It DID let me run FRST.
Here are the latest scans:
FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.01.2019 01
Ran by KBen (administrator) on DESKTOP-O8A2EKO (19-01-2019 17:09:08)
Running from C:\Users\kebli\Desktop
Loaded Profiles: KBen (Available Profiles: KBen)
Platform: Windows 10 Home Version 1803 17134.523 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\DriverStore\FileRepository\c0320070.inf_amd64_836aef5d167483e2\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\IntelCpHDCPSvc.exe
(Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\IntelCpHeciSvc.exe
(CloudBees, Inc.) C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe
(Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RNDBWM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1466\DSAPI.exe
(Dell Inc.) C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1466\pcdrwi.exe
(Dell Inc.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxEM.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe
(CyberLink) C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe
(Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSATray.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDExtHost.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDAppHost.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDRuntimeHost.exe
(Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDSurrogateHost.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Dell) C:\Program Files\Dell\Dell Product Registration\PRSvc.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\atiw.exe
(Wisdom Software Inc. ) C:\Program Files (x86)\Wisdom-soft ScreenHunter 6.0 Free\ScreenHunter.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Farbar) C:\Users\kebli\Desktop\FRST64 (1).exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8848640 2016-02-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1419008 2016-02-05] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-11-23] (AVAST Software)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [718256 2015-12-22] (Waves Audio Ltd.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [322120 2017-04-19] (Intel Corporation)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2369240 2015-10-20] (Microsoft Corp.)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [126200 2018-12-12] (Intel)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-11-23] (AVAST Software)
HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-01-10] (Piriform Software Ltd)
HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2369240 2015-10-20] (Microsoft Corp.)
HKU\S-1-5-18\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-01-10] (Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-17] (Google Inc.)
GroupPolicy: Restriction - Chrome <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{cbdb64e4-631a-4bcb-bfd3-3b89faa0d84a}: [DhcpNameServer] 192.168.43.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell15.msn.com/?pc=DCTE
FireFox:
========
FF DefaultProfile: bs6lengf.default
FF ProfilePath: C:\Users\kebli\AppData\Roaming\Mozilla\Firefox\Profiles\bs6lengf.default [2019-01-19]
FF Homepage: Mozilla\Firefox\Profiles\bs6lengf.default -> |hxxps://www.yahoo.com/
FF Extension: (Avast SafePrice) - C:\Users\kebli\AppData\Roaming\Mozilla\Firefox\Profiles\bs6lengf.default\Extensions\
[email protected] [2018-04-14]
FF Extension: (Avast Online Security) - C:\Users\kebli\AppData\Roaming\Mozilla\Firefox\Profiles\bs6lengf.default\Extensions\
[email protected] [2018-08-02]
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-4169369895-2292233020-3573544003-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\kebli\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-01-22] (Unity Technologies ApS)
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR Profile: C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default [2019-01-19]
CHR Extension: (Slides) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Docs) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-31]
CHR Extension: (YouTube) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-31]
CHR Extension: (Google Search) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-12-20]
CHR Extension: (Sheets) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Supernova) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegpgpjbmbggplclldecdbpcmopmlbll [2015-11-02]
CHR Extension: (Google Docs Offline) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-26]
CHR Extension: (Avast Online Security) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-10-03]
CHR Extension: (Yahoo Partner) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcjjaajflhellmcfcecojihhmdbjmmlm [2018-06-07]
CHR Extension: (Oberlo - Aliexpress.com Product Importer) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmanipjnbjnhoicdnooapcnfonebefel [2019-01-19]
CHR Extension: (Instapaper) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldjkgaaoikpmhmkelcgkgacicjfbofhh [2018-12-10]
CHR Extension: (WeatherBug) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkkjobcechefaoknodniidfjapgfoco [2015-12-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Gmail) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-31]
CHR Extension: (Chrome Media Router) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-06]
CHR HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hcjjaajflhellmcfcecojihhmdbjmmlm] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0320070.inf_amd64_836aef5d167483e2\atiesrxx.exe [472456 2017-10-27] (AMD)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-09-08] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [324000 2018-11-23] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-09-08] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2018-11-23] (AVAST Software)
S2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173784 2015-10-20] (Microsoft Corp.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209392 2018-10-22] (Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3347440 2018-10-22] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218096 2018-10-22] (Dell Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2017-09-19] (Dell Inc.)
R2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [97616 2017-01-11] (Dell)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1466\DSAPI.exe [1035072 2019-01-10] (PC-Doctor, Inc.)
R2 Dell Help & Support; C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe [40976 2017-09-18] (Dell Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [124568 2018-04-20] (Dell Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237016 2018-03-27] (Dell Inc.)
R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [23288 2018-12-12] (Intel)
S2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [937192 2018-11-07] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [18504 2017-04-19] (Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [542008 2018-10-13] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [742704 2017-10-11] (Intel® Corporation)
R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S3 Intel® SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel Corporation)
S2 Intel® TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [668472 2017-10-11] (Intel® Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [213648 2017-11-09] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [310880 2018-10-26] ()
R2 Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [47144 2017-04-06] (Dell)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2014-04-14] ()
R2 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64184 2018-12-04] (CloudBees, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [310016 2016-02-05] (Realtek Semiconductor)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2114248 2018-12-04] (Rivet Networks)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39384 2018-12-12] (Dell Inc.)
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [192232 2018-11-07] ()
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [937192 2018-11-07] ()
R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [613296 2015-12-22] (Waves Audio Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-11] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4059744 2018-10-26] (Intel® Corporation)
R3 aswbIDSAgent; "C:\Program Files\AVAST Software\Avast\aswidsagent.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0320070.inf_amd64_836aef5d167483e2\atikmdag.sys [40033672 2017-10-27] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0320070.inf_amd64_836aef5d167483e2\atikmpag.sys [536456 2017-10-27] (Advanced Micro Devices, Inc.)
S0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37304 2019-01-19] (AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [203488 2019-01-19] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [220688 2019-01-19] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196264 2019-01-19] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320888 2019-01-19] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [58160 2019-01-19] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-19] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [239808 2019-01-19] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46584 2019-01-19] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42488 2019-01-19] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [166472 2019-01-19] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111992 2019-01-19] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88144 2019-01-19] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034056 2019-01-19] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474648 2019-01-19] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [218056 2019-01-19] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380144 2019-01-19] (AVAST Software)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [269408 2018-02-21] (Bluestack System Inc. )
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [36400 2018-10-20] (Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-02-10] (Dell Computer Corporation)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [19440 2015-05-08] (OSR Open Systems Resources, Inc.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [143496 2018-10-13] (Intel Corporation)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3586696 2018-09-26] (Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402136 2015-05-27] (Realsil Semiconductor Corporation)
R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [120008 2018-12-04] (Rivet Networks, LLC.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-11] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-11] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-11] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-01-19 17:09 - 2019-01-19 17:09 - 000024982 _____ C:\Users\kebli\Desktop\FRST.txt
2019-01-19 17:08 - 2019-01-19 17:08 - 002427904 _____ (Farbar) C:\Users\kebli\Desktop\FRST64 (1).exe
2019-01-19 17:08 - 2019-01-19 17:08 - 000000000 ____D C:\Users\kebli\Desktop\FRST-OlderVersion
2019-01-19 14:48 - 2019-01-19 14:54 - 000000730 _____ C:\Users\kebli\Desktop\423Lesson 8 Nurture Your Leads.txt
2019-01-19 14:48 - 2019-01-19 14:48 - 000000000 ____D C:\Users\kebli\Desktop\423Lesson 8 Nurture Your Leads
2019-01-19 11:08 - 2019-01-19 11:08 - 000003990 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-01-19 11:07 - 2019-01-19 11:07 - 000474648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-01-19 11:07 - 2019-01-19 11:07 - 000380144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-01-19 11:07 - 2019-01-19 11:07 - 000239808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-01-19 11:07 - 2019-01-19 11:07 - 000218056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-01-19 11:07 - 2019-01-19 11:07 - 000203488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-01-19 11:07 - 2019-01-19 11:07 - 000166472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-01-19 11:07 - 2019-01-19 11:07 - 000111992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-01-19 11:07 - 2019-01-19 11:07 - 000088144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-01-19 11:07 - 2019-01-19 11:07 - 000046584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2019-01-19 11:07 - 2019-01-19 11:07 - 000015488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2019-01-19 11:07 - 2019-01-19 11:06 - 001034056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-01-19 11:07 - 2019-01-19 11:06 - 000361352 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-01-19 11:07 - 2019-01-19 11:06 - 000320888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
2019-01-19 11:07 - 2019-01-19 11:06 - 000220688 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-01-19 11:07 - 2019-01-19 11:06 - 000196264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-01-19 11:07 - 2019-01-19 11:06 - 000058160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-01-19 11:07 - 2019-01-19 11:06 - 000042488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-01-19 11:07 - 2019-01-19 11:06 - 000037304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-01-19 02:26 - 2019-01-19 02:26 - 000000000 ___HD C:\OneDriveTemp
2019-01-18 12:41 - 2019-01-19 02:22 - 000000664 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-4169369895-2292233020-3573544003-1001.job
2019-01-18 12:41 - 2019-01-19 02:22 - 000000568 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-4169369895-2292233020-3573544003-1001.job
2019-01-18 11:34 - 2019-01-18 11:34 - 000163416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswd5a8df0cfd9b2b8e.tmp
2019-01-17 16:47 - 2019-01-17 16:47 - 000000000 ____D C:\Users\kebli\AppData\Local\GoTo Opener
2019-01-17 11:43 - 2019-01-19 02:12 - 000002988 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-01-16 01:46 - 2019-01-19 02:12 - 000002860 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4169369895-2292233020-3573544003-1001
2019-01-16 01:46 - 2019-01-16 01:46 - 000002369 _____ C:\Users\kebli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-01-10 17:58 - 2019-01-10 17:58 - 000000000 ____D C:\Users\kebli\AppData\Local\Dell Inc
2019-01-10 14:19 - 2019-01-01 07:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-10 14:19 - 2019-01-01 07:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-10 14:19 - 2019-01-01 01:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-10 14:19 - 2019-01-01 01:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-10 14:19 - 2019-01-01 01:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-01-10 14:19 - 2019-01-01 01:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-10 14:19 - 2019-01-01 01:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-10 14:19 - 2019-01-01 01:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-10 14:19 - 2019-01-01 01:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-10 14:19 - 2019-01-01 01:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-10 14:19 - 2019-01-01 01:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-10 14:19 - 2019-01-01 01:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-10 14:19 - 2019-01-01 01:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-10 14:19 - 2019-01-01 01:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-10 14:19 - 2019-01-01 01:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-10 14:19 - 2019-01-01 00:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-10 14:19 - 2019-01-01 00:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-10 14:19 - 2019-01-01 00:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-10 14:19 - 2019-01-01 00:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-01-10 14:19 - 2019-01-01 00:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-10 14:19 - 2019-01-01 00:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-10 14:19 - 2019-01-01 00:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-01-10 14:19 - 2019-01-01 00:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-10 14:19 - 2019-01-01 00:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-10 14:19 - 2019-01-01 00:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-10 14:19 - 2019-01-01 00:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-10 14:19 - 2019-01-01 00:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-10 14:19 - 2019-01-01 00:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-10 14:19 - 2019-01-01 00:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-10 14:19 - 2019-01-01 00:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-10 14:19 - 2019-01-01 00:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-10 14:19 - 2019-01-01 00:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-10 14:19 - 2019-01-01 00:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-10 14:19 - 2019-01-01 00:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-01-10 14:19 - 2019-01-01 00:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-10 14:19 - 2019-01-01 00:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-10 14:18 - 2019-01-01 07:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-01-10 14:18 - 2019-01-01 07:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-01-10 14:18 - 2019-01-01 07:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-01-10 14:18 - 2019-01-01 07:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-01-10 14:18 - 2019-01-01 07:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-10 14:18 - 2019-01-01 07:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
2019-01-10 14:18 - 2019-01-01 07:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2019-01-10 14:18 - 2019-01-01 07:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2019-01-10 14:18 - 2019-01-01 01:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-01-10 14:18 - 2019-01-01 01:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-01-10 14:18 - 2019-01-01 01:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-01-10 14:18 - 2019-01-01 01:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-10 14:18 - 2019-01-01 01:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-10 14:18 - 2019-01-01 01:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-10 14:18 - 2019-01-01 01:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-10 14:18 - 2019-01-01 00:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-10 14:18 - 2019-01-01 00:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-01-10 14:18 - 2019-01-01 00:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-10 14:18 - 2019-01-01 00:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-10 14:18 - 2019-01-01 00:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-01-10 14:18 - 2019-01-01 00:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-10 14:18 - 2019-01-01 00:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-10 14:18 - 2019-01-01 00:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-01-10 14:18 - 2019-01-01 00:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-10 14:18 - 2019-01-01 00:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-01-10 14:18 - 2019-01-01 00:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-10 14:18 - 2019-01-01 00:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-10 14:18 - 2019-01-01 00:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-10 14:18 - 2019-01-01 00:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-10 14:18 - 2019-01-01 00:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-10 14:18 - 2019-01-01 00:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-01-10 14:18 - 2019-01-01 00:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-01-10 14:18 - 2019-01-01 00:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-10 14:18 - 2019-01-01 00:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-10 14:18 - 2019-01-01 00:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-10 14:18 - 2019-01-01 00:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-01-10 14:18 - 2019-01-01 00:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-01-10 14:18 - 2019-01-01 00:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-01-10 14:18 - 2019-01-01 00:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-01-10 14:18 - 2019-01-01 00:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-10 14:18 - 2019-01-01 00:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-01-10 14:18 - 2019-01-01 00:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-10 14:18 - 2019-01-01 00:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-10 14:18 - 2019-01-01 00:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-10 14:18 - 2019-01-01 00:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-01-10 14:18 - 2019-01-01 00:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-01-10 14:18 - 2019-01-01 00:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-10 14:18 - 2019-01-01 00:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-10 14:18 - 2019-01-01 00:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2019-01-10 14:18 - 2018-12-31 23:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-01-10 14:18 - 2018-12-18 22:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-09 00:04 - 2018-09-19 22:12 - 001483576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-01-08 23:21 - 2019-01-19 02:22 - 000286168 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-01-08 23:12 - 2019-01-08 23:12 - 000000000 ____D C:\Users\kebli\AppData\LocalLow\Temp
2019-01-08 13:17 - 2019-01-02 13:41 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-01-08 13:17 - 2019-01-02 13:41 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-05 23:02 - 2019-01-05 23:02 - 000000000 ____D C:\Users\kebli\Downloads\SupportAssistAgent
2018-12-28 19:22 - 2018-12-28 19:22 - 000017262 _____ C:\VEW_Dec28_Application.txt
2018-12-28 19:20 - 2018-12-28 19:20 - 000015163 _____ C:\VEW_Dec28.txt
2018-12-28 19:17 - 2018-12-28 19:17 - 000061440 _____ ( ) C:\Users\kebli\Desktop\VEW (1).exe
2018-12-23 12:04 - 2018-12-23 12:04 - 000000000 ____D C:\Program Files\Common Files\Intel
2018-12-23 11:49 - 2018-12-23 11:49 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2018-12-23 11:46 - 2018-12-23 11:46 - 000000000 ____D C:\Users\kebli\Intel
2018-12-23 11:37 - 2018-12-23 11:37 - 000000000 ____D C:\Users\kebli\Downloads\Intel Driver and Support Assistant
2018-12-21 00:12 - 2019-01-19 02:12 - 000002258 _____ C:\WINDOWS\System32\Tasks\SmartByte Telemetry
2018-12-21 00:12 - 2018-12-21 00:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rivet Networks
2018-12-21 00:12 - 2018-12-21 00:12 - 000000000 ____D C:\Program Files\Rivet Networks
2018-12-20 23:43 - 2019-01-19 02:12 - 000002146 _____ C:\WINDOWS\System32\Tasks\StartCN
2018-12-20 23:43 - 2018-12-20 23:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2018-12-20 23:43 - 2018-12-20 23:43 - 000000000 ____D C:\Program Files (x86)\AMD
2018-12-20 23:42 - 2018-12-20 23:42 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2018-12-20 23:40 - 2017-12-08 16:25 - 000798520 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-12-20 23:40 - 2017-12-08 16:25 - 000490808 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-12-20 23:40 - 2017-12-08 16:24 - 000928568 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-12-20 23:40 - 2017-12-08 16:24 - 000591672 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-12-20 23:40 - 2017-10-27 09:43 - 000698760 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2018-12-20 23:40 - 2017-10-27 09:43 - 000547208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000534216 _____ C:\WINDOWS\system32\amdmiracast.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000470920 _____ C:\WINDOWS\system32\dgtrayicon.exe
2018-12-20 23:40 - 2017-10-27 09:43 - 000461192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000458632 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000449416 _____ C:\WINDOWS\system32\GameManager64.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000405384 _____ C:\WINDOWS\system32\atieah64.exe
2018-12-20 23:40 - 2017-10-27 09:43 - 000357256 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000342920 _____ C:\WINDOWS\system32\clinfo.exe
2018-12-20 23:40 - 2017-10-27 09:43 - 000325512 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2018-12-20 23:40 - 2017-10-27 09:43 - 000267656 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000233352 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000223112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000194440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000175288 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000170888 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000159624 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000153640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000149896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000148496 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000141704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000140232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000136584 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000126344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000115592 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000111440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000111440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000107912 _____ C:\WINDOWS\system32\atidxx64.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000104840 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000092552 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000092328 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000092328 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000060296 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000036232 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000033160 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000020360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000020360 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2018-12-20 23:40 - 2017-10-27 09:42 - 002915208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2018-12-20 23:40 - 2017-10-27 09:42 - 001454984 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2018-12-20 23:40 - 2017-10-27 09:42 - 001232264 _____ (AMD) C:\WINDOWS\system32\coinst_17.40.dll
2018-12-20 23:40 - 2017-10-27 09:42 - 001052040 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2018-12-20 23:40 - 2017-10-27 09:42 - 001052040 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2018-12-20 23:40 - 2017-10-27 09:42 - 000866184 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2018-12-20 23:40 - 2017-10-27 09:42 - 000694664 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2018-12-20 23:40 - 2017-10-27 09:42 - 000436616 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2018-12-20 23:40 - 2017-10-27 09:42 - 000352136 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2018-12-20 23:40 - 2017-10-27 09:42 - 000148360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2018-12-20 23:40 - 2017-10-27 09:42 - 000124296 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2018-12-20 23:40 - 2017-10-27 09:42 - 000120680 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2018-12-20 23:40 - 2017-10-27 09:42 - 000105736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2018-12-20 23:40 - 2017-10-27 09:42 - 000089992 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2018-12-20 23:40 - 2017-10-27 09:41 - 013527944 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2018-12-20 23:40 - 2017-10-27 09:41 - 011090824 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2018-12-20 23:40 - 2017-10-27 09:41 - 002533256 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2018-12-20 23:40 - 2017-10-27 09:41 - 000543624 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2018-12-20 23:40 - 2017-10-27 09:41 - 000373640 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2018-12-20 23:40 - 2017-10-27 08:59 - 000835440 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2018-12-20 23:40 - 2017-10-27 08:59 - 000835440 _____ C:\WINDOWS\system32\atiapfxx.blb
2018-12-20 23:40 - 2017-10-27 08:56 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2018-12-20 23:40 - 2017-10-27 08:50 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2018-12-20 23:40 - 2017-10-07 03:21 - 000120880 _____ C:\WINDOWS\system32\kapp_ci.sbin
2018-12-20 23:40 - 2017-09-16 00:37 - 000000145 _____ C:\WINDOWS\SysWOW64\amd-vulkan32.json
2018-12-20 23:40 - 2017-09-16 00:37 - 000000145 _____ C:\WINDOWS\system32\amd-vulkan64.json
2018-12-20 23:40 - 2017-08-28 05:38 - 000034501 _____ C:\WINDOWS\system32\AMDKernelEvents.man
2018-12-20 23:40 - 2016-09-03 07:30 - 000114704 _____ C:\WINDOWS\system32\kapp_si.sbin
2018-12-20 23:40 - 2016-09-03 00:24 - 000154384 _____ C:\WINDOWS\system32\samu_krnl_ci.sbin
2018-12-20 13:39 - 2018-12-14 00:55 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-12-20 13:39 - 2018-12-14 00:52 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-12-20 13:38 - 2018-12-14 01:29 - 001130760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-12-20 13:38 - 2018-12-14 01:25 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-12-20 13:38 - 2018-12-14 01:21 - 001457240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-12-20 13:38 - 2018-12-14 01:21 - 001257672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-12-20 13:38 - 2018-12-14 01:21 - 001140480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-12-20 13:38 - 2018-12-14 01:21 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-12-20 13:38 - 2018-12-14 01:21 - 000982912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-12-20 13:38 - 2018-12-14 01:10 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-12-20 13:38 - 2018-12-14 01:07 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-12-20 13:38 - 2018-12-14 00:55 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-12-20 13:38 - 2018-12-14 00:54 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-12-20 13:38 - 2018-12-14 00:54 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-12-20 13:38 - 2018-12-14 00:52 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-12-20 13:38 - 2018-12-14 00:51 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-12-20 13:38 - 2018-12-14 00:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-01-19 17:09 - 2015-11-23 15:23 - 000000000 ____D C:\FRST
2019-01-19 17:01 - 2018-04-11 17:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-19 16:54 - 2018-12-14 12:43 - 000000000 ____D C:\Users\kebli\Desktop\KBL1
2019-01-19 16:53 - 2018-12-14 12:44 - 000000000 ____D C:\Users\kebli\Desktop\Pics Dec152018
2019-01-19 14:44 - 2018-12-16 18:43 - 000000000 ____D C:\Users\kebli\Desktop\Get Ready For Digital Commerce Academy
2019-01-19 13:46 - 2018-08-04 00:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-01-19 13:31 - 2018-12-15 13:22 - 000000000 ____D C:\Program Files (x86)\Intel Driver and Support Assistant
2019-01-19 11:08 - 2015-11-01 00:26 - 000002217 _____ C:\Users\kebli\Desktop\ScreenHunter 6.0 Free.lnk
2019-01-19 11:07 - 2018-04-11 17:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-01-19 11:05 - 2015-10-30 21:54 - 000000000 ___RD C:\Users\kebli\OneDrive
2019-01-19 11:02 - 2018-04-11 17:36 - 000000000 ____D C:\WINDOWS\INF
2019-01-19 02:27 - 2018-08-04 00:56 - 000000000 ____D C:\Users\kebli
2019-01-19 02:23 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-01-19 02:22 - 2018-08-04 01:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-19 02:21 - 2018-04-11 15:04 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2019-01-19 02:12 - 2018-12-15 13:32 - 000003042 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2019-01-19 02:12 - 2018-12-15 13:22 - 000002970 _____ C:\WINDOWS\System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2019-01-19 02:12 - 2018-12-15 13:22 - 000002678 _____ C:\WINDOWS\System32\Tasks\USER_ESRV_SVC_QUEENCREEK
2019-01-19 02:12 - 2018-12-15 13:22 - 000002604 _____ C:\WINDOWS\System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2019-01-19 02:12 - 2018-12-14 00:40 - 000002590 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2019-01-19 02:12 - 2018-12-13 23:51 - 000003008 _____ C:\WINDOWS\System32\Tasks\Tweaking.com - Windows Repair Tray Icon
2019-01-19 02:12 - 2018-12-10 18:22 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-01-19 02:12 - 2018-12-10 18:22 - 000003122 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-01-19 02:12 - 2018-08-04 01:20 - 000003764 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-01-19 02:12 - 2018-08-04 01:20 - 000003446 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-01-19 02:12 - 2018-08-04 01:20 - 000003310 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8E32CCF5-6C3B-4761-B98F-5E7BA2CFD104}
2019-01-19 02:12 - 2018-08-04 01:20 - 000003298 _____ C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2019-01-19 02:12 - 2018-08-04 01:20 - 000003262 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-4169369895-2292233020-3573544003-1001
2019-01-19 02:12 - 2018-08-04 01:20 - 000003166 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-4169369895-2292233020-3573544003-1001
2019-01-19 02:12 - 2018-08-04 01:20 - 000003118 _____ C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification
2019-01-19 02:12 - 2018-08-04 01:20 - 000002528 _____ C:\WINDOWS\System32\Tasks\CLVDLauncher
2019-01-19 02:12 - 2018-08-04 01:20 - 000002528 _____ C:\WINDOWS\System32\Tasks\CLMLSvc_P2G8
2019-01-19 02:12 - 2018-08-04 01:20 - 000002304 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_PushButton
2019-01-19 02:12 - 2018-08-04 01:20 - 000002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-01-19 02:12 - 2018-08-04 01:20 - 000002172 _____ C:\WINDOWS\System32\Tasks\DropboxOEM
2019-01-19 02:12 - 2018-08-04 01:20 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-01-19 01:54 - 2018-09-10 00:22 - 000000000 ____D C:\Users\kebli\AppData\Local\CrashDumps
2019-01-19 00:08 - 2017-09-29 05:23 - 000000000 ____D C:\Program Files\rempl
2019-01-18 21:30 - 2018-04-11 17:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-18 18:27 - 2017-08-14 23:53 - 000000000 ____D C:\Users\kebli\AppData\Local\GoToMeeting
2019-01-18 10:34 - 2018-08-02 22:59 - 000000000 ____D C:\Users\kebli\AppData\Local\AVAST Software
2019-01-18 10:32 - 2015-12-05 22:50 - 000000000 ____D C:\Program Files\CCleaner
2019-01-17 16:47 - 2016-01-08 10:57 - 000000000 ____D C:\Users\kebli\AppData\Local\Citrix
2019-01-11 18:01 - 2015-09-18 05:26 - 000000000 ____D C:\ProgramData\PCDr
2019-01-10 18:03 - 2015-09-18 05:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2019-01-10 17:58 - 2017-07-23 12:26 - 000000000 ____D C:\ProgramData\SupportAssist
2019-01-10 17:35 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-01-10 17:35 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-01-10 14:27 - 2018-04-11 17:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-08 23:24 - 2018-08-04 01:09 - 000775884 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-01-08 14:38 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-01-08 14:38 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-01-08 13:21 - 2015-10-31 00:04 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-08 13:18 - 2015-10-31 00:04 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-06 11:53 - 2017-09-15 03:08 - 000000185 _____ C:\WINDOWS\SysWOW64\SmartFlow.txt
2019-01-03 11:55 - 2018-12-17 14:02 - 000000000 ____D C:\Users\kebli\AppData\Local\PlaceholderTileLogoFolder
2019-01-03 11:55 - 2018-01-16 06:02 - 000000000 ____D C:\Users\kebli\AppData\Local\Packages
2019-01-03 11:50 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-12-28 19:21 - 2018-12-09 14:18 - 000017262 _____ C:\VEW.txt
2018-12-25 11:16 - 2018-08-04 01:26 - 000000000 ____D C:\ProgramData\Packages
2018-12-23 12:05 - 2016-03-26 13:00 - 000000000 ____D C:\ProgramData\Intel
2018-12-23 12:05 - 2015-09-18 05:11 - 000000000 ____D C:\ProgramData\Package Cache
2018-12-23 12:04 - 2017-10-08 09:38 - 000000000 ____D C:\Program Files (x86)\Intel
2018-12-23 12:01 - 2017-10-08 09:38 - 000000000 ____D C:\Program Files\Intel
2018-12-21 00:12 - 2018-07-25 09:32 - 000000000 ____D C:\ProgramData\RivetNetworks
2018-12-21 00:11 - 2016-10-08 01:16 - 000000000 ____D C:\Users\kebli\AppData\Local\AMD
2018-12-20 23:42 - 2017-10-08 09:39 - 000000000 ____D C:\Program Files\AMD
2018-12-20 23:40 - 2017-10-08 09:38 - 000000000 ____D C:\Program Files (x86)\VulkanRT
==================== Files in the root of some directories =======
2015-11-02 19:34 - 2015-11-02 19:34 - 000007679 _____ () C:\Users\kebli\AppData\Local\Resmon.ResmonCfg
2018-04-29 00:09 - 2018-04-29 00:09 - 000000000 _____ () C:\Users\kebli\AppData\Local\{062078D9-1EAA-4A27-95D5-40AB4E70E42C}
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-08-04 00:49
==================== End of FRST.txt ============================
and, Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16.01.2019 01
Ran by KBen (19-01-2019 17:09:57)
Running from C:\Users\kebli\Desktop
Windows 10 Home Version 1803 17134.523 (X64) (2018-08-04 07:22:55)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4169369895-2292233020-3573544003-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4169369895-2292233020-3573544003-503 - Limited - Disabled)
Guest (S-1-5-21-4169369895-2292233020-3573544003-501 - Limited - Disabled)
KBen (S-1-5-21-4169369895-2292233020-3573544003-1001 - Administrator - Enabled) => C:\Users\kebli
KBenEbberly (S-1-5-21-4169369895-2292233020-3573544003-1006 - Administrator - Enabled)
WDAGUtilityAccount (S-1-5-21-4169369895-2292233020-3573544003-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
. . (HKLM\...\{EAA6C597-BD0D-454D-AEB7-FF0A57905C1C}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{8CBC102C-34F4-4EB9-9529-3B222367621F}) (Version: 3.7.0.6 - Intel) Hidden
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\Amazon Kindle) (Version: 1.15.0.43061 - Amazon)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 17.7 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.154.333 - AVAST Software) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bing Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.478.0 - Microsoft Corporation)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 3.56.74.1828 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 12 - CyberLink Corp.)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Dell Customer Connect (HKLM-x32\...\{04A41EBC-AB30-4574-A14D-E0CDFE31AB70}) (Version: 1.5.1.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{AB7F2792-2ED1-4C5C-9F28-680E5110BF72}) (Version: 3.1.1018.0 - Dell Products, LP)
Dell Foundation Services (HKLM\...\{B1714996-891A-43D2-8B83-CCFB2EC53978}) (Version: 2.3.3800.0 - Dell Inc.)
Dell Foundation Services (HKLM\...\{BDB50421-E961-42F3-B803-6DAC6F173834}) (Version: 3.4.16100.0 - Dell Inc.)
Dell Help & Support (HKLM\...\{457EFE69-8F49-43E0-80F9-1DEF4F7690C2}) (Version: 2.5.23.0 - Dell Inc.) Hidden
Dell Help & Support (HKLM-x32\...\InstallShield_{457EFE69-8F49-43E0-80F9-1DEF4F7690C2}) (Version: 2.5.23.0 - Dell Inc.)
Dell Product Registration (HKLM-x32\...\InstallShield_{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\{E98E94E2-12D1-48E5-AC69-2C312F466136}) (Version: 3.1.0.142 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{2B2C47D2-F037-4C03-B599-07D7AFE8DD54}) (Version: 3.3.0.4943 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{8ce1a5ae-856e-4b8e-a0e8-27dd7a209276}) (Version: 3.3.0.4943 - Dell Inc.)
Dell Update - SupportAssist Update Plugin (HKLM\...\{6DE68941-66DE-48DE-9C80-FE60C9DE0AD4}) (Version: 4.0.1.5857 - Dell Inc.) Hidden
Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{1dbe752f-b00e-4567-9276-141812b20d28}) (Version: 4.0.1.5857 - Dell Inc.)
Dell Update (HKLM-x32\...\{D8AE5F9D-647C-49B4-A666-1C20B44EC0E1}) (Version: 2.1.3.0 - Dell Inc.)
Dropbox 20 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.0 - Dropbox, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
GoTo Opener (HKLM-x32\...\{D144D2C2-4F96-48B7-BB2A-E9185050B619}) (Version: 1.0.491 - LogMeIn, Inc.)
GoToMeeting 8.39.1.11584 (HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\GoToMeeting) (Version: 8.39.1.11584 - LogMeIn, Inc.)
Intel® Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel® Corporation) Hidden
Intel® Computing Improvement Program (HKLM\...\{93FE134F-7678-4D90-A849-6FF6EB28CCDF}) (Version: 2.4.04289 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4590 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.16.1063 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{246c6cc0-9810-4728-9a29-28474de2eec5}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel® Wireless Bluetooth® (HKLM-x32\...\{00001090-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.90.1 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{f0bbb6e9-80c3-4fe8-8691-b51d1281d69e}) (Version: 3.7.0.6 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{3b62443b-0508-4b68-b01a-52a802851410}) (Version: 20.100.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.8006.3 - Waves Audio Ltd.) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\OneDriveSetup.exe) (Version: 18.240.1202.0004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
Mozilla Firefox 61.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 61.0.1 (x86 en-US)) (Version: 61.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2 - Mozilla)
OEM Application Profile (HKLM-x32\...\{12C2AEB0-ED60-4CCF-DD83-C65BC7CCFB50}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
OpenOffice 4.1.2 (HKLM-x32\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)
PDF-XChange Editor (HKLM\...\{3D1987D7-5A88-4DDA-9D29-6977AE2BDBD0}) (Version: 5.5.316.1 - Tracker Software Products (Canada) Ltd.)
PDF-XChange Editor (HKLM-x32\...\{3475c0cd-7dee-4863-ac1d-57cb530ee125}) (Version: 5.5.315.0 - Tracker Software Products (Canada) Ltd.)
Product Registration (HKLM\...\{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Dell Inc.) Hidden
PX Profile Update (HKLM-x32\...\{0D5E5C9A-84C2-D3E9-30EE-1836BA479E0E}) (Version: 1.00.1. - AMD) Hidden
PX Profile Update (HKLM-x32\...\{6551EEEC-4938-70FF-77EB-E83D1E3E88C8}) (Version: 1.00.1. - AMD) Hidden
PX Profile Update (HKLM-x32\...\{95145542-659F-1C89-B424-518BBC7F7556}) (Version: 1.00.1. - AMD) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7737 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revo Uninstaller Pro 3.1.4 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.4 - VS Revo Group, Ltd.)
SmartByte Drivers and Services (HKLM\...\{01F01829-4C5A-41B0-8198-0BDD02B34C47}) (Version: 2.0.643 - Rivet Networks)
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
SpywareBlaster 5.5 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.5.0 - BrightFort LLC)
System Requirements Lab Detection (HKLM-x32\...\{4610FE53-898B-43AE-9F05-6262FB165BFF}) (Version: 6.1.6.0 - Husdawg, LLC)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 4.4.0 - Tweaking.com)
Unity Web Player (HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\UnityWebPlayer) (Version: 5.3.2f1 - Unity Technologies ApS)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Wisdom-soft ScreenHunter 6.0 Free (HKLM-x32\...\Wisdom-soft ScreenHunter 6.0 Free) (Version: - Wisdom Software Inc.)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\kebli\AppData\Local\GoToMeeting\11282\G2MOutlookAddin64.dll (LogMeIn, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-11-23] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-11-23] (AVAST Software)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-05-07] (Cyberlink)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-05-07] (Cyberlink)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-11-23] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-01] (Piriform Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-10-26] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxDTCM.dll [2018-03-22] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-11-23] (AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-01] (Piriform Ltd)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2012-12-29] (VS Revo Group)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {000B1C89-7735-4CCD-BA1D-66EE33C841DE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2019-01-10] (Piriform Software Ltd)
Task: {0176B90D-7670-48E5-B03F-EC2404C53E1B} - System32\Tasks\G2MUploadTask-S-1-5-21-4169369895-2292233020-3573544003-1001 => C:\Users\kebli\AppData\Local\GoToMeeting\11584\g2mupload.exe [2019-01-18] (LogMeIn, Inc.)
Task: {0C21F844-69B2-4064-8B4B-43EA2771B535} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2015-05-29] ()
Task: {11282B8B-827F-4481-A5B8-FDF4867986FC} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-01-19] (AVAST Software)
Task: {14F0A37B-4697-4FF4-B1E8-E3BF48519126} - System32\Tasks\G2MUpdateTask-S-1-5-21-4169369895-2292233020-3573544003-1001 => C:\Users\kebli\AppData\Local\GoToMeeting\11584\g2mupdate.exe [2019-01-18] (LogMeIn, Inc.)
Task: {2065C0F3-4FCD-4147-A701-6299B5FFC583} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2017-05-02] (Tweaking.com)
Task: {379FF41C-724E-484C-80B0-816552DC45FE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2019-01-10] (Piriform Ltd)
Task: {4ECE522E-991C-49D0-9E76-639BEECFD3C7} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [2018-12-04] (DELL)
Task: {5678C54C-D7BC-4E53-B7A2-5DC1166756BA} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13] (Intel Corporation)
Task: {5EB2329D-A9AC-47A9-8B12-FBB089041235} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2017-10-11] (Intel® Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {76B4F24D-6656-4359-A527-2C9892E29A14} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {7A763B7B-62F0-4236-A117-323B69026058} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-12-10] (Google Inc.)
Task: {7AB9AF15-DDD2-42A5-9081-81F209F0F841} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-02-05] (Realtek Semiconductor)
Task: {81D84FBA-E575-497A-924B-6C521478A2AC} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2019-01-18] (AVAST Software)
Task: {875F5410-5C87-45CE-83DB-1F20D4F543D4} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe
Task: {8AA65B27-46A5-4A8D-A718-4996ADE6236A} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-08] (Adobe Systems Incorporated)
Task: {9D89E7D5-A194-4FE5-BDBA-2440FB4CDCC8} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLVDLauncher.exe [2015-01-28] (CyberLink Corp.)
Task: {A3ABC667-4B93-439F-A425-87FF506C71D9} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-09-08] (AVAST Software)
Task: {AD4CA133-62F5-4630-9BF6-8FBB3959B959} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13] (Intel Corporation)
Task: {C0A1125D-9966-4758-B2B4-6DB986483CBA} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_pepper.exe [2019-01-08] (Adobe Systems Incorporated)
Task: {C0CB6929-A415-4B65-995E-3179DC9B4FA6} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe [2015-05-07] (CyberLink)
Task: {D2E46815-ABBB-4697-942A-FC76C45738CE} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {D3526ADC-380F-4689-B5D5-D0859365B6A7} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-09-08] (AVAST Software)
Task: {E760FA32-9B3C-4385-BAF0-214A19FAE5CD} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-10-26] (Advanced Micro Devices, Inc.)
Task: {E8EEDC6C-1A80-47FD-9B50-13AFF1F00A77} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {ECC12274-BB53-4C38-8716-9D7A8EF92C4C} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [2018-12-12] (Dell Inc.)
Task: {F0CCBE85-BC49-464D-9B39-A5C377E658B8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-12-10] (Google Inc.)
Task: {F242CC28-38C9-4C66-8228-F41F028F7BE1} - System32\Tasks\S-1-5-21-4169369895-2292233020-3573544003-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-12-08] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-4169369895-2292233020-3573544003-1001.job => C:\Users\kebli\AppData\Local\GoToMeeting\11584\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-4169369895-2292233020-3573544003-1001.job => C:\Users\kebli\AppData\Local\GoToMeeting\11584\g2mupload.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-09-18 05:10 - 2014-04-14 19:59 - 000253776 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2018-11-07 21:24 - 2018-11-07 21:24 - 000192232 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
2019-01-10 18:03 - 2019-01-10 18:03 - 002587968 _____ () C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1466\libprotobuf.dll
2018-04-11 17:34 - 2018-04-11 17:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-11 17:34 - 2018-04-11 17:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-11 22:31 - 2018-11-08 20:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2019-01-10 14:18 - 2019-01-01 00:42 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-12-14 15:14 - 2018-12-14 15:15 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-12-14 15:14 - 2018-12-14 15:15 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll
2018-10-15 17:47 - 2018-10-15 17:48 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2018-12-14 15:14 - 2018-12-14 15:15 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-12-14 15:14 - 2018-12-14 15:15 - 010927616 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\LibWrapper.dll
2018-12-14 15:14 - 2018-12-14 15:15 - 002916864 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\skypert.dll
2018-12-14 15:14 - 2018-12-14 15:15 - 000688128 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-12-10 17:52 - 2018-12-10 17:55 - 034870272 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-12-10 17:52 - 2018-12-10 17:53 - 000292352 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-01-15 21:29 - 2018-01-15 21:30 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-11-28 23:19 - 2018-11-28 23:19 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-12-10 17:52 - 2018-12-10 17:52 - 005967872 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\EntCommon.dll
2018-12-10 17:52 - 2018-12-10 17:53 - 009072128 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\EntPlat.dll
2019-01-02 04:28 - 2019-01-02 04:28 - 000059376 _____ () C:\Program Files\CCleaner\branding.dll
2017-06-05 04:33 - 2017-06-05 04:33 - 000015360 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2017-06-05 04:33 - 2017-06-05 04:33 - 002519040 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2018-12-17 19:28 - 2018-12-11 23:11 - 005237216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libglesv2.dll
2018-12-17 19:28 - 2018-12-11 23:11 - 000117216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libegl.dll
2018-11-05 23:24 - 2018-11-05 23:24 - 000194048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-11-05 23:24 - 2018-11-05 23:24 - 002538056 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-11-05 23:24 - 2018-11-05 23:24 - 001754112 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
2019-01-16 14:01 - 2019-01-16 14:01 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2019-01-16 14:01 - 2019-01-16 14:01 - 065903104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-08 23:47 - 2017-10-08 23:49 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2019-01-16 14:01 - 2019-01-16 14:01 - 000012288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-11-14 16:12 - 2018-11-14 16:12 - 003715072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-11-14 16:12 - 2018-11-14 16:13 - 000036352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-08-23 15:52 - 2018-08-23 15:54 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll
2018-08-23 15:52 - 2018-08-23 15:54 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\opencv_core320.dll
2018-04-03 14:08 - 2018-04-03 14:10 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2019-01-16 14:01 - 2019-01-16 14:01 - 014186496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-11-14 16:12 - 2018-11-14 16:12 - 003569152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2019-01-16 14:01 - 2019-01-16 14:01 - 002871296 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-08-30 18:54 - 2018-08-30 18:56 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-08-02 13:20 - 2018-08-02 13:49 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-16 14:01 - 2019-01-16 14:01 - 000145920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\SKU.dll
2017-09-19 09:35 - 2017-09-19 09:35 - 000134008 _____ () C:\Program Files (x86)\Dell Customer Connect\ServiceTagPlusPlus.dll
2015-06-23 17:26 - 2015-06-23 17:26 - 000155888 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2018-03-27 12:41 - 2018-03-27 12:41 - 000134616 _____ () C:\Program Files (x86)\Dell Update\ServiceTagPlusPlus.dll
2017-11-09 00:44 - 2017-11-09 00:44 - 001244304 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-09-18 05:08 - 2014-12-08 01:28 - 000627672 _____ () C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMediaLibrary.dll
2014-12-08 16:28 - 2014-12-08 16:28 - 000016856 _____ () C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvcPS.dll
2018-06-25 15:29 - 2014-09-05 10:55 - 000132808 _____ () C:\Users\kebli\AppData\Local\Microsoft\BingDesktop\en-US\Apps\Wallpaper_5386c77076d04cf9a8b5d619b4cba48e\1.4.82\wallpaper.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\1001movie.com -> 1001movie.com
There are 6091 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 05:04 - 2019-01-09 03:33 - 000000857 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2018-01-20 01:21 - 2018-01-20 01:21 - 000000444 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\kebli\AppData\Local\Microsoft\BingDesktop\en-US\Apps\Wallpaper_5386c77076d04cf9a8b5d619b4cba48e\VersionIndependent\images\22926.jpg
DNS Servers: 192.168.43.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{6B1A5332-A410-46F7-994D-677207100D5B}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe (BlueStack Systems, Inc.)
FirewallRules: [{029F1ADF-BFDA-47A4-BA8E-21F09A6DAFD9}] => (Allow) C:\Program Files (x86)\CyberLink\CyberLink Media Suite\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe (CyberLink Corp.)
FirewallRules: [{9B12F191-6A81-41BC-9176-D8CC1BEA4F9A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{6426F3C1-7131-4E45-ACFC-80BF99EAA8DF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{DF84E282-8762-4C8D-B191-84F400F41F26}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe ()
FirewallRules: [{E1A2E030-4900-4582-B74A-174569767F7B}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe ()
FirewallRules: [{56D6CA72-9927-483F-AD5F-68DB351FBCC0}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe ()
FirewallRules: [{EF00A139-9566-40BB-B9BF-736A07DB8793}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe ()
FirewallRules: [{85640DB6-3E54-4F34-AD52-AD5E98774088}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{81084066-B1DA-4B70-8464-BDF11E08C27B}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
FirewallRules: [{91BEEA0E-5551-4655-951A-955EF242E5A0}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{BB8A871C-2BE8-42C4-8887-096CBCE5890F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{9F08464B-CAC7-4891-B3A4-2A7C01A5BE34}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{55784381-C8D3-4836-AB26-AB1BA0C5ACE0}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
==================== Restore Points =========================
08-01-2019 13:16:43 Windows Update
08-01-2019 13:17:37 Windows Update
16-01-2019 20:09:33 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/19/2019 11:06:06 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service ".NETFramework" in DLL "C:\WINDOWS\system32\mscoree.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (01/19/2019 01:54:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_WpnUserService, version: 10.0.17134.1, time stamp: 0xa38b9ab2
Faulting module name: NotificationController.dll, version: 10.0.17134.165, time stamp: 0xe0385185
Exception code: 0xc0000005
Fault offset: 0x000000000007c686
Faulting process id: 0x3b44
Faulting application start time: 0x01d4afc9fdf07da7
Faulting application path: C:\WINDOWS\system32\svchost.exe
Faulting module path: C:\Windows\System32\NotificationController.dll
Report Id: 1c662292-ff51-4f62-a327-bece8c13bbe4
Faulting package full name:
Faulting package-relative application ID:
Error: (01/19/2019 12:54:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_WpnUserService, version: 10.0.17134.1, time stamp: 0xa38b9ab2
Faulting module name: NotificationController.dll, version: 10.0.17134.165, time stamp: 0xe0385185
Exception code: 0xc0000005
Fault offset: 0x000000000007c686
Faulting process id: 0x4fe8
Faulting application start time: 0x01d4afb2f3171166
Faulting application path: C:\WINDOWS\system32\svchost.exe
Faulting module path: C:\Windows\System32\NotificationController.dll
Report Id: 8a030b1b-37af-45b2-8341-bdb9397662fe
Faulting package full name:
Faulting package-relative application ID:
Error: (01/18/2019 11:56:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_WpnUserService, version: 10.0.17134.1, time stamp: 0xa38b9ab2
Faulting module name: NotificationController.dll, version: 10.0.17134.165, time stamp: 0xe0385185
Exception code: 0xc0000005
Fault offset: 0x000000000007c686
Faulting process id: 0x3264
Faulting application start time: 0x01d4af52c6b8c5ed
Faulting application path: C:\WINDOWS\system32\svchost.exe
Faulting module path: C:\Windows\System32\NotificationController.dll
Report Id: 964f5ecb-7bb4-41ce-8727-1a7b6f68c93f
Faulting package full name:
Faulting package-relative application ID:
Error: (01/18/2019 02:50:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_WpnUserService, version: 10.0.17134.1, time stamp: 0xa38b9ab2
Faulting module name: NotificationController.dll, version: 10.0.17134.165, time stamp: 0xe0385185
Exception code: 0xc0000005
Fault offset: 0x000000000007c686
Faulting process id: 0x2de4
Faulting application start time: 0x01d4af0416ab419d
Faulting application path: C:\WINDOWS\system32\svchost.exe
Faulting module path: C:\Windows\System32\NotificationController.dll
Report Id: 451cb0dd-1acd-4f2f-a249-68911da17317
Faulting package full name:
Faulting package-relative application ID:
Error: (01/18/2019 02:09:53 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service ".NETFramework" in DLL "C:\WINDOWS\system32\mscoree.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (01/18/2019 01:57:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_WpnUserService, version: 10.0.17134.1, time stamp: 0xa38b9ab2
Faulting module name: NotificationController.dll, version: 10.0.17134.165, time stamp: 0xe0385185
Exception code: 0xc0000005
Fault offset: 0x000000000007c686
Faulting process id: 0x3894
Faulting application start time: 0x01d4aefcd3a9d7cd
Faulting application path: C:\WINDOWS\system32\svchost.exe
Faulting module path: C:\Windows\System32\NotificationController.dll
Report Id: a98ebb24-f42f-45f9-b189-3889946f3cf1
Faulting package full name:
Faulting package-relative application ID:
Error: (01/18/2019 01:08:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_WpnUserService, version: 10.0.17134.1, time stamp: 0xa38b9ab2
Faulting module name: NotificationController.dll, version: 10.0.17134.165, time stamp: 0xe0385185
Exception code: 0xc0000005
Fault offset: 0x000000000007c686
Faulting process id: 0x143c
Faulting application start time: 0x01d4aefa08d34c16
Faulting application path: C:\WINDOWS\system32\svchost.exe
Faulting module path: C:\Windows\System32\NotificationController.dll
Report Id: 6ba33a9f-3ec5-466e-ad97-889b003c0641
Faulting package full name:
Faulting package-relative application ID:
System errors:
=============
Error: (01/19/2019 04:06:56 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/19/2019 03:06:15 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-O8A2EKO)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
and APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
to the user DESKTOP-O8A2EKO\KBen SID (S-1-5-21-4169369895-2292233020-3573544003-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
Error: (01/19/2019 02:31:17 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-O8A2EKO)
Description: The server Microsoft.MicrosoftEdge_42.17134.1.0_neutral__8wekyb3d8bbwe!ContentProcess#{00031402-0001-0000-2701-9C0200000000} did not register with DCOM within the required timeout.
Error: (01/19/2019 01:31:25 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/19/2019 01:31:25 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/19/2019 01:30:29 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/19/2019 12:03:42 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-O8A2EKO)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-O8A2EKO\KBen SID (S-1-5-21-4169369895-2292233020-3573544003-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/19/2019 11:05:44 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-O8A2EKO)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
and APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
to the user DESKTOP-O8A2EKO\KBen SID (S-1-5-21-4169369895-2292233020-3573544003-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
==================== Memory info ===========================
Processor: Intel® Core i7-6500U CPU @ 2.50GHz
Percentage of memory in use: 33%
Total physical RAM: 16275.82 MB
Available physical RAM: 10821.71 MB
Total Virtual: 18707.82 MB
Available Virtual: 12336.77 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:1848.78 GB) (Free:1716.57 GB) NTFS
\\?\Volume{917e8194-70b2-42bd-bd7c-b170ba134d78}\ () (Fixed) (Total:0.84 GB) (Free:0.45 GB) NTFS
\\?\Volume{79049588-dba9-4c83-be42-a01776ed46db}\ (Image) (Fixed) (Total:12.78 GB) (Free:0.92 GB) NTFS
\\?\Volume{67692ed4-4711-4932-9712-3240e2999db2}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.45 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 61408B0D)
Partition: GPT.
==================== End of Addition.txt ============================