba6e437fe55284af4bd99acf3dea49367f07092b0 => moved successfully
C:\Users\Boss\AppData\LocalLow\1abc63b7c987f217521b29e18445c9b2a0b8a27bd4397fcda74dd662205af57f => moved successfully
C:\Users\Boss\AppData\LocalLow\fd153706050abcf0886e001cfa6502f84dcec6faebb4c413e24263d44a873e5b => moved successfully
C:\Users\Boss\AppData\LocalLow\eda39b108ad638a48a673331ae068f49baf340b2c89c11e017eca6260bfb2885 => moved successfully
C:\Users\Boss\AppData\LocalLow\7b5173d5fafc7ca7c2520d2a81837743e862da40c610545fd677456daf0b5c62 => moved successfully
C:\Users\Boss\AppData\LocalLow\5752342e1f6b5997da6bd26b4ee1e88066d4516920bf2256a193be7e50a78847 => moved successfully
C:\Users\Boss\AppData\LocalLow\283c655cd507333ccf40a7d3581da4ba21fa601ca8cc530b458d2a49ad7b4b8e => moved successfully
C:\Users\jenfr\AppData\LocalLow\3e159baba4b2bab46a762f3691e863f7bb0f762734abbe34a54a265ba13a1676 => moved successfully
C:\Users\jenfr\AppData\LocalLow\5f4d94ed6a04f6b82b9d20d874086d16e1dc9a62e8fe9d5226147ebb3f6b63f9 => moved successfully
C:\Users\jenfr\AppData\LocalLow\69a789ecc2248ac851c5b7748341e0df97b19b51fc48632a1b8629e8974d6578 => moved successfully
C:\Users\jenfr\AppData\LocalLow\e2e71d94b4a2d1ac543c9730c8edeb3f9c24f3df239f5830d59588abcd2d97d3 => moved successfully
C:\Users\CBT_MKE\AppData\LocalLow\69a789ecc2248ac851c5b7748341e0df97b19b51fc48632a1b8629e8974d6578 => moved successfully
C:\Users\CBT_MKE\AppData\LocalLow\e2e71d94b4a2d1ac543c9730c8edeb3f9c24f3df239f5830d59588abcd2d97d3 => moved successfully
C:\Users\CBT_MKE\AppData\LocalLow\e7cc40f51e4c3980d50372beb28d8d931dd6df11132245b06d72bea14a9bee18 => moved successfully
C:\Users\jenfr\AppData\LocalLow\126014fef63f2dff36f1fc26cfb7c085ebf4ea9543a703cfe75d5e45d8607cb2 => moved successfully
C:\Users\jenfr\AppData\LocalLow\1abc63b7c987f217521b29e18445c9b2a0b8a27bd4397fcda74dd662205af57f => moved successfully
C:\Users\CBT_MKE\AppData\LocalLow\1abc63b7c987f217521b29e18445c9b2a0b8a27bd4397fcda74dd662205af57f => moved successfully
C:\Users\jenfr\AppData\LocalLow\30fe1ad87c7a915f35214d537895d60e85a488378022b8dff9a42476846a224e => moved successfully
"C:\Users\jenfr\AppData\LocalLow\da7068dc0fa153cbfafb66cba6e437fe55284af4bd99acf3dea49367f07092b0" => not found
"C:\Users\Boss\AppData\LocalLow\1abc63b7c987f217521b29e18445c9b2a0b8a27bd4397fcda74dd662205af57f" => not found
"C:\Users\Boss\AppData\LocalLow\fd153706050abcf0886e001cfa6502f84dcec6faebb4c413e24263d44a873e5b" => not found
"C:\Users\Boss\AppData\LocalLow\eda39b108ad638a48a673331ae068f49baf340b2c89c11e017eca6260bfb2885" => not found
"C:\Users\Boss\AppData\LocalLow\7b5173d5fafc7ca7c2520d2a81837743e862da40c610545fd677456daf0b5c62" => not found
"C:\Users\Boss\AppData\LocalLow\5752342e1f6b5997da6bd26b4ee1e88066d4516920bf2256a193be7e50a78847" => not found
"C:\Users\Boss\AppData\LocalLow\283c655cd507333ccf40a7d3581da4ba21fa601ca8cc530b458d2a49ad7b4b8e" => not found
"C:\Users\jenfr\AppData\LocalLow\3e159baba4b2bab46a762f3691e863f7bb0f762734abbe34a54a265ba13a1676" => not found
"C:\Users\jenfr\AppData\LocalLow\5f4d94ed6a04f6b82b9d20d874086d16e1dc9a62e8fe9d5226147ebb3f6b63f9" => not found

========= Set-MpPreference -EnableControlledFolderAccess Disabled =========

========= End of Powershell: =========

========= Set-MpPreference -DisableRealtimeMonitoring $true =========

========= End of Powershell: =========

========= del /f /s /q "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\Detections.log" =========

C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\Detections.log

========= End of CMD: =========

========= del /f /s /q "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\History.Log" =========

C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\History.Log

========= End of CMD: =========

========= del /f /s /q "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\Unknown.Log" =========

C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\Unknown.Log

========= End of CMD: =========

========= del /f /s /q "C:\ProgramData\Microsoft\Windows Defender\Scans\mpenginedb.db" =========

C:\ProgramData\Microsoft\Windows Defender\Scans\mpenginedb.db

========= End of CMD: =========

Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00\0F2469C8-A0F7-4113-B2D5-54AC8327F83D" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00\3FB1222C-D66A-462B-9C79-BFDA7205F09A" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00\81CEF074-05C0-4C02-B743-39D01F6E5CBC" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00\88848C46-D049-4F06-9F56-3139CCAD3E5C" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00\AE02AAA3-145B-42C8-85A6-AFAF3EE3BB0D" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\01\585465EC-D86C-4C2D-9726-79160A2B9983" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\02\0FFD7B17-8F57-4205-BE70-83CB6513970F" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\02\612B4987-A487-4629-91F2-87044198CA30" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\02\8BC127E9-820D-4324-8515-A7CFC9BB75E0" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\03\48AE6C47-8D2A-4974-BC51-91C80A2A07D7" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\03\55F9DC82-F73C-413C-8DC5-386D98D6A8D0" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\03\FE41773B-4573-43B8-B51F-13AE05A460D6" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\4E4472EB-4AD0-44F3-9C34-DCC3085B9B78" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\619EA068-3DC1-45DF-928E-292C176A15A9" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\661E4FD9-CBCD-4FA8-8CE6-7BBF74625301" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\66734316-77A6-4701-A87C-2B2647A6E2A0" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\A0D34A26-D7D7-4614-B286-536E502DAF8E" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\D1A19F8E-AAAD-4A4A-95B6-3105F3E14054" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\2095979F-C188-465C-85A4-A2EEF414E678" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\705DC510-FB9A-4E19-B99D-9FF106042EB9" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\9F50E5F3-1487-47D3-A7E7-85382DE8186B" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\AB03C979-2A02-4F10-8A68-2F48C96B6A34" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\DA396ED2-0710-473C-AC20-677450AC5068" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\07\0168BA18-4D4E-4ACB-8832-8D9F2421696D" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\07\787BE465-1E5A-4932-8F2F-4BECE50C08EE" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\27984321-6B4F-4DA7-8437-B0430BD41E8B" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\8923FF7B-4878-4DE5-9C49-81AC372CB1D0" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\AF846D2E-B6BA-4208-BBFB-B92A99532A57" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\CA02B8B5-4532-42E1-9122-95FEA8F22FCA" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\CA9A60EA-E034-4801-83AE-5777B092DD48" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\0C5404B8-ECF9-4EE5-AA85-23E16586EF67" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\7B6A300C-28F7-4859-848C-576A0DACE409" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\7BF94CE5-3856-4162-83B0-72BE27DD84B0" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\7DD7E251-4FE1-4F92-B3B4-4CAC022747E5" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\AEB8BEE3-B1EE-46C6-9531-CB35A756E6AF" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\09B158F2-543A-4D06-89C6-E98060E3186D" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\17013DD6-AC6A-47B5-86CF-AD8679A92BF1" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\63971D81-CD75-467D-BCB9-3CFB46E496D7" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\8D85791B-1198-419A-8CDB-0A99006E28B3" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\FCAB6EB7-6D1A-4931-9DB3-3F73D8DA6156" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\12\28AA50B2-ACD0-4103-BD6C-F5343B9C7F11" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\13\0A44F5D5-D57E-44D3-AC62-9D306F2DDE0E" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\13\7B9EAD3E-2233-4CBE-ACDA-CF1E964B4058" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\14\240CC862-0440-4CFF-931F-F02827E0C52F" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\14\7BA422C8-245F-457B-8626-6D68E698C36A" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\14\889D6D11-9284-4478-A34A-C010115B8435" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\14\E07D5B87-2450-492C-8798-9074698DE7E3" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\10AA97DE-D619-4CB4-98D0-B897482DF9BD" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\218E2A9C-ADF8-44DB-8B85-2072C5764C2C" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\22D796C3-75E5-4F00-BD5F-DC6540448876" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\22F660BA-1EE2-4FAC-B39C-1DD5901DEFB7" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\7C3C7A6C-784F-41E7-B46F-9331478F9B93" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\A0FFFFBB-08A0-45A0-BF89-20D294CF146C" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\A2321AAA-3188-4B28-82EC-DA6D402D0C8F" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\B8B4A18A-97C2-4569-A2B0-86F63A842C0E" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\F087D243-A092-4A7E-AB7C-1CD84A1BD6A5" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16\5635FAE5-C201-4EDC-9E45-9A2934D53C83" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16\61C556E3-16B7-4C54-89B5-22CBB7BC08DF" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16\A3A14702-6785-49B2-88F1-6D48A28C4C6E" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16\B1B09F1C-F3D1-44CE-A9A2-AA4AF144DB5E" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16\DC649A37-7729-4D0B-B11C-E6C37634E0D0" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\17\19D774AC-2CCD-4949-907B-9E5990151EF9" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\17\2346C56E-6591-4B54-A2CD-14BF6A10E72D" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\17\44E8F266-EB5E-42C6-AC2C-981EBCF9443E" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\17\E195CA70-2BA8-4D48-8500-0920CF5BB1D8" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\18\72E37C91-50A7-4ABC-A6E9-824A7307D7E1" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\0322EDA7-BED4-4CAB-99FF-C087720AC7B0" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\06A990B0-C3E9-439E-A614-6ABC13659C44" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\2E73BCE7-2246-437E-850D-1B2AE165926D" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\5FAC96FE-2AE2-4F5C-A1CF-B77F28A2F04B" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\64272F82-0873-4C8F-8F18-428573E6A159" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\8E43E3BD-1094-48FD-90DC-D0DD191B1129" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\C0403A41-F87E-4E1C-A77E-591739EF7666" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\FD9D98E3-70EE-4AB1-84B0-0F1030B4E881" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\20\B92B57DE-3842-49BE-AF23-9B485896F7CE" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\20\F2EFD63E-0253-4A44-891B-BC4C4DBD5F91" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\21\2167A3E2-7832-4393-8E58-8BBD7117C1AD" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\22\AA5FDCDC-D491-4FF2-B527-BC039A5F1DBF" => Scheduled to move on reboot.

========= Set-MpPreference -EnableControlledFolderAccess Enabled =========

========= End of Powershell: =========

========= Set-MpPreference -DisableRealtimeMonitoring $false =========

========= End of Powershell: =========

PART 2

========= Get-MpThreatDetection =========

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {AA5FDCDC-D491-4FF2-B527-BC039A5F1DBF}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 6:31:44 PM
LastThreatStatusChangeTime     : 2/18/2024 6:31:50 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 6:31:50 PM
Resources                      : {file:_C:\Windows\Temp\PF600A.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {2167A3E2-7832-4393-8E58-8BBD7117C1AD}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 6:27:59 PM
LastThreatStatusChangeTime     : 2/18/2024 6:28:30 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 6:28:30 PM
Resources                      : {file:_C:\Windows\Temp\PF1444.pdf, file:_C:\Windows\Temp\PF18F8.pdf,
                                 file:_C:\Windows\Temp\PF1E.pdf, file:_C:\Windows\Temp\PF1E58.pdf...}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {B92B57DE-3842-49BE-AF23-9B485896F7CE}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 12:42:17 PM
LastThreatStatusChangeTime     : 2/18/2024 12:42:24 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 12:42:24 PM
Resources                      : {file:_C:\Windows\Temp\PF72E2.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {F2EFD63E-0253-4A44-891B-BC4C4DBD5F91}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/20/2024 1:41:15 PM
LastThreatStatusChangeTime     : 2/26/2024 3:07:00 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/26/2024 3:07:00 PM
Resources                      : {file:_C:\Windows\Temp\PF4592.pdf, file:_C:\Windows\Temp\PF46EE.pdf,
                                 file:_C:\Windows\Temp\PF4891.pdf, file:_C:\Windows\Temp\PFC4A5.pdf...}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {0322EDA7-BED4-4CAB-99FF-C087720AC7B0}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/20/2024 1:41:15 PM
LastThreatStatusChangeTime     : 2/20/2024 2:40:18 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/20/2024 2:40:18 PM
Resources                      : {file:_C:\Windows\Temp\PF4592.pdf, file:_C:\Windows\Temp\PF46EE.pdf,
                                 file:_C:\Windows\Temp\PF4891.pdf, file:_C:\Windows\Temp\PFC4A5.pdf...}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {06A990B0-C3E9-439E-A614-6ABC13659C44}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:31:03 PM
LastThreatStatusChangeTime     : 2/20/2024 3:15:32 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/20/2024 3:15:32 PM
Resources                      : {file:_C:\Windows\Temp\PF14F4.pdf, file:_C:\Windows\Temp\PF150D.pdf,
                                 file:_C:\Windows\Temp\PF1ADB.pdf, file:_C:\Windows\Temp\PF2771.pdf...}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {2E73BCE7-2246-437E-850D-1B2AE165926D}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 2:32:29 PM
LastThreatStatusChangeTime     : 2/18/2024 2:32:38 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 2:32:38 PM
Resources                      : {file:_C:\Windows\Temp\PF5705.pdf, file:_C:\Windows\Temp\PF5E6A.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {5FAC96FE-2AE2-4F5C-A1CF-B77F28A2F04B}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:31:03 PM
LastThreatStatusChangeTime     : 2/20/2024 6:18:22 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/20/2024 6:18:22 PM
Resources                      : {file:_C:\Windows\Temp\PF14F4.pdf, file:_C:\Windows\Temp\PF150D.pdf,
                                 file:_C:\Windows\Temp\PF1ADB.pdf, file:_C:\Windows\Temp\PF2771.pdf...}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {64272F82-0873-4C8F-8F18-428573E6A159}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:31:03 PM
LastThreatStatusChangeTime     : 2/20/2024 11:01:56 AM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/20/2024 11:01:56 AM
Resources                      : {file:_C:\Windows\Temp\PF14F4.pdf, file:_C:\Windows\Temp\PF150D.pdf,
                                 file:_C:\Windows\Temp\PF1ADB.pdf, file:_C:\Windows\Temp\PF2771.pdf...}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {8E43E3BD-1094-48FD-90DC-D0DD191B1129}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/20/2024 1:41:15 PM
LastThreatStatusChangeTime     : 2/20/2024 6:18:22 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/20/2024 6:18:22 PM
Resources                      : {file:_C:\Windows\Temp\PF4592.pdf, file:_C:\Windows\Temp\PF46EE.pdf,
                                 file:_C:\Windows\Temp\PF4891.pdf, file:_C:\Windows\Temp\PFC4A5.pdf...}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {C0403A41-F87E-4E1C-A77E-591739EF7666}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:31:03 PM
LastThreatStatusChangeTime     : 2/26/2024 3:07:00 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/26/2024 3:07:00 PM
Resources                      : {file:_C:\Windows\Temp\PF14F4.pdf, file:_C:\Windows\Temp\PF150D.pdf,
                                 file:_C:\Windows\Temp\PF1ADB.pdf, file:_C:\Windows\Temp\PF2771.pdf...}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {FD9D98E3-70EE-4AB1-84B0-0F1030B4E881}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 2:35:48 PM
LastThreatStatusChangeTime     : 2/19/2024 8:24:16 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/19/2024 8:24:16 PM
Resources                      : {file:_C:\Windows\Temp\PF150D.pdf, file:_C:\Windows\Temp\PF3E9.pdf,
                                 file:_C:\Windows\Temp\PF6079.pdf, file:_C:\Windows\Temp\PF60C.pdf...}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {72E37C91-50A7-4ABC-A6E9-824A7307D7E1}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 10:39:20 AM
LastThreatStatusChangeTime     : 2/18/2024 10:39:26 AM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 10:39:26 AM
Resources                      : {file:_C:\Windows\Temp\PFC56D.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 9
CurrentThreatExecutionStatusID : 1
DetectionID                    : {19D774AC-2CCD-4949-907B-9E5990151EF9}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:31:03 PM
LastThreatStatusChangeTime     : 2/18/2024 6:31:03 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                :
Resources                      : {file:_C:\Windows\Temp\PFBE26.pdf, file:_C:\Windows\Temp\PFC03A.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 106
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {2346C56E-6591-4B54-A2CD-14BF6A10E72D}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:30:32 PM
LastThreatStatusChangeTime     : 2/20/2024 11:01:56 AM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/20/2024 11:01:56 AM
Resources                      : {file:_C:\Windows\Temp\PF4592.pdf, file:_C:\Windows\Temp\PF46EE.pdf,
                                 file:_C:\Windows\Temp\PF4891.pdf, file:_C:\Windows\Temp\PFE427.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {44E8F266-EB5E-42C6-AC2C-981EBCF9443E}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:31:03 PM
LastThreatStatusChangeTime     : 2/20/2024 12:44:38 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/20/2024 12:44:38 PM
Resources                      : {file:_C:\Windows\Temp\PF14F4.pdf, file:_C:\Windows\Temp\PF150D.pdf,
                                 file:_C:\Windows\Temp\PF1ADB.pdf, file:_C:\Windows\Temp\PF2771.pdf...}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {E195CA70-2BA8-4D48-8500-0920CF5BB1D8}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 11:46:02 AM
LastThreatStatusChangeTime     : 2/18/2024 11:46:09 AM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 11:46:09 AM
Resources                      : {file:_C:\Windows\Temp\PFD939.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {5635FAE5-C201-4EDC-9E45-9A2934D53C83}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 2:35:41 PM
LastThreatStatusChangeTime     : 2/18/2024 2:35:49 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 2:35:49 PM
Resources                      : {file:_C:\Windows\Temp\PF3D5B.pdf, file:_C:\Windows\Temp\PF4A2D.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {61C556E3-16B7-4C54-89B5-22CBB7BC08DF}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:31:03 PM
LastThreatStatusChangeTime     : 2/26/2024 12:46:27 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/26/2024 12:46:27 PM
Resources                      : {file:_C:\Windows\Temp\PF14F4.pdf, file:_C:\Windows\Temp\PF150D.pdf,
                                 file:_C:\Windows\Temp\PF1ADB.pdf, file:_C:\Windows\Temp\PF2771.pdf...}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {A3A14702-6785-49B2-88F1-6D48A28C4C6E}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:31:03 PM
LastThreatStatusChangeTime     : 2/20/2024 2:40:18 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/20/2024 2:40:18 PM
Resources                      : {file:_C:\Windows\Temp\PF14F4.pdf, file:_C:\Windows\Temp\PF150D.pdf,
                                 file:_C:\Windows\Temp\PF1ADB.pdf, file:_C:\Windows\Temp\PF2771.pdf...}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {B1B09F1C-F3D1-44CE-A9A2-AA4AF144DB5E}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/20/2024 1:41:15 PM
LastThreatStatusChangeTime     : 2/20/2024 3:15:32 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/20/2024 3:15:32 PM
Resources                      : {file:_C:\Windows\Temp\PF4592.pdf, file:_C:\Windows\Temp\PF46EE.pdf,
                                 file:_C:\Windows\Temp\PF4891.pdf, file:_C:\Windows\Temp\PFC4A5.pdf...}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {DC649A37-7729-4D0B-B11C-E6C37634E0D0}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 2:35:48 PM
LastThreatStatusChangeTime     : 2/19/2024 6:59:19 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/19/2024 6:59:19 PM
Resources                      : {file:_C:\Windows\Temp\PF14F4.pdf, file:_C:\Windows\Temp\PF150D.pdf,
                                 file:_C:\Windows\Temp\PF1ADB.pdf, file:_C:\Windows\Temp\PF2771.pdf...}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {10AA97DE-D619-4CB4-98D0-B897482DF9BD}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:30:32 PM
LastThreatStatusChangeTime     : 2/19/2024 8:44:47 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/19/2024 8:44:47 PM
Resources                      : {file:_C:\Windows\Temp\PF4592.pdf, file:_C:\Windows\Temp\PF46EE.pdf,
                                 file:_C:\Windows\Temp\PF4891.pdf, file:_C:\Windows\Temp\PFE427.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {218E2A9C-ADF8-44DB-8B85-2072C5764C2C}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 2:33:04 PM
LastThreatStatusChangeTime     : 2/18/2024 2:33:10 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 2:33:10 PM
Resources                      : {file:_C:\Windows\Temp\PFDFAD.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 9
CurrentThreatExecutionStatusID : 1
DetectionID                    : {22D796C3-75E5-4F00-BD5F-DC6540448876}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 2:35:48 PM
LastThreatStatusChangeTime     : 2/18/2024 2:35:48 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                :
Resources                      : {file:_C:\Windows\Temp\PF6079.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 106
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {22F660BA-1EE2-4FAC-B39C-1DD5901DEFB7}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:30:32 PM
LastThreatStatusChangeTime     : 2/19/2024 9:43:20 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/19/2024 9:43:20 PM
Resources                      : {file:_C:\Windows\Temp\PF4592.pdf, file:_C:\Windows\Temp\PF46EE.pdf,
                                 file:_C:\Windows\Temp\PF4891.pdf, file:_C:\Windows\Temp\PFE427.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {7C3C7A6C-784F-41E7-B46F-9331478F9B93}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 12:42:49 PM
LastThreatStatusChangeTime     : 2/18/2024 12:43:09 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 12:43:09 PM
Resources                      : {file:_C:\Windows\Temp\PF150D.pdf, file:_C:\Windows\Temp\PF8.pdf,
                                 file:_C:\Windows\Temp\PFD1B.pdf, file:_C:\Windows\Temp\PFF007.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {A0FFFFBB-08A0-45A0-BF89-20D294CF146C}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 12:45:04 PM
LastThreatStatusChangeTime     : 2/18/2024 12:45:11 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 12:45:11 PM
Resources                      : {file:_C:\Windows\Temp\PFF94F.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {A2321AAA-3188-4B28-82EC-DA6D402D0C8F}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 2:35:11 PM
LastThreatStatusChangeTime     : 2/18/2024 2:35:17 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 2:35:17 PM
Resources                      : {file:_C:\Windows\Temp\PFCD6A.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {B8B4A18A-97C2-4569-A2B0-86F63A842C0E}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 6:27:43 PM
LastThreatStatusChangeTime     : 2/18/2024 6:27:57 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 6:27:57 PM
Resources                      : {file:_C:\Windows\Temp\PFB26A.pdf, file:_C:\Windows\Temp\PFBBA3.pdf,
                                 file:_C:\Windows\Temp\PFC057.pdf, file:_C:\Windows\Temp\PFCE44.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {F087D243-A092-4A7E-AB7C-1CD84A1BD6A5}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:30:32 PM
LastThreatStatusChangeTime     : 2/19/2024 6:59:19 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/19/2024 6:59:19 PM
Resources                      : {file:_C:\Windows\Temp\PF4592.pdf, file:_C:\Windows\Temp\PF46EE.pdf,
                                 file:_C:\Windows\Temp\PF4891.pdf, file:_C:\Windows\Temp\PFE427.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {240CC862-0440-4CFF-931F-F02827E0C52F}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 12:41:31 PM
LastThreatStatusChangeTime     : 2/18/2024 12:41:41 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 12:41:41 PM
Resources                      : {file:_C:\Windows\Temp\PFBA24.pdf, file:_C:\Windows\Temp\PFC7A3.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 9
CurrentThreatExecutionStatusID : 1
DetectionID                    : {7BA422C8-245F-457B-8626-6D68E698C36A}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:31:03 PM
LastThreatStatusChangeTime     : 2/20/2024 1:41:15 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                :
Resources                      : {file:_C:\Windows\Temp\PF14F4.pdf, file:_C:\Windows\Temp\PF150D.pdf,
                                 file:_C:\Windows\Temp\PF1ADB.pdf, file:_C:\Windows\Temp\PF2771.pdf...}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 106
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {889D6D11-9284-4478-A34A-C010115B8435}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 6:31:07 PM
LastThreatStatusChangeTime     : 2/18/2024 6:31:28 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 6:31:28 PM
Resources                      : {file:_C:\Windows\Temp\PF3E9.pdf, file:_C:\Windows\Temp\PF60C.pdf,
                                 file:_C:\Windows\Temp\PFCF4F.pdf, file:_C:\Windows\Temp\PFD461.pdf...}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {E07D5B87-2450-492C-8798-9074698DE7E3}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 2:32:45 PM
LastThreatStatusChangeTime     : 2/18/2024 2:32:51 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 2:32:51 PM
Resources                      : {file:_C:\Windows\Temp\PF945A.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {0A44F5D5-D57E-44D3-AC62-9D306F2DDE0E}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 2:35:58 PM
LastThreatStatusChangeTime     : 2/18/2024 2:36:04 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 2:36:04 PM
Resources                      : {file:_C:\Windows\Temp\PF8679.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {7B9EAD3E-2233-4CBE-ACDA-CF1E964B4058}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 12:42:48 PM
LastThreatStatusChangeTime     : 2/18/2024 12:42:55 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 12:42:55 PM
Resources                      : {file:_C:\Windows\Temp\PFED76.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {28AA50B2-ACD0-4103-BD6C-F5343B9C7F11}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 12:42:07 PM
LastThreatStatusChangeTime     : 2/18/2024 12:42:14 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 12:42:14 PM
Resources                      : {file:_C:\Windows\Temp\PF4A13.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {09B158F2-543A-4D06-89C6-E98060E3186D}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 2:35:11 PM
LastThreatStatusChangeTime     : 2/18/2024 2:35:18 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 2:35:18 PM
Resources                      : {file:_C:\Windows\Temp\PFCFEC.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {17013DD6-AC6A-47B5-86CF-AD8679A92BF1}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 1:45:13 PM
LastThreatStatusChangeTime     : 2/18/2024 1:45:20 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 1:45:20 PM
Resources                      : {file:_C:\Windows\Temp\PFBA1.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {63971D81-CD75-467D-BCB9-3CFB46E496D7}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/20/2024 1:41:15 PM
LastThreatStatusChangeTime     : 2/20/2024 3:25:32 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/20/2024 3:25:32 PM
Resources                      : {file:_C:\Windows\Temp\PF4592.pdf, file:_C:\Windows\Temp\PF46EE.pdf,
                                 file:_C:\Windows\Temp\PF4891.pdf, file:_C:\Windows\Temp\PFC4A5.pdf...}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {8D85791B-1198-419A-8CDB-0A99006E28B3}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 1:43:16 PM
LastThreatStatusChangeTime     : 2/18/2024 1:43:23 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 1:43:23 PM
Resources                      : {file:_C:\Windows\Temp\PF4824.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {FCAB6EB7-6D1A-4931-9DB3-3F73D8DA6156}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:30:32 PM
LastThreatStatusChangeTime     : 2/19/2024 8:24:16 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/19/2024 8:24:16 PM
Resources                      : {file:_C:\Windows\Temp\PF4592.pdf, file:_C:\Windows\Temp\PF46EE.pdf,
                                 file:_C:\Windows\Temp\PF4891.pdf, file:_C:\Windows\Temp\PFE427.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {0C5404B8-ECF9-4EE5-AA85-23E16586EF67}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 12:42:56 PM
LastThreatStatusChangeTime     : 2/18/2024 12:43:03 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 12:43:03 PM
Resources                      : {file:_C:\Windows\Temp\PFA8A.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {7B6A300C-28F7-4859-848C-576A0DACE409}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 12:41:55 PM
LastThreatStatusChangeTime     : 2/18/2024 12:42:26 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 12:42:26 PM
Resources                      : {file:_C:\Windows\Temp\PF1ADB.pdf, file:_C:\Windows\Temp\PF2771.pdf,
                                 file:_C:\Windows\Temp\PF3270.pdf, file:_C:\Windows\Temp\PF3ACF.pdf...}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {7BF94CE5-3856-4162-83B0-72BE27DD84B0}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 11:37:17 AM
LastThreatStatusChangeTime     : 2/18/2024 11:37:24 AM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 11:37:24 AM
Resources                      : {file:_C:\Windows\Temp\PFD938.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {7DD7E251-4FE1-4F92-B3B4-4CAC022747E5}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 6:30:26 PM
LastThreatStatusChangeTime     : 2/18/2024 6:30:32 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 6:30:32 PM
Resources                      : {file:_C:\Windows\Temp\PF2F3A.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 9
CurrentThreatExecutionStatusID : 1
DetectionID                    : {AEB8BEE3-B1EE-46C6-9531-CB35A756E6AF}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:31:03 PM
LastThreatStatusChangeTime     : 2/18/2024 6:31:03 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                :
Resources                      : {file:_C:\Windows\Temp\PFBE26.pdf, file:_C:\Windows\Temp\PFC03A.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 106
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {27984321-6B4F-4DA7-8437-B0430BD41E8B}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:31:03 PM
LastThreatStatusChangeTime     : 2/19/2024 8:44:47 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/19/2024 8:44:47 PM
Resources                      : {file:_C:\Windows\Temp\PF14F4.pdf, file:_C:\Windows\Temp\PF150D.pdf,
                                 file:_C:\Windows\Temp\PF1ADB.pdf, file:_C:\Windows\Temp\PF2771.pdf...}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {8923FF7B-4878-4DE5-9C49-81AC372CB1D0}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 12:42:00 PM
LastThreatStatusChangeTime     : 2/18/2024 12:42:07 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 12:42:07 PM
Resources                      : {file:_C:\Windows\Temp\PF2FDF.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {AF846D2E-B6BA-4208-BBFB-B92A99532A57}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 6:27:57 PM
LastThreatStatusChangeTime     : 2/18/2024 6:28:06 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 6:28:06 PM
Resources                      : {file:_C:\Windows\Temp\PFEA0E.pdf, file:_C:\Windows\Temp\PFF5BB.pdf}
ThreatID                       : 2147763059
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {CA02B8B5-4532-42E1-9122-95FEA8F22FCA}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 2:36:35 PM
LastThreatStatusChangeTime     : 2/18/2024 2:36:41 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 2:36:41 PM
Resources                      : {file:_C:\Windows\Temp\PF14F4.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {CA9A60EA-E034-4801-83AE-5777B092DD48}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 10:39:21 AM
LastThreatStatusChangeTime     : 2/18/2024 10:39:28 AM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 10:39:28 AM
Resources                      : {file:_C:\Windows\Temp\PFCFAF.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {0168BA18-4D4E-4ACB-8832-8D9F2421696D}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/20/2024 1:41:15 PM
LastThreatStatusChangeTime     : 2/26/2024 12:46:27 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/26/2024 12:46:27 PM
Resources                      : {file:_C:\Windows\Temp\PF4592.pdf, file:_C:\Windows\Temp\PF46EE.pdf,
                                 file:_C:\Windows\Temp\PF4891.pdf, file:_C:\Windows\Temp\PFC4A5.pdf...}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {787BE465-1E5A-4932-8F2F-4BECE50C08EE}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:30:32 PM
LastThreatStatusChangeTime     : 2/20/2024 12:44:39 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/20/2024 12:44:39 PM
Resources                      : {file:_C:\Windows\Temp\PF4592.pdf, file:_C:\Windows\Temp\PF46EE.pdf,
                                 file:_C:\Windows\Temp\PF4891.pdf, file:_C:\Windows\Temp\PFE427.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {2095979F-C188-465C-85A4-A2EEF414E678}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 2:32:22 PM
LastThreatStatusChangeTime     : 2/18/2024 2:32:28 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 2:32:28 PM
Resources                      : {file:_C:\Windows\Temp\PF3CD4.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {705DC510-FB9A-4E19-B99D-9FF106042EB9}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 6:28:01 PM
LastThreatStatusChangeTime     : 2/18/2024 6:28:08 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 6:28:08 PM
Resources                      : {file:_C:\Windows\Temp\PFFBF6.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {9F50E5F3-1487-47D3-A7E7-85382DE8186B}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 11:45:45 AM
LastThreatStatusChangeTime     : 2/18/2024 11:45:52 AM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 11:45:52 AM
Resources                      : {file:_C:\Windows\Temp\PF9BCD.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {AB03C979-2A02-4F10-8A68-2F48C96B6A34}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 11:45:44 AM
LastThreatStatusChangeTime     : 2/18/2024 11:45:50 AM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 11:45:50 AM
Resources                      : {file:_C:\Windows\Temp\PF8B23.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {DA396ED2-0710-473C-AC20-677450AC5068}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 1:43:14 PM
LastThreatStatusChangeTime     : 2/18/2024 1:43:26 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 1:43:26 PM
Resources                      : {file:_C:\Windows\Temp\PF3FE4.pdf, file:_C:\Windows\Temp\PF4AA5.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 9
CurrentThreatExecutionStatusID : 1
DetectionID                    : {4E4472EB-4AD0-44F3-9C34-DCC3085B9B78}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:30:32 PM
LastThreatStatusChangeTime     : 2/20/2024 1:41:15 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                :
Resources                      : {file:_C:\Windows\Temp\PF4592.pdf, file:_C:\Windows\Temp\PF46EE.pdf,
                                 file:_C:\Windows\Temp\PF4891.pdf, file:_C:\Windows\Temp\PFE427.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 106
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {619EA068-3DC1-45DF-928E-292C176A15A9}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 2:32:43 PM
LastThreatStatusChangeTime     : 2/18/2024 2:33:13 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 2:33:13 PM
Resources                      : {file:_C:\Windows\Temp\PF8A93.pdf, file:_C:\Windows\Temp\PF9862.pdf,
                                 file:_C:\Windows\Temp\PFAB9E.pdf, file:_C:\Windows\Temp\PFB0B0.pdf...}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {661E4FD9-CBCD-4FA8-8CE6-7BBF74625301}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 6:30:53 PM
LastThreatStatusChangeTime     : 2/18/2024 6:31:04 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 6:31:04 PM
Resources                      : {file:_C:\Windows\Temp\PF922B.pdf, file:_C:\Windows\Temp\PFA5D5.pdf,
                                 file:_C:\Windows\Temp\PFA8C4.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {66734316-77A6-4701-A87C-2B2647A6E2A0}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:31:03 PM
LastThreatStatusChangeTime     : 2/20/2024 3:25:31 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/20/2024 3:25:31 PM
Resources                      : {file:_C:\Windows\Temp\PF14F4.pdf, file:_C:\Windows\Temp\PF150D.pdf,
                                 file:_C:\Windows\Temp\PF1ADB.pdf, file:_C:\Windows\Temp\PF2771.pdf...}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {A0D34A26-D7D7-4614-B286-536E502DAF8E}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 6:30:26 PM
LastThreatStatusChangeTime     : 2/18/2024 6:30:36 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 6:30:36 PM
Resources                      : {file:_C:\Windows\Temp\PF31CC.pdf, file:_C:\Windows\Temp\PF3A98.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {D1A19F8E-AAAD-4A4A-95B6-3105F3E14054}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 12:41:33 PM
LastThreatStatusChangeTime     : 2/18/2024 12:41:39 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 12:41:39 PM
Resources                      : {file:_C:\Windows\Temp\PFC4A5.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 9
CurrentThreatExecutionStatusID : 1
DetectionID                    : {48AE6C47-8D2A-4974-BC51-91C80A2A07D7}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 6:30:32 PM
LastThreatStatusChangeTime     : 2/18/2024 6:30:32 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                :
Resources                      : {file:_C:\Windows\Temp\PF46EE.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 106
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {55F9DC82-F73C-413C-8DC5-386D98D6A8D0}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 12:42:29 PM
LastThreatStatusChangeTime     : 2/18/2024 12:42:35 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 12:42:35 PM
Resources                      : {file:_C:\Windows\Temp\PF98FB.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {FE41773B-4573-43B8-B51F-13AE05A460D6}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:31:03 PM
LastThreatStatusChangeTime     : 2/19/2024 9:43:20 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/19/2024 9:43:20 PM
Resources                      : {file:_C:\Windows\Temp\PF14F4.pdf, file:_C:\Windows\Temp\PF150D.pdf,
                                 file:_C:\Windows\Temp\PF1ADB.pdf, file:_C:\Windows\Temp\PF2771.pdf...}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {0FFD7B17-8F57-4205-BE70-83CB6513970F}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:31:03 PM
LastThreatStatusChangeTime     : 2/20/2024 11:54:46 AM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/20/2024 11:54:46 AM
Resources                      : {file:_C:\Windows\Temp\PF14F4.pdf, file:_C:\Windows\Temp\PF150D.pdf,
                                 file:_C:\Windows\Temp\PF1ADB.pdf, file:_C:\Windows\Temp\PF2771.pdf...}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {612B4987-A487-4629-91F2-87044198CA30}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 6:28:21 PM
LastThreatStatusChangeTime     : 2/18/2024 6:28:28 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 6:28:28 PM
Resources                      : {file:_C:\Windows\Temp\PF4592.pdf, file:_C:\Windows\Temp\PF4891.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {8BC127E9-820D-4324-8515-A7CFC9BB75E0}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 2:32:40 PM
LastThreatStatusChangeTime     : 2/18/2024 2:32:50 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 2:32:50 PM
Resources                      : {file:_C:\Windows\Temp\PF7FC2.pdf, file:_C:\Windows\Temp\PF8E3D.pdf}
ThreatID                       : 2147763059
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {585465EC-D86C-4C2D-9726-79160A2B9983}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/20/2024 1:41:15 PM
LastThreatStatusChangeTime     : 2/26/2024 3:11:46 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/26/2024 3:11:46 PM
Resources                      : {file:_C:\Windows\Temp\PF4592.pdf, file:_C:\Windows\Temp\PF46EE.pdf,
                                 file:_C:\Windows\Temp\PF4891.pdf, file:_C:\Windows\Temp\PFC4A5.pdf...}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {0F2469C8-A0F7-4113-B2D5-54AC8327F83D}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 11:46:03 AM
LastThreatStatusChangeTime     : 2/18/2024 11:46:11 AM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 11:46:11 AM
Resources                      : {file:_C:\Windows\Temp\PFE427.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {3FB1222C-D66A-462B-9C79-BFDA7205F09A}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 2:35:49 PM
LastThreatStatusChangeTime     : 2/18/2024 2:36:22 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/18/2024 2:36:22 PM
Resources                      : {file:_C:\Windows\Temp\PF628E.pdf, file:_C:\Windows\Temp\PF6D7C.pdf,
                                 file:_C:\Windows\Temp\PF7BB8.pdf, file:_C:\Windows\Temp\PF890A.pdf...}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {81CEF074-05C0-4C02-B743-39D01F6E5CBC}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:31:03 PM
LastThreatStatusChangeTime     : 2/26/2024 3:11:45 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/26/2024 3:11:45 PM
Resources                      : {file:_C:\Windows\Temp\PF14F4.pdf, file:_C:\Windows\Temp\PF150D.pdf,
                                 file:_C:\Windows\Temp\PF1ADB.pdf, file:_C:\Windows\Temp\PF2771.pdf...}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 9
CurrentThreatExecutionStatusID : 1
DetectionID                    : {88848C46-D049-4F06-9F56-3139CCAD3E5C}
DetectionSourceTypeID          : 3
DomainUser                     : NT AUTHORITY\SYSTEM
InitialDetectionTime           : 2/18/2024 6:31:02 PM
LastThreatStatusChangeTime     : 2/18/2024 6:31:03 PM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                :
Resources                      : {file:_C:\Windows\Temp\PFBE26.pdf, file:_C:\Windows\Temp\PFC03A.pdf}
ThreatID                       : 2147735503
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 106
PSComputerName                 :

ActionSuccess                  : True
AdditionalActionsBitMask       : 0
AMProductVersion               : 4.18.24010.12
CleaningActionID               : 3
CurrentThreatExecutionStatusID : 1
DetectionID                    : {AE02AAA3-145B-42C8-85A6-AFAF3EE3BB0D}
DetectionSourceTypeID          : 3
DomainUser                     :
InitialDetectionTime           : 2/18/2024 6:30:32 PM
LastThreatStatusChangeTime     : 2/20/2024 11:54:47 AM
ProcessName                    : C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
RemediationTime                : 2/20/2024 11:54:47 AM
Resources                      : {file:_C:\Windows\Temp\PF4592.pdf, file:_C:\Windows\Temp\PF46EE.pdf,
                                 file:_C:\Windows\Temp\PF4891.pdf, file:_C:\Windows\Temp\PFE427.pdf}
ThreatID                       : 2147772967
ThreatStatusErrorCode          : 0
ThreatStatusID                 : 4
PSComputerName                 :

========= End of Powershell: =========

========= sfc /scannow =========

Beginning system scan. This process will take some time.

Beginning verification phase of system scan.

Verification 0% complete.
Verification 1% complete.
Verification 2% complete.
Verification 2% complete.
Verification 3% complete.
Verification 4% complete.
Verification 4% complete.
Verification 5% complete.
Verification 6% complete.
Verification 6% complete.
Verification 7% complete.
Verification 8% complete.
Verification 8% complete.
Verification 9% complete.
Verification 10% complete.
Verification 11% complete.
Verification 11% complete.
Verification 12% complete.
Verification 13% complete.
Verification 13% complete.
Verification 14% complete.
Verification 15% complete.
Verification 15% complete.
Verification 16% complete.
Verification 17% complete.
Verification 17% complete.
Verification 18% complete.
Verification 19% complete.
Verification 19% complete.
Verification 20% complete.
Verification 21% complete.
Verification 22% complete.
Verification 22% complete.
Verification 23% complete.
Verification 24% complete.
Verification 24% complete.
Verification 25% complete.
Verification 26% complete.
Verification 26% complete.
Verification 27% complete.
Verification 28% complete.
Verification 28% complete.
Verification 29% complete.
Verification 30% complete.
Verification 30% complete.
Verification 31% complete.
Verification 32% complete.
Verification 33% complete.
Verification 33% complete.
Verification 34% complete.
Verification 35% complete.
Verification 35% complete.
Verification 36% complete.
Verification 37% complete.
Verification 37% complete.
Verification 38% complete.
Verification 39% complete.
Verification 39% complete.
Verification 40% complete.
Verification 41% complete.
Verification 42% complete.
Verification 42% complete.
Verification 43% complete.
Verification 44% complete.
Verification 44% complete.
Verification 45% complete.
Verification 46% complete.
Verification 46% complete.
Verification 47% complete.
Verification 48% complete.
Verification 48% complete.
Verification 49% complete.
Verification 50% complete.
Verification 50% complete.
Verification 51% complete.
Verification 52% complete.
Verification 53% complete.
Verification 53% complete.
Verification 54% complete.
Verification 55% complete.
Verification 55% complete.
Verification 56% complete.
Verification 57% complete.
Verification 57% complete.
Verification 58% complete.
Verification 59% complete.
Verification 59% complete.
Verification 60% complete.
Verification 61% complete.
Verification 61% complete.
Verification 62% complete.
Verification 63% complete.
Verification 64% complete.
Verification 64% complete.
Verification 65% complete.
Verification 66% complete.
Verification 66% complete.
Verification 67% complete.
Verification 68% complete.
Verification 68% complete.
Verification 69% complete.
Verification 70% complete.
Verification 70% complete.
Verification 71% complete.
Verification 72% complete.
Verification 73% complete.
Verification 73% complete.
Verification 74% complete.
Verification 75% complete.
Verification 75% complete.
Verification 76% complete.
Verification 77% complete.
Verification 77% complete.
Verification 78% complete.
Verification 79% complete.
Verification 79% complete.
Verification 80% complete.
Verification 81% complete.
Verification 81% complete.
Verification 82% complete.
Verification 83% complete.
Verification 84% complete.
Verification 84% complete.
Verification 85% complete.
Verification 86% complete.
Verification 86% complete.
Verification 87% complete.
Verification 88% complete.
Verification 88% complete.
Verification 89% complete.
Verification 90% complete.
Verification 90% complete.
Verification 91% complete.
Verification 92% complete.
Verification 92% complete.
Verification 93% complete.
Verification 94% complete.
Verification 95% complete.
Verification 95% complete.
Verification 96% complete.
Verification 97% complete.
Verification 97% complete.
Verification 98% complete.
Verification 99% complete.
Verification 99% complete.
Verification 100% complete.

Windows Resource Protection did not find any integrity violations.

========= End of CMD: =========

========= DISM /Online /Cleanup-Image /CheckHealth =========

Deployment Image Servicing and Management tool
Version: 10.0.22621.2792

Image Version: 10.0.22631.3155

No component store corruption detected.
The operation completed successfully.

========= End of CMD: =========

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9510598 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 334037233 B
Edge => 0 B
Firefox => 1672513152 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 167919995 B
systemprofile32 => 167919995 B
LocalService => 168786491 B
NetworkService => 169061765 B
jenfr => 856527805 B
Boss => 893047478 B
CBT_MKE => 911126304 B

RecycleBin => 101683219 B
EmptyTemp: => 5.1 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 28-02-2024 09:19:57)

C:\Windows\Temp => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00\0F2469C8-A0F7-4113-B2D5-54AC8327F83D => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00\3FB1222C-D66A-462B-9C79-BFDA7205F09A => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00\81CEF074-05C0-4C02-B743-39D01F6E5CBC => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00\88848C46-D049-4F06-9F56-3139CCAD3E5C => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00\AE02AAA3-145B-42C8-85A6-AFAF3EE3BB0D => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\01\585465EC-D86C-4C2D-9726-79160A2B9983 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\02\0FFD7B17-8F57-4205-BE70-83CB6513970F => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\02\612B4987-A487-4629-91F2-87044198CA30 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\02\8BC127E9-820D-4324-8515-A7CFC9BB75E0 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\03\48AE6C47-8D2A-4974-BC51-91C80A2A07D7 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\03\55F9DC82-F73C-413C-8DC5-386D98D6A8D0 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\03\FE41773B-4573-43B8-B51F-13AE05A460D6 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\4E4472EB-4AD0-44F3-9C34-DCC3085B9B78 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\619EA068-3DC1-45DF-928E-292C176A15A9 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\661E4FD9-CBCD-4FA8-8CE6-7BBF74625301 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\66734316-77A6-4701-A87C-2B2647A6E2A0 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\A0D34A26-D7D7-4614-B286-536E502DAF8E => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\D1A19F8E-AAAD-4A4A-95B6-3105F3E14054 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\2095979F-C188-465C-85A4-A2EEF414E678 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\705DC510-FB9A-4E19-B99D-9FF106042EB9 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\9F50E5F3-1487-47D3-A7E7-85382DE8186B => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\AB03C979-2A02-4F10-8A68-2F48C96B6A34 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\DA396ED2-0710-473C-AC20-677450AC5068 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\07\0168BA18-4D4E-4ACB-8832-8D9F2421696D => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\07\787BE465-1E5A-4932-8F2F-4BECE50C08EE => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\27984321-6B4F-4DA7-8437-B0430BD41E8B => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\8923FF7B-4878-4DE5-9C49-81AC372CB1D0 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\AF846D2E-B6BA-4208-BBFB-B92A99532A57 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\CA02B8B5-4532-42E1-9122-95FEA8F22FCA => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\CA9A60EA-E034-4801-83AE-5777B092DD48 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\0C5404B8-ECF9-4EE5-AA85-23E16586EF67 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\7B6A300C-28F7-4859-848C-576A0DACE409 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\7BF94CE5-3856-4162-83B0-72BE27DD84B0 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\7DD7E251-4FE1-4F92-B3B4-4CAC022747E5 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\AEB8BEE3-B1EE-46C6-9531-CB35A756E6AF => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\09B158F2-543A-4D06-89C6-E98060E3186D => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\17013DD6-AC6A-47B5-86CF-AD8679A92BF1 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\63971D81-CD75-467D-BCB9-3CFB46E496D7 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\8D85791B-1198-419A-8CDB-0A99006E28B3 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\FCAB6EB7-6D1A-4931-9DB3-3F73D8DA6156 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\12\28AA50B2-ACD0-4103-BD6C-F5343B9C7F11 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\13\0A44F5D5-D57E-44D3-AC62-9D306F2DDE0E => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\13\7B9EAD3E-2233-4CBE-ACDA-CF1E964B4058 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\14\240CC862-0440-4CFF-931F-F02827E0C52F => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\14\7BA422C8-245F-457B-8626-6D68E698C36A => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\14\889D6D11-9284-4478-A34A-C010115B8435 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\14\E07D5B87-2450-492C-8798-9074698DE7E3 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\10AA97DE-D619-4CB4-98D0-B897482DF9BD => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\218E2A9C-ADF8-44DB-8B85-2072C5764C2C => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\22D796C3-75E5-4F00-BD5F-DC6540448876 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\22F660BA-1EE2-4FAC-B39C-1DD5901DEFB7 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\7C3C7A6C-784F-41E7-B46F-9331478F9B93 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\A0FFFFBB-08A0-45A0-BF89-20D294CF146C => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\A2321AAA-3188-4B28-82EC-DA6D402D0C8F => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\B8B4A18A-97C2-4569-A2B0-86F63A842C0E => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\F087D243-A092-4A7E-AB7C-1CD84A1BD6A5 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16\5635FAE5-C201-4EDC-9E45-9A2934D53C83 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16\61C556E3-16B7-4C54-89B5-22CBB7BC08DF => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16\A3A14702-6785-49B2-88F1-6D48A28C4C6E => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16\B1B09F1C-F3D1-44CE-A9A2-AA4AF144DB5E => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16\DC649A37-7729-4D0B-B11C-E6C37634E0D0 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\17\19D774AC-2CCD-4949-907B-9E5990151EF9 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\17\2346C56E-6591-4B54-A2CD-14BF6A10E72D => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\17\44E8F266-EB5E-42C6-AC2C-981EBCF9443E => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\17\E195CA70-2BA8-4D48-8500-0920CF5BB1D8 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\18\72E37C91-50A7-4ABC-A6E9-824A7307D7E1 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\0322EDA7-BED4-4CAB-99FF-C087720AC7B0 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\06A990B0-C3E9-439E-A614-6ABC13659C44 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\2E73BCE7-2246-437E-850D-1B2AE165926D => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\5FAC96FE-2AE2-4F5C-A1CF-B77F28A2F04B => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\64272F82-0873-4C8F-8F18-428573E6A159 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\8E43E3BD-1094-48FD-90DC-D0DD191B1129 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\C0403A41-F87E-4E1C-A77E-591739EF7666 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\FD9D98E3-70EE-4AB1-84B0-0F1030B4E881 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\20\B92B57DE-3842-49BE-AF23-9B485896F7CE => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\20\F2EFD63E-0253-4A44-891B-BC4C4DBD5F91 => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\21\2167A3E2-7832-4393-8E58-8BBD7117C1AD => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\22\AA5FDCDC-D491-4FF2-B527-BC039A5F1DBF => Could not move

==== End of Fixlog 09:19:57 ====

Back to top"> Back to top

#8 Oh My!

Adware and Spyware and Malware

Malware Response Instructor
57,028 posts
OFFLINE

Gender:Male
Location:California
Local time:07:58 PM

Posted 28 February 2024 - 12:33 PM

The system is not allowing us access to some information. We need to complete things a different way.

Please do this.

===================================================

Farbar Recovery Scan Tool Fix From Recovery Partition

--------------------

Download Farbar Recover Scan Tool for 64 bit systems and save it to a USB device
Click Start, type Notepad, then hit Enter
Copy and paste the below into the open Notepad document

C:\Windows\Temp
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00\0F2469C8-A0F7-4113-B2D5-54AC8327F83D
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00\3FB1222C-D66A-462B-9C79-BFDA7205F09A
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00\81CEF074-05C0-4C02-B743-39D01F6E5CBC
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00\88848C46-D049-4F06-9F56-3139CCAD3E5C
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00\AE02AAA3-145B-42C8-85A6-AFAF3EE3BB0D
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\01\585465EC-D86C-4C2D-9726-79160A2B9983
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\02\0FFD7B17-8F57-4205-BE70-83CB6513970F
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\02\612B4987-A487-4629-91F2-87044198CA30
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\02\8BC127E9-820D-4324-8515-A7CFC9BB75E0
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\03\48AE6C47-8D2A-4974-BC51-91C80A2A07D7
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\03\55F9DC82-F73C-413C-8DC5-386D98D6A8D0
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\03\FE41773B-4573-43B8-B51F-13AE05A460D6
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\4E4472EB-4AD0-44F3-9C34-DCC3085B9B78
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\619EA068-3DC1-45DF-928E-292C176A15A9
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\661E4FD9-CBCD-4FA8-8CE6-7BBF74625301
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\66734316-77A6-4701-A87C-2B2647A6E2A0
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\A0D34A26-D7D7-4614-B286-536E502DAF8E
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\D1A19F8E-AAAD-4A4A-95B6-3105F3E14054
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\2095979F-C188-465C-85A4-A2EEF414E678
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\705DC510-FB9A-4E19-B99D-9FF106042EB9
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\9F50E5F3-1487-47D3-A7E7-85382DE8186B
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\AB03C979-2A02-4F10-8A68-2F48C96B6A34
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\DA396ED2-0710-473C-AC20-677450AC5068
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\07\0168BA18-4D4E-4ACB-8832-8D9F2421696D
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\07\787BE465-1E5A-4932-8F2F-4BECE50C08EE
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\27984321-6B4F-4DA7-8437-B0430BD41E8B
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\8923FF7B-4878-4DE5-9C49-81AC372CB1D0
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\AF846D2E-B6BA-4208-BBFB-B92A99532A57
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\CA02B8B5-4532-42E1-9122-95FEA8F22FCA
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\CA9A60EA-E034-4801-83AE-5777B092DD48
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\0C5404B8-ECF9-4EE5-AA85-23E16586EF67
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\7B6A300C-28F7-4859-848C-576A0DACE409
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\7BF94CE5-3856-4162-83B0-72BE27DD84B0
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\7DD7E251-4FE1-4F92-B3B4-4CAC022747E5
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\AEB8BEE3-B1EE-46C6-9531-CB35A756E6AF
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\09B158F2-543A-4D06-89C6-E98060E3186D
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\17013DD6-AC6A-47B5-86CF-AD8679A92BF1
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\63971D81-CD75-467D-BCB9-3CFB46E496D7
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\8D85791B-1198-419A-8CDB-0A99006E28B3
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\FCAB6EB7-6D1A-4931-9DB3-3F73D8DA6156
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\12\28AA50B2-ACD0-4103-BD6C-F5343B9C7F11
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\13\0A44F5D5-D57E-44D3-AC62-9D306F2DDE0E
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\13\7B9EAD3E-2233-4CBE-ACDA-CF1E964B4058
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\14\240CC862-0440-4CFF-931F-F02827E0C52F
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\14\7BA422C8-245F-457B-8626-6D68E698C36A
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\14\889D6D11-9284-4478-A34A-C010115B8435
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\14\E07D5B87-2450-492C-8798-9074698DE7E3
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\10AA97DE-D619-4CB4-98D0-B897482DF9BD
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\218E2A9C-ADF8-44DB-8B85-2072C5764C2C
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\22D796C3-75E5-4F00-BD5F-DC6540448876
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\22F660BA-1EE2-4FAC-B39C-1DD5901DEFB7
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\7C3C7A6C-784F-41E7-B46F-9331478F9B93
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\A0FFFFBB-08A0-45A0-BF89-20D294CF146C
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\A2321AAA-3188-4B28-82EC-DA6D402D0C8F
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\B8B4A18A-97C2-4569-A2B0-86F63A842C0E
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\F087D243-A092-4A7E-AB7C-1CD84A1BD6A5
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16\5635FAE5-C201-4EDC-9E45-9A2934D53C83
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16\61C556E3-16B7-4C54-89B5-22CBB7BC08DF
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16\A3A14702-6785-49B2-88F1-6D48A28C4C6E
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16\B1B09F1C-F3D1-44CE-A9A2-AA4AF144DB5E
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16\DC649A37-7729-4D0B-B11C-E6C37634E0D0
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\17\19D774AC-2CCD-4949-907B-9E5990151EF9
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\17\2346C56E-6591-4B54-A2CD-14BF6A10E72D
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\17\44E8F266-EB5E-42C6-AC2C-981EBCF9443E
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\17\E195CA70-2BA8-4D48-8500-0920CF5BB1D8
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\18\72E37C91-50A7-4ABC-A6E9-824A7307D7E1
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\0322EDA7-BED4-4CAB-99FF-C087720AC7B0
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\06A990B0-C3E9-439E-A614-6ABC13659C44
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\2E73BCE7-2246-437E-850D-1B2AE165926D
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\5FAC96FE-2AE2-4F5C-A1CF-B77F28A2F04B
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\64272F82-0873-4C8F-8F18-428573E6A159
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\8E43E3BD-1094-48FD-90DC-D0DD191B1129
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\C0403A41-F87E-4E1C-A77E-591739EF7666
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\FD9D98E3-70EE-4AB1-84B0-0F1030B4E881
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\20\B92B57DE-3842-49BE-AF23-9B485896F7CE
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\20\F2EFD63E-0253-4A44-891B-BC4C4DBD5F91
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\21\2167A3E2-7832-4393-8E58-8BBD7117C1AD
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\22\AA5FDCDC-D491-4FF2-B527-BC039A5F1DBF
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\Detections.log
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\History.Log
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\Unknown.Log
C:\ProgramData\Microsoft\Windows Defender\Scans\mpenginedb.db

Save the Notepad document onto your USB device as Fixlist.txt
Insert the USB device into your compromised computer
Holding down the Shift Key click Start, click the power icon, then select Reboot
Click Troubleshoot
Click Advanced options
Click Command Prompt
Choose an account to continue
If necessary, enter the password then hit Continue
In the command window type in Notepad and press Enter
Under File menu select Open
Select This PC and double click on your USB drive letter
Next to Files of type: select All Files
Right click on the FRST icon and select Run as administrator
Click Yes to disclaimer that may appear
Press Fix button
A fixlog.txt file will be saved on the USB drive
Reboot your computer then copy and paste the contents of Fixlog.txt your reply.

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it.

Fixlog

Gary

Lord, to whom shall we go? You have the words of eternal life. We have come to believe and to know that you are the Holy One of God.
John 6:68-69

Back to top"> Back to top

#9 FlaxenV

Topic Starter

Members
19 posts
OFFLINE

Gender:Male
Local time:09:58 PM

Posted 28 February 2024 - 04:06 PM

Fix result of Farbar Recovery Scan Tool (x64) Version: 26.02.2024 01
Ran by SYSTEM (28-02-2024 14:51:15) Run:3
Running from D:\
Boot Mode: Recovery
==============================================

fixlist content:
*****************
C:\Windows\Temp
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00\0F2469C8-A0F7-4113-B2D5-54AC8327F83D
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00\3FB1222C-D66A-462B-9C79-BFDA7205F09A
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00\81CEF074-05C0-4C02-B743-39D01F6E5CBC
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00\88848C46-D049-4F06-9F56-3139CCAD3E5C
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00\AE02AAA3-145B-42C8-85A6-AFAF3EE3BB0D
C:\ProgramData\Microsoft\Windows
Defender\Scans\History\Service\DetectionHistory\01\585465EC-D86C-4C2D-9726-79160A2B9983
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\02\0FFD7B17-8F57-4205-BE70-83CB6513970F
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\02\612B4987-A487-4629-91F2-87044198CA30
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\02\8BC127E9-820D-4324-8515-A7CFC9BB75E0
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\03\48AE6C47-8D2A-4974-BC51-91C80A2A07D7
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\03\55F9DC82-F73C-413C-8DC5-386D98D6A8D0
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\03\FE41773B-4573-43B8-B51F-13AE05A460D6
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\4E4472EB-4AD0-44F3-9C34-DCC3085B9B78
C:\ProgramData\Microsoft\Windows
Defender\Scans\History\Service\DetectionHistory\04\619EA068-3DC1-45DF-928E-292C176A15A9
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\661E4FD9-CBCD-4FA8-8CE6-7BBF74625301
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\66734316-77A6-4701-A87C-2B2647A6E2A0
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\A0D34A26-D7D7-4614-B286-536E502DAF8E
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\D1A19F8E-AAAD-4A4A-95B6-3105F3E14054
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\2095979F-C188-465C-85A4-A2EEF414E678
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\705DC510-FB9A-4E19-B99D-9FF106042EB9
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\9F50E5F3-1487-47D3-A7E7-85382DE8186B
C:\ProgramData\Microsoft\Windows
Defender\Scans\History\Service\DetectionHistory\06\AB03C979-2A02-4F10-8A68-2F48C96B6A34
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\DA396ED2-0710-473C-AC20-677450AC5068
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\07\0168BA18-4D4E-4ACB-8832-8D9F2421696D
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\07\787BE465-1E5A-4932-8F2F-4BECE50C08EE
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\27984321-6B4F-4DA7-8437-B0430BD41E8B
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\8923FF7B-4878-4DE5-9C49-81AC372CB1D0
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\AF846D2E-B6BA-4208-BBFB-B92A99532A57
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\CA02B8B5-4532-42E1-9122-95FEA8F22FCA
C:\ProgramData\Microsoft\Windows
Defender\Scans\History\Service\DetectionHistory\08\CA9A60EA-E034-4801-83AE-5777B092DD48
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\0C5404B8-ECF9-4EE5-AA85-23E16586EF67
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\7B6A300C-28F7-4859-848C-576A0DACE409
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\7BF94CE5-3856-4162-83B0-72BE27DD84B0
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\7DD7E251-4FE1-4F92-B3B4-4CAC022747E5
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\AEB8BEE3-B1EE-46C6-9531-CB35A756E6AF
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\09B158F2-543A-4D06-89C6-E98060E3186D
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\17013DD6-AC6A-47B5-86CF-AD8679A92BF1
C:\ProgramData\Microsoft\Windows
Defender\Scans\History\Service\DetectionHistory\10\63971D81-CD75-467D-BCB9-3CFB46E496D7
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\8D85791B-1198-419A-8CDB-0A99006E28B3
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\FCAB6EB7-6D1A-4931-9DB3-3F73D8DA6156
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\12\28AA50B2-ACD0-4103-BD6C-F5343B9C7F11
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\13\0A44F5D5-D57E-44D3-AC62-9D306F2DDE0E
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\13\7B9EAD3E-2233-4CBE-ACDA-CF1E964B4058
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\14\240CC862-0440-4CFF-931F-F02827E0C52F
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\14\7BA422C8-245F-457B-8626-6D68E698C36A
C:\ProgramData\Microsoft\Windows
Defender\Scans\History\Service\DetectionHistory\14\889D6D11-9284-4478-A34A-C010115B8435
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\14\E07D5B87-2450-492C-8798-9074698DE7E3
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\10AA97DE-D619-4CB4-98D0-B897482DF9BD
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\218E2A9C-ADF8-44DB-8B85-2072C5764C2C
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\22D796C3-75E5-4F00-BD5F-DC6540448876
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\22F660BA-1EE2-4FAC-B39C-1DD5901DEFB7
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\7C3C7A6C-784F-41E7-B46F-9331478F9B93
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\A0FFFFBB-08A0-45A0-BF89-20D294CF146C
C:\ProgramData\Microsoft\Windows
Defender\Scans\History\Service\DetectionHistory\15\A2321AAA-3188-4B28-82EC-DA6D402D0C8F
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\B8B4A18A-97C2-4569-A2B0-86F63A842C0E
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\F087D243-A092-4A7E-AB7C-1CD84A1BD6A5
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16\5635FAE5-C201-4EDC-9E45-9A2934D53C83
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16\61C556E3-16B7-4C54-89B5-22CBB7BC08DF
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16\A3A14702-6785-49B2-88F1-6D48A28C4C6E
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16\B1B09F1C-F3D1-44CE-A9A2-AA4AF144DB5E
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16\DC649A37-7729-4D0B-B11C-E6C37634E0D0
C:\ProgramData\Microsoft\Windows
Defender\Scans\History\Service\DetectionHistory\17\19D774AC-2CCD-4949-907B-9E5990151EF9
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\17\2346C56E-6591-4B54-A2CD-14BF6A10E72D
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\17\44E8F266-EB5E-42C6-AC2C-981EBCF9443E
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\17\E195CA70-2BA8-4D48-8500-0920CF5BB1D8
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\18\72E37C91-50A7-4ABC-A6E9-824A7307D7E1
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\0322EDA7-BED4-4CAB-99FF-C087720AC7B0
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\06A990B0-C3E9-439E-A614-6ABC13659C44
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\2E73BCE7-2246-437E-850D-1B2AE165926D
C:\ProgramData\Microsoft\Windows
Defender\Scans\History\Service\DetectionHistory\19\5FAC96FE-2AE2-4F5C-A1CF-B77F28A2F04B
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\64272F82-0873-4C8F-8F18-428573E6A159
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\8E43E3BD-1094-48FD-90DC-D0DD191B1129
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\C0403A41-F87E-4E1C-A77E-591739EF7666
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\FD9D98E3-70EE-4AB1-84B0-0F1030B4E881
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\20\B92B57DE-3842-49BE-AF23-9B485896F7CE
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\20\F2EFD63E-0253-4A44-891B-BC4C4DBD5F91
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\21\2167A3E2-7832-4393-8E58-8BBD7117C1AD
C:\ProgramData\Microsoft\Windows
Defender\Scans\History\Service\DetectionHistory\22\AA5FDCDC-D491-4FF2-B527-BC039A5F1DBF
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\Detections.log
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\History.Log
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\Unknown.Log
C:\ProgramData\Microsoft\Windows Defender\Scans\mpenginedb.db
*****************

C:\Windows\Temp => Could not move
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00\0F2469C8-A0F7-4113-B2D5-54AC8327F83D => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00\3FB1222C-D66A-462B-9C79-BFDA7205F09A => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00\81CEF074-05C0-4C02-B743-39D01F6E5CBC => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00\88848C46-D049-4F06-9F56-3139CCAD3E5C => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\00\AE02AAA3-145B-42C8-85A6-AFAF3EE3BB0D => moved successfully
C:\ProgramData\Microsoft\Windows => Could not move
Defender\Scans\History\Service\DetectionHistory\01\585465EC-D86C-4C2D-9726-79160A2B9983 => Error: No automatic fix found for this entry.
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\02\0FFD7B17-8F57-4205-BE70-83CB6513970F => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\02\612B4987-A487-4629-91F2-87044198CA30 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\02\8BC127E9-820D-4324-8515-A7CFC9BB75E0 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\03\48AE6C47-8D2A-4974-BC51-91C80A2A07D7 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\03\55F9DC82-F73C-413C-8DC5-386D98D6A8D0 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\03\FE41773B-4573-43B8-B51F-13AE05A460D6 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\4E4472EB-4AD0-44F3-9C34-DCC3085B9B78 => moved successfully
C:\ProgramData\Microsoft\Windows => Could not move
Defender\Scans\History\Service\DetectionHistory\04\619EA068-3DC1-45DF-928E-292C176A15A9 => Error: No automatic fix found for this entry.
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\661E4FD9-CBCD-4FA8-8CE6-7BBF74625301 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\66734316-77A6-4701-A87C-2B2647A6E2A0 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\A0D34A26-D7D7-4614-B286-536E502DAF8E => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\D1A19F8E-AAAD-4A4A-95B6-3105F3E14054 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\2095979F-C188-465C-85A4-A2EEF414E678 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\705DC510-FB9A-4E19-B99D-9FF106042EB9 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\9F50E5F3-1487-47D3-A7E7-85382DE8186B => moved successfully
C:\ProgramData\Microsoft\Windows => Could not move
Defender\Scans\History\Service\DetectionHistory\06\AB03C979-2A02-4F10-8A68-2F48C96B6A34 => Error: No automatic fix found for this entry.
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\DA396ED2-0710-473C-AC20-677450AC5068 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\07\0168BA18-4D4E-4ACB-8832-8D9F2421696D => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\07\787BE465-1E5A-4932-8F2F-4BECE50C08EE => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\27984321-6B4F-4DA7-8437-B0430BD41E8B => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\8923FF7B-4878-4DE5-9C49-81AC372CB1D0 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\AF846D2E-B6BA-4208-BBFB-B92A99532A57 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\CA02B8B5-4532-42E1-9122-95FEA8F22FCA => moved successfully
C:\ProgramData\Microsoft\Windows => Could not move
Defender\Scans\History\Service\DetectionHistory\08\CA9A60EA-E034-4801-83AE-5777B092DD48 => Error: No automatic fix found for this entry.
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\0C5404B8-ECF9-4EE5-AA85-23E16586EF67 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\7B6A300C-28F7-4859-848C-576A0DACE409 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\7BF94CE5-3856-4162-83B0-72BE27DD84B0 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\7DD7E251-4FE1-4F92-B3B4-4CAC022747E5 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\09\AEB8BEE3-B1EE-46C6-9531-CB35A756E6AF => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\09B158F2-543A-4D06-89C6-E98060E3186D => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\17013DD6-AC6A-47B5-86CF-AD8679A92BF1 => moved successfully
C:\ProgramData\Microsoft\Windows => Could not move
Defender\Scans\History\Service\DetectionHistory\10\63971D81-CD75-467D-BCB9-3CFB46E496D7 => Error: No automatic fix found for this entry.
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\8D85791B-1198-419A-8CDB-0A99006E28B3 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\FCAB6EB7-6D1A-4931-9DB3-3F73D8DA6156 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\12\28AA50B2-ACD0-4103-BD6C-F5343B9C7F11 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\13\0A44F5D5-D57E-44D3-AC62-9D306F2DDE0E => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\13\7B9EAD3E-2233-4CBE-ACDA-CF1E964B4058 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\14\240CC862-0440-4CFF-931F-F02827E0C52F => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\14\7BA422C8-245F-457B-8626-6D68E698C36A => moved successfully
C:\ProgramData\Microsoft\Windows => Could not move
Defender\Scans\History\Service\DetectionHistory\14\889D6D11-9284-4478-A34A-C010115B8435 => Error: No automatic fix found for this entry.
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\14\E07D5B87-2450-492C-8798-9074698DE7E3 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\10AA97DE-D619-4CB4-98D0-B897482DF9BD => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\218E2A9C-ADF8-44DB-8B85-2072C5764C2C => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\22D796C3-75E5-4F00-BD5F-DC6540448876 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\22F660BA-1EE2-4FAC-B39C-1DD5901DEFB7 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\7C3C7A6C-784F-41E7-B46F-9331478F9B93 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\A0FFFFBB-08A0-45A0-BF89-20D294CF146C => moved successfully
C:\ProgramData\Microsoft\Windows => Could not move
Defender\Scans\History\Service\DetectionHistory\15\A2321AAA-3188-4B28-82EC-DA6D402D0C8F => Error: No automatic fix found for this entry.
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\B8B4A18A-97C2-4569-A2B0-86F63A842C0E => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\F087D243-A092-4A7E-AB7C-1CD84A1BD6A5 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16\5635FAE5-C201-4EDC-9E45-9A2934D53C83 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16\61C556E3-16B7-4C54-89B5-22CBB7BC08DF => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16\A3A14702-6785-49B2-88F1-6D48A28C4C6E => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16\B1B09F1C-F3D1-44CE-A9A2-AA4AF144DB5E => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\16\DC649A37-7729-4D0B-B11C-E6C37634E0D0 => moved successfully
C:\ProgramData\Microsoft\Windows => Could not move
Defender\Scans\History\Service\DetectionHistory\17\19D774AC-2CCD-4949-907B-9E5990151EF9 => Error: No automatic fix found for this entry.
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\17\2346C56E-6591-4B54-A2CD-14BF6A10E72D => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\17\44E8F266-EB5E-42C6-AC2C-981EBCF9443E => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\17\E195CA70-2BA8-4D48-8500-0920CF5BB1D8 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\18\72E37C91-50A7-4ABC-A6E9-824A7307D7E1 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\0322EDA7-BED4-4CAB-99FF-C087720AC7B0 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\06A990B0-C3E9-439E-A614-6ABC13659C44 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\2E73BCE7-2246-437E-850D-1B2AE165926D => moved successfully
C:\ProgramData\Microsoft\Windows => Could not move
Defender\Scans\History\Service\DetectionHistory\19\5FAC96FE-2AE2-4F5C-A1CF-B77F28A2F04B => Error: No automatic fix found for this entry.
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\64272F82-0873-4C8F-8F18-428573E6A159 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\8E43E3BD-1094-48FD-90DC-D0DD191B1129 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\C0403A41-F87E-4E1C-A77E-591739EF7666 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\FD9D98E3-70EE-4AB1-84B0-0F1030B4E881 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\20\B92B57DE-3842-49BE-AF23-9B485896F7CE => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\20\F2EFD63E-0253-4A44-891B-BC4C4DBD5F91 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\21\2167A3E2-7832-4393-8E58-8BBD7117C1AD => moved successfully
C:\ProgramData\Microsoft\Windows => Could not move
Defender\Scans\History\Service\DetectionHistory\22\AA5FDCDC-D491-4FF2-B527-BC039A5F1DBF => Error: No automatic fix found for this entry.
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\Detections.log => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\History.Log => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\Unknown.Log => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\mpenginedb.db => moved successfully

==== End of Fixlog 14:51:28 ====

Back to top"> Back to top

#10 Oh My!

Adware and Spyware and Malware

Malware Response Instructor
57,028 posts
OFFLINE

Gender:Male
Location:California
Local time:07:58 PM

Posted 28 February 2024 - 09:53 PM

A few of the lines did not process correctly. Please do this.

===================================================

Farbar Recovery Scan Tool Fix From Recovery Partition

--------------------

Download Farbar Recover Scan Tool for 64 bit systems and save it to a USB device
Click Start, type Notepad, then hit Enter
Copy and paste the below into the open Notepad document

C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\Detections.log
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\History.Log
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\Unknown.Log
C:\ProgramData\Microsoft\Windows Defender\Scans\mpenginedb.db
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\01\585465EC-D86C-4C2D-9726-79160A2B9983
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\619EA068-3DC1-45DF-928E-292C176A15A9
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\AB03C979-2A02-4F10-8A68-2F48C96B6A34
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\CA9A60EA-E034-4801-83AE-5777B092DD48
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\63971D81-CD75-467D-BCB9-3CFB46E496D7
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\14\889D6D11-9284-4478-A34A-C010115B8435
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\A2321AAA-3188-4B28-82EC-DA6D402D0C8F
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\17\19D774AC-2CCD-4949-907B-9E5990151EF9
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\5FAC96FE-2AE2-4F5C-A1CF-B77F28A2F04B
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\22\AA5FDCDC-D491-4FF2-B527-BC039A5F1DBF

Save the Notepad document onto your USB device as Fixlist.txt
Insert the USB device into your compromised computer
Holding down the Shift Key click Start, click the power icon, then select Reboot
Click Troubleshoot
Click Advanced options
Click Command Prompt
Choose an account to continue
If necessary, enter the password then hit Continue
In the command window type in Notepad and press Enter
Under File menu select Open
Select This PC and double click on your USB drive letter
Next to Files of type: select All Files
Right click on the FRST icon and select Run as administrator
Click Yes to disclaimer that may appear
Press Fix button
A fixlog.txt file will be saved on the USB drive
Reboot your computer then copy and paste the contents of Fixlog.txt your reply.

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it.

Fixlog

Gary

Lord, to whom shall we go? You have the words of eternal life. We have come to believe and to know that you are the Holy One of God.
John 6:68-69

Back to top"> Back to top

#11 FlaxenV

Topic Starter

Members
19 posts
OFFLINE

Gender:Male
Local time:09:58 PM

Posted 29 February 2024 - 10:59 AM

Thank you for your persistence.

Latest fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version: 26.02.2024 01
Ran by SYSTEM (29-02-2024 09:53:35) Run:4
Running from D:\
Boot Mode: Recovery
==============================================

fixlist content:
*****************
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\Detections.log
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\History.Log
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\Unknown.Log
C:\ProgramData\Microsoft\Windows Defender\Scans\mpenginedb.db
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\01\585465EC-D86C-4C2D-9726-79160A2B9983
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\619EA068-3DC1-45DF-928E-292C176A15A9
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\AB03C979-2A02-4F10-8A68-2F48C96B6A34
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\CA9A60EA-E034-4801-83AE-5777B092DD48
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\63971D81-CD75-467D-BCB9-3CFB46E496D7
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\14\889D6D11-9284-4478-A34A-C010115B8435
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\A2321AAA-3188-4B28-82EC-DA6D402D0C8F
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\17\19D774AC-2CCD-4949-907B-9E5990151EF9
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\5FAC96FE-2AE2-4F5C-A1CF-B77F28A2F04B
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\22\AA5FDCDC-D491-4FF2-B527-BC039A5F1DBF
*****************

C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\Detections.log => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\History.Log => moved successfully
"C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\Unknown.Log" => not found
C:\ProgramData\Microsoft\Windows Defender\Scans\mpenginedb.db => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\01\585465EC-D86C-4C2D-9726-79160A2B9983 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\04\619EA068-3DC1-45DF-928E-292C176A15A9 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\06\AB03C979-2A02-4F10-8A68-2F48C96B6A34 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\08\CA9A60EA-E034-4801-83AE-5777B092DD48 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\10\63971D81-CD75-467D-BCB9-3CFB46E496D7 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\14\889D6D11-9284-4478-A34A-C010115B8435 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\15\A2321AAA-3188-4B28-82EC-DA6D402D0C8F => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\17\19D774AC-2CCD-4949-907B-9E5990151EF9 => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\19\5FAC96FE-2AE2-4F5C-A1CF-B77F28A2F04B => moved successfully
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\22\AA5FDCDC-D491-4FF2-B527-BC039A5F1DBF => moved successfully

==== End of Fixlog 09:53:35 ====

Back to top"> Back to top

#12 Oh My!

Adware and Spyware and Malware

Malware Response Instructor
57,028 posts
OFFLINE

Gender:Male
Location:California
Local time:07:58 PM

Posted 29 February 2024 - 02:45 PM

That report looks good. Run a Windows Defender scan and let me know if there are any detections.

Gary

Lord, to whom shall we go? You have the words of eternal life. We have come to believe and to know that you are the Holy One of God.
John 6:68-69

Back to top"> Back to top

#13 FlaxenV

Topic Starter

Members
19 posts
OFFLINE

Gender:Male
Local time:09:58 PM

Posted 29 February 2024 - 06:15 PM

Well, I do not seem to be able to run a Defender scan now. Anything I click in the Windows Security section (eg. open windows security, virus+threat protection, account protection etc) just returns to the same page....

Back to top"> Back to top

#14 Oh My!

Adware and Spyware and Malware

Malware Response Instructor
57,028 posts
OFFLINE

Gender:Male
Location:California
Local time:07:58 PM

Posted 29 February 2024 - 09:06 PM

If you haven't done so already reboot and check it again.

If it still doesn't run complete the below.

===================================================

Farbar Service Scanner

--------------------

Download Farbar Service Scanner and save the file taking note of where the file is saved (Desktop, Downloads folder, etc.)
Make sure the following options are checked:

Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update
Windows Defender
Other Services

Press Scan
Please copy and paste the contents of the FSS.txt report in your reply.

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it.

FSS.txt

Edited by Oh My!, 29 February 2024 - 09:08 PM.

Gary

Lord, to whom shall we go? You have the words of eternal life. We have come to believe and to know that you are the Holy One of God.
John 6:68-69

Back to top"> Back to top

#15 FlaxenV

Topic Starter

Members
19 posts
OFFLINE

Gender:Male
Local time:09:58 PM

Posted 01 March 2024 - 10:00 AM

I had rebooted it and tried again with no change.

Here's FSSlog.

Farbar Service Scanner Version: 30-04-2023
Ran by jenfr (administrator) on 01-03-2024 at 08:55:25
Running from "C:\Users\jenfr\Downloads"
Microsoft Windows 11 Home (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Policy:
========================

Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\Drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\Drivers\netbt.sys => File is digitally signed
C:\Windows\System32\Drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\afd.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\Drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Windows\System32\usosvc.dll => File is digitally signed
C:\Windows\System32\WaaSMedicSvc.dll => File is digitally signed
C:\Windows\System32\dosvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed

**** End of log ****