Cooler is good.
Do you really need the Avast Browser? It seems to be the thing using 32 bit the most.
Can I see a new FRST scan with Addition.txt checked.
My laptop is slow starting. Please help me.
Started by
Win10Enthusiast
, Nov 27 2018 09:39 PM
#62
Posted 16 January 2019 - 12:23 AM
Win10Enthusiast
- Topic Starter
-
- Member
-
- 50 posts
Member
I dont need the Avast Browser. However, I cant find it.
Windows Defender Smart Screen wont let me open FRST.
#63
Posted 16 January 2019 - 09:50 AM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
In Windows 10 Creators Update and above, go to Windows Defender Security Center, click App & Browser control, and select Off for Check Apps and Files. That should let you run FRST.
#64
Posted 19 January 2019 - 05:13 PM
Win10Enthusiast
- Topic Starter
-
- Member
-
- 50 posts
Member
It DID let me run FRST.
Here are the latest scans:
FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.01.2019 01
Ran by KBen (administrator) on DESKTOP-O8A2EKO (19-01-2019 17:09:08)
Running from C:\Users\kebli\Desktop
Loaded Profiles: KBen (Available Profiles: KBen)
Platform: Windows 10 Home Version 1803 17134.523 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\DriverStore\FileRepository\c0320070.inf_amd64_836aef5d167483e2\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\IntelCpHDCPSvc.exe
(Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\IntelCpHeciSvc.exe
(CloudBees, Inc.) C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe
(Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RNDBWM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1466\DSAPI.exe
(Dell Inc.) C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1466\pcdrwi.exe
(Dell Inc.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxEM.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe
(CyberLink) C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe
(Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSATray.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDExtHost.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDAppHost.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDRuntimeHost.exe
(Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDSurrogateHost.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Dell) C:\Program Files\Dell\Dell Product Registration\PRSvc.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\atiw.exe
(Wisdom Software Inc. ) C:\Program Files (x86)\Wisdom-soft ScreenHunter 6.0 Free\ScreenHunter.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Farbar) C:\Users\kebli\Desktop\FRST64 (1).exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8848640 2016-02-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1419008 2016-02-05] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-11-23] (AVAST Software)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [718256 2015-12-22] (Waves Audio Ltd.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [322120 2017-04-19] (Intel Corporation)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2369240 2015-10-20] (Microsoft Corp.)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [126200 2018-12-12] (Intel)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-11-23] (AVAST Software)
HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-01-10] (Piriform Software Ltd)
HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2369240 2015-10-20] (Microsoft Corp.)
HKU\S-1-5-18\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-01-10] (Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-17] (Google Inc.)
GroupPolicy: Restriction - Chrome <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{cbdb64e4-631a-4bcb-bfd3-3b89faa0d84a}: [DhcpNameServer] 192.168.43.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell15.msn.com/?pc=DCTE
FireFox:
========
FF DefaultProfile: bs6lengf.default
FF ProfilePath: C:\Users\kebli\AppData\Roaming\Mozilla\Firefox\Profiles\bs6lengf.default [2019-01-19]
FF Homepage: Mozilla\Firefox\Profiles\bs6lengf.default -> |hxxps://www.yahoo.com/
FF Extension: (Avast SafePrice) - C:\Users\kebli\AppData\Roaming\Mozilla\Firefox\Profiles\bs6lengf.default\Extensions\[email protected] [2018-04-14]
FF Extension: (Avast Online Security) - C:\Users\kebli\AppData\Roaming\Mozilla\Firefox\Profiles\bs6lengf.default\Extensions\[email protected] [2018-08-02]
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-4169369895-2292233020-3573544003-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\kebli\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-01-22] (Unity Technologies ApS)
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR Profile: C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default [2019-01-19]
CHR Extension: (Slides) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Docs) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-31]
CHR Extension: (YouTube) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-31]
CHR Extension: (Google Search) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-12-20]
CHR Extension: (Sheets) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Supernova) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegpgpjbmbggplclldecdbpcmopmlbll [2015-11-02]
CHR Extension: (Google Docs Offline) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-26]
CHR Extension: (Avast Online Security) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-10-03]
CHR Extension: (Yahoo Partner) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcjjaajflhellmcfcecojihhmdbjmmlm [2018-06-07]
CHR Extension: (Oberlo - Aliexpress.com Product Importer) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmanipjnbjnhoicdnooapcnfonebefel [2019-01-19]
CHR Extension: (Instapaper) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldjkgaaoikpmhmkelcgkgacicjfbofhh [2018-12-10]
CHR Extension: (WeatherBug) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkkjobcechefaoknodniidfjapgfoco [2015-12-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Gmail) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-31]
CHR Extension: (Chrome Media Router) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-06]
CHR HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hcjjaajflhellmcfcecojihhmdbjmmlm] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0320070.inf_amd64_836aef5d167483e2\atiesrxx.exe [472456 2017-10-27] (AMD)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-09-08] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [324000 2018-11-23] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-09-08] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2018-11-23] (AVAST Software)
S2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173784 2015-10-20] (Microsoft Corp.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209392 2018-10-22] (Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3347440 2018-10-22] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218096 2018-10-22] (Dell Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2017-09-19] (Dell Inc.)
R2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [97616 2017-01-11] (Dell)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1466\DSAPI.exe [1035072 2019-01-10] (PC-Doctor, Inc.)
R2 Dell Help & Support; C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe [40976 2017-09-18] (Dell Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [124568 2018-04-20] (Dell Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237016 2018-03-27] (Dell Inc.)
R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [23288 2018-12-12] (Intel)
S2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [937192 2018-11-07] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [18504 2017-04-19] (Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [542008 2018-10-13] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [742704 2017-10-11] (Intel® Corporation)
R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S3 Intel® SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel Corporation)
S2 Intel® TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [668472 2017-10-11] (Intel® Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [213648 2017-11-09] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [310880 2018-10-26] ()
R2 Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [47144 2017-04-06] (Dell)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2014-04-14] ()
R2 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64184 2018-12-04] (CloudBees, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [310016 2016-02-05] (Realtek Semiconductor)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2114248 2018-12-04] (Rivet Networks)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39384 2018-12-12] (Dell Inc.)
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [192232 2018-11-07] ()
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [937192 2018-11-07] ()
R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [613296 2015-12-22] (Waves Audio Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-11] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4059744 2018-10-26] (Intel® Corporation)
R3 aswbIDSAgent; "C:\Program Files\AVAST Software\Avast\aswidsagent.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0320070.inf_amd64_836aef5d167483e2\atikmdag.sys [40033672 2017-10-27] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0320070.inf_amd64_836aef5d167483e2\atikmpag.sys [536456 2017-10-27] (Advanced Micro Devices, Inc.)
S0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37304 2019-01-19] (AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [203488 2019-01-19] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [220688 2019-01-19] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196264 2019-01-19] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320888 2019-01-19] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [58160 2019-01-19] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-19] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [239808 2019-01-19] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46584 2019-01-19] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42488 2019-01-19] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [166472 2019-01-19] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111992 2019-01-19] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88144 2019-01-19] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034056 2019-01-19] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474648 2019-01-19] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [218056 2019-01-19] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380144 2019-01-19] (AVAST Software)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [269408 2018-02-21] (Bluestack System Inc. )
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [36400 2018-10-20] (Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-02-10] (Dell Computer Corporation)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [19440 2015-05-08] (OSR Open Systems Resources, Inc.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [143496 2018-10-13] (Intel Corporation)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3586696 2018-09-26] (Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402136 2015-05-27] (Realsil Semiconductor Corporation)
R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [120008 2018-12-04] (Rivet Networks, LLC.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-11] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-11] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-11] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-01-19 17:09 - 2019-01-19 17:09 - 000024982 _____ C:\Users\kebli\Desktop\FRST.txt
2019-01-19 17:08 - 2019-01-19 17:08 - 002427904 _____ (Farbar) C:\Users\kebli\Desktop\FRST64 (1).exe
2019-01-19 17:08 - 2019-01-19 17:08 - 000000000 ____D C:\Users\kebli\Desktop\FRST-OlderVersion
2019-01-19 14:48 - 2019-01-19 14:54 - 000000730 _____ C:\Users\kebli\Desktop\423Lesson 8 Nurture Your Leads.txt
2019-01-19 14:48 - 2019-01-19 14:48 - 000000000 ____D C:\Users\kebli\Desktop\423Lesson 8 Nurture Your Leads
2019-01-19 11:08 - 2019-01-19 11:08 - 000003990 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-01-19 11:07 - 2019-01-19 11:07 - 000474648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-01-19 11:07 - 2019-01-19 11:07 - 000380144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-01-19 11:07 - 2019-01-19 11:07 - 000239808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-01-19 11:07 - 2019-01-19 11:07 - 000218056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-01-19 11:07 - 2019-01-19 11:07 - 000203488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-01-19 11:07 - 2019-01-19 11:07 - 000166472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-01-19 11:07 - 2019-01-19 11:07 - 000111992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-01-19 11:07 - 2019-01-19 11:07 - 000088144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-01-19 11:07 - 2019-01-19 11:07 - 000046584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2019-01-19 11:07 - 2019-01-19 11:07 - 000015488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2019-01-19 11:07 - 2019-01-19 11:06 - 001034056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-01-19 11:07 - 2019-01-19 11:06 - 000361352 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-01-19 11:07 - 2019-01-19 11:06 - 000320888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
2019-01-19 11:07 - 2019-01-19 11:06 - 000220688 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-01-19 11:07 - 2019-01-19 11:06 - 000196264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-01-19 11:07 - 2019-01-19 11:06 - 000058160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-01-19 11:07 - 2019-01-19 11:06 - 000042488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-01-19 11:07 - 2019-01-19 11:06 - 000037304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-01-19 02:26 - 2019-01-19 02:26 - 000000000 ___HD C:\OneDriveTemp
2019-01-18 12:41 - 2019-01-19 02:22 - 000000664 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-4169369895-2292233020-3573544003-1001.job
2019-01-18 12:41 - 2019-01-19 02:22 - 000000568 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-4169369895-2292233020-3573544003-1001.job
2019-01-18 11:34 - 2019-01-18 11:34 - 000163416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswd5a8df0cfd9b2b8e.tmp
2019-01-17 16:47 - 2019-01-17 16:47 - 000000000 ____D C:\Users\kebli\AppData\Local\GoTo Opener
2019-01-17 11:43 - 2019-01-19 02:12 - 000002988 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-01-16 01:46 - 2019-01-19 02:12 - 000002860 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4169369895-2292233020-3573544003-1001
2019-01-16 01:46 - 2019-01-16 01:46 - 000002369 _____ C:\Users\kebli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-01-10 17:58 - 2019-01-10 17:58 - 000000000 ____D C:\Users\kebli\AppData\Local\Dell Inc
2019-01-10 14:19 - 2019-01-01 07:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-10 14:19 - 2019-01-01 07:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-10 14:19 - 2019-01-01 01:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-10 14:19 - 2019-01-01 01:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-10 14:19 - 2019-01-01 01:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-01-10 14:19 - 2019-01-01 01:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-10 14:19 - 2019-01-01 01:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-10 14:19 - 2019-01-01 01:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-10 14:19 - 2019-01-01 01:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-10 14:19 - 2019-01-01 01:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-10 14:19 - 2019-01-01 01:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-10 14:19 - 2019-01-01 01:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-10 14:19 - 2019-01-01 01:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-10 14:19 - 2019-01-01 01:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-10 14:19 - 2019-01-01 01:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-10 14:19 - 2019-01-01 00:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-10 14:19 - 2019-01-01 00:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-10 14:19 - 2019-01-01 00:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-10 14:19 - 2019-01-01 00:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-01-10 14:19 - 2019-01-01 00:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-10 14:19 - 2019-01-01 00:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-10 14:19 - 2019-01-01 00:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-01-10 14:19 - 2019-01-01 00:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-10 14:19 - 2019-01-01 00:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-10 14:19 - 2019-01-01 00:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-10 14:19 - 2019-01-01 00:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-10 14:19 - 2019-01-01 00:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-10 14:19 - 2019-01-01 00:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-10 14:19 - 2019-01-01 00:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-10 14:19 - 2019-01-01 00:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-10 14:19 - 2019-01-01 00:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-10 14:19 - 2019-01-01 00:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-10 14:19 - 2019-01-01 00:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-10 14:19 - 2019-01-01 00:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-01-10 14:19 - 2019-01-01 00:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-10 14:19 - 2019-01-01 00:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-10 14:18 - 2019-01-01 07:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-01-10 14:18 - 2019-01-01 07:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-01-10 14:18 - 2019-01-01 07:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-01-10 14:18 - 2019-01-01 07:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-01-10 14:18 - 2019-01-01 07:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-10 14:18 - 2019-01-01 07:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
2019-01-10 14:18 - 2019-01-01 07:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2019-01-10 14:18 - 2019-01-01 07:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2019-01-10 14:18 - 2019-01-01 01:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-01-10 14:18 - 2019-01-01 01:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-01-10 14:18 - 2019-01-01 01:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-01-10 14:18 - 2019-01-01 01:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-10 14:18 - 2019-01-01 01:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-10 14:18 - 2019-01-01 01:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-10 14:18 - 2019-01-01 01:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-10 14:18 - 2019-01-01 00:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-10 14:18 - 2019-01-01 00:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-01-10 14:18 - 2019-01-01 00:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-10 14:18 - 2019-01-01 00:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-10 14:18 - 2019-01-01 00:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-01-10 14:18 - 2019-01-01 00:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-10 14:18 - 2019-01-01 00:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-10 14:18 - 2019-01-01 00:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-01-10 14:18 - 2019-01-01 00:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-10 14:18 - 2019-01-01 00:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-01-10 14:18 - 2019-01-01 00:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-10 14:18 - 2019-01-01 00:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-10 14:18 - 2019-01-01 00:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-10 14:18 - 2019-01-01 00:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-10 14:18 - 2019-01-01 00:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-10 14:18 - 2019-01-01 00:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-01-10 14:18 - 2019-01-01 00:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-01-10 14:18 - 2019-01-01 00:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-10 14:18 - 2019-01-01 00:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-10 14:18 - 2019-01-01 00:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-10 14:18 - 2019-01-01 00:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-01-10 14:18 - 2019-01-01 00:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-01-10 14:18 - 2019-01-01 00:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-01-10 14:18 - 2019-01-01 00:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-01-10 14:18 - 2019-01-01 00:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-10 14:18 - 2019-01-01 00:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-01-10 14:18 - 2019-01-01 00:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-10 14:18 - 2019-01-01 00:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-10 14:18 - 2019-01-01 00:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-10 14:18 - 2019-01-01 00:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-01-10 14:18 - 2019-01-01 00:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-01-10 14:18 - 2019-01-01 00:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-10 14:18 - 2019-01-01 00:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-10 14:18 - 2019-01-01 00:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2019-01-10 14:18 - 2018-12-31 23:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-01-10 14:18 - 2018-12-18 22:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-09 00:04 - 2018-09-19 22:12 - 001483576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-01-08 23:21 - 2019-01-19 02:22 - 000286168 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-01-08 23:12 - 2019-01-08 23:12 - 000000000 ____D C:\Users\kebli\AppData\LocalLow\Temp
2019-01-08 13:17 - 2019-01-02 13:41 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-01-08 13:17 - 2019-01-02 13:41 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-05 23:02 - 2019-01-05 23:02 - 000000000 ____D C:\Users\kebli\Downloads\SupportAssistAgent
2018-12-28 19:22 - 2018-12-28 19:22 - 000017262 _____ C:\VEW_Dec28_Application.txt
2018-12-28 19:20 - 2018-12-28 19:20 - 000015163 _____ C:\VEW_Dec28.txt
2018-12-28 19:17 - 2018-12-28 19:17 - 000061440 _____ ( ) C:\Users\kebli\Desktop\VEW (1).exe
2018-12-23 12:04 - 2018-12-23 12:04 - 000000000 ____D C:\Program Files\Common Files\Intel
2018-12-23 11:49 - 2018-12-23 11:49 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2018-12-23 11:46 - 2018-12-23 11:46 - 000000000 ____D C:\Users\kebli\Intel
2018-12-23 11:37 - 2018-12-23 11:37 - 000000000 ____D C:\Users\kebli\Downloads\Intel Driver and Support Assistant
2018-12-21 00:12 - 2019-01-19 02:12 - 000002258 _____ C:\WINDOWS\System32\Tasks\SmartByte Telemetry
2018-12-21 00:12 - 2018-12-21 00:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rivet Networks
2018-12-21 00:12 - 2018-12-21 00:12 - 000000000 ____D C:\Program Files\Rivet Networks
2018-12-20 23:43 - 2019-01-19 02:12 - 000002146 _____ C:\WINDOWS\System32\Tasks\StartCN
2018-12-20 23:43 - 2018-12-20 23:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2018-12-20 23:43 - 2018-12-20 23:43 - 000000000 ____D C:\Program Files (x86)\AMD
2018-12-20 23:42 - 2018-12-20 23:42 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2018-12-20 23:40 - 2017-12-08 16:25 - 000798520 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-12-20 23:40 - 2017-12-08 16:25 - 000490808 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-12-20 23:40 - 2017-12-08 16:24 - 000928568 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-12-20 23:40 - 2017-12-08 16:24 - 000591672 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-12-20 23:40 - 2017-10-27 09:43 - 000698760 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2018-12-20 23:40 - 2017-10-27 09:43 - 000547208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000534216 _____ C:\WINDOWS\system32\amdmiracast.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000470920 _____ C:\WINDOWS\system32\dgtrayicon.exe
2018-12-20 23:40 - 2017-10-27 09:43 - 000461192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000458632 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000449416 _____ C:\WINDOWS\system32\GameManager64.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000405384 _____ C:\WINDOWS\system32\atieah64.exe
2018-12-20 23:40 - 2017-10-27 09:43 - 000357256 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000342920 _____ C:\WINDOWS\system32\clinfo.exe
2018-12-20 23:40 - 2017-10-27 09:43 - 000325512 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2018-12-20 23:40 - 2017-10-27 09:43 - 000267656 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000233352 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000223112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000194440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000175288 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000170888 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000159624 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000153640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000149896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000148496 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000141704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000140232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000136584 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000126344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000115592 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000111440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000111440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000107912 _____ C:\WINDOWS\system32\atidxx64.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000104840 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000092552 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000092328 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000092328 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000060296 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000036232 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000033160 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000020360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2018-12-20 23:40 - 2017-10-27 09:43 - 000020360 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2018-12-20 23:40 - 2017-10-27 09:42 - 002915208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2018-12-20 23:40 - 2017-10-27 09:42 - 001454984 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2018-12-20 23:40 - 2017-10-27 09:42 - 001232264 _____ (AMD) C:\WINDOWS\system32\coinst_17.40.dll
2018-12-20 23:40 - 2017-10-27 09:42 - 001052040 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2018-12-20 23:40 - 2017-10-27 09:42 - 001052040 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2018-12-20 23:40 - 2017-10-27 09:42 - 000866184 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2018-12-20 23:40 - 2017-10-27 09:42 - 000694664 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2018-12-20 23:40 - 2017-10-27 09:42 - 000436616 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2018-12-20 23:40 - 2017-10-27 09:42 - 000352136 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2018-12-20 23:40 - 2017-10-27 09:42 - 000148360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2018-12-20 23:40 - 2017-10-27 09:42 - 000124296 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2018-12-20 23:40 - 2017-10-27 09:42 - 000120680 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2018-12-20 23:40 - 2017-10-27 09:42 - 000105736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2018-12-20 23:40 - 2017-10-27 09:42 - 000089992 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2018-12-20 23:40 - 2017-10-27 09:41 - 013527944 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2018-12-20 23:40 - 2017-10-27 09:41 - 011090824 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2018-12-20 23:40 - 2017-10-27 09:41 - 002533256 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2018-12-20 23:40 - 2017-10-27 09:41 - 000543624 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2018-12-20 23:40 - 2017-10-27 09:41 - 000373640 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2018-12-20 23:40 - 2017-10-27 08:59 - 000835440 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2018-12-20 23:40 - 2017-10-27 08:59 - 000835440 _____ C:\WINDOWS\system32\atiapfxx.blb
2018-12-20 23:40 - 2017-10-27 08:56 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2018-12-20 23:40 - 2017-10-27 08:50 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2018-12-20 23:40 - 2017-10-07 03:21 - 000120880 _____ C:\WINDOWS\system32\kapp_ci.sbin
2018-12-20 23:40 - 2017-09-16 00:37 - 000000145 _____ C:\WINDOWS\SysWOW64\amd-vulkan32.json
2018-12-20 23:40 - 2017-09-16 00:37 - 000000145 _____ C:\WINDOWS\system32\amd-vulkan64.json
2018-12-20 23:40 - 2017-08-28 05:38 - 000034501 _____ C:\WINDOWS\system32\AMDKernelEvents.man
2018-12-20 23:40 - 2016-09-03 07:30 - 000114704 _____ C:\WINDOWS\system32\kapp_si.sbin
2018-12-20 23:40 - 2016-09-03 00:24 - 000154384 _____ C:\WINDOWS\system32\samu_krnl_ci.sbin
2018-12-20 13:39 - 2018-12-14 00:55 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-12-20 13:39 - 2018-12-14 00:52 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-12-20 13:38 - 2018-12-14 01:29 - 001130760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-12-20 13:38 - 2018-12-14 01:25 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-12-20 13:38 - 2018-12-14 01:21 - 001457240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-12-20 13:38 - 2018-12-14 01:21 - 001257672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-12-20 13:38 - 2018-12-14 01:21 - 001140480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-12-20 13:38 - 2018-12-14 01:21 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-12-20 13:38 - 2018-12-14 01:21 - 000982912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-12-20 13:38 - 2018-12-14 01:10 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-12-20 13:38 - 2018-12-14 01:07 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-12-20 13:38 - 2018-12-14 00:55 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-12-20 13:38 - 2018-12-14 00:54 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-12-20 13:38 - 2018-12-14 00:54 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-12-20 13:38 - 2018-12-14 00:52 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-12-20 13:38 - 2018-12-14 00:51 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-12-20 13:38 - 2018-12-14 00:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-01-19 17:09 - 2015-11-23 15:23 - 000000000 ____D C:\FRST
2019-01-19 17:01 - 2018-04-11 17:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-19 16:54 - 2018-12-14 12:43 - 000000000 ____D C:\Users\kebli\Desktop\KBL1
2019-01-19 16:53 - 2018-12-14 12:44 - 000000000 ____D C:\Users\kebli\Desktop\Pics Dec152018
2019-01-19 14:44 - 2018-12-16 18:43 - 000000000 ____D C:\Users\kebli\Desktop\Get Ready For Digital Commerce Academy
2019-01-19 13:46 - 2018-08-04 00:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-01-19 13:31 - 2018-12-15 13:22 - 000000000 ____D C:\Program Files (x86)\Intel Driver and Support Assistant
2019-01-19 11:08 - 2015-11-01 00:26 - 000002217 _____ C:\Users\kebli\Desktop\ScreenHunter 6.0 Free.lnk
2019-01-19 11:07 - 2018-04-11 17:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-01-19 11:05 - 2015-10-30 21:54 - 000000000 ___RD C:\Users\kebli\OneDrive
2019-01-19 11:02 - 2018-04-11 17:36 - 000000000 ____D C:\WINDOWS\INF
2019-01-19 02:27 - 2018-08-04 00:56 - 000000000 ____D C:\Users\kebli
2019-01-19 02:23 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-01-19 02:22 - 2018-08-04 01:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-19 02:21 - 2018-04-11 15:04 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2019-01-19 02:12 - 2018-12-15 13:32 - 000003042 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2019-01-19 02:12 - 2018-12-15 13:22 - 000002970 _____ C:\WINDOWS\System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2019-01-19 02:12 - 2018-12-15 13:22 - 000002678 _____ C:\WINDOWS\System32\Tasks\USER_ESRV_SVC_QUEENCREEK
2019-01-19 02:12 - 2018-12-15 13:22 - 000002604 _____ C:\WINDOWS\System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2019-01-19 02:12 - 2018-12-14 00:40 - 000002590 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2019-01-19 02:12 - 2018-12-13 23:51 - 000003008 _____ C:\WINDOWS\System32\Tasks\Tweaking.com - Windows Repair Tray Icon
2019-01-19 02:12 - 2018-12-10 18:22 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-01-19 02:12 - 2018-12-10 18:22 - 000003122 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-01-19 02:12 - 2018-08-04 01:20 - 000003764 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-01-19 02:12 - 2018-08-04 01:20 - 000003446 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-01-19 02:12 - 2018-08-04 01:20 - 000003310 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8E32CCF5-6C3B-4761-B98F-5E7BA2CFD104}
2019-01-19 02:12 - 2018-08-04 01:20 - 000003298 _____ C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2019-01-19 02:12 - 2018-08-04 01:20 - 000003262 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-4169369895-2292233020-3573544003-1001
2019-01-19 02:12 - 2018-08-04 01:20 - 000003166 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-4169369895-2292233020-3573544003-1001
2019-01-19 02:12 - 2018-08-04 01:20 - 000003118 _____ C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification
2019-01-19 02:12 - 2018-08-04 01:20 - 000002528 _____ C:\WINDOWS\System32\Tasks\CLVDLauncher
2019-01-19 02:12 - 2018-08-04 01:20 - 000002528 _____ C:\WINDOWS\System32\Tasks\CLMLSvc_P2G8
2019-01-19 02:12 - 2018-08-04 01:20 - 000002304 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_PushButton
2019-01-19 02:12 - 2018-08-04 01:20 - 000002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-01-19 02:12 - 2018-08-04 01:20 - 000002172 _____ C:\WINDOWS\System32\Tasks\DropboxOEM
2019-01-19 02:12 - 2018-08-04 01:20 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-01-19 01:54 - 2018-09-10 00:22 - 000000000 ____D C:\Users\kebli\AppData\Local\CrashDumps
2019-01-19 00:08 - 2017-09-29 05:23 - 000000000 ____D C:\Program Files\rempl
2019-01-18 21:30 - 2018-04-11 17:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-18 18:27 - 2017-08-14 23:53 - 000000000 ____D C:\Users\kebli\AppData\Local\GoToMeeting
2019-01-18 10:34 - 2018-08-02 22:59 - 000000000 ____D C:\Users\kebli\AppData\Local\AVAST Software
2019-01-18 10:32 - 2015-12-05 22:50 - 000000000 ____D C:\Program Files\CCleaner
2019-01-17 16:47 - 2016-01-08 10:57 - 000000000 ____D C:\Users\kebli\AppData\Local\Citrix
2019-01-11 18:01 - 2015-09-18 05:26 - 000000000 ____D C:\ProgramData\PCDr
2019-01-10 18:03 - 2015-09-18 05:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2019-01-10 17:58 - 2017-07-23 12:26 - 000000000 ____D C:\ProgramData\SupportAssist
2019-01-10 17:35 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-01-10 17:35 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-01-10 14:27 - 2018-04-11 17:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-08 23:24 - 2018-08-04 01:09 - 000775884 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-01-08 14:38 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-01-08 14:38 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-01-08 13:21 - 2015-10-31 00:04 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-08 13:18 - 2015-10-31 00:04 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-06 11:53 - 2017-09-15 03:08 - 000000185 _____ C:\WINDOWS\SysWOW64\SmartFlow.txt
2019-01-03 11:55 - 2018-12-17 14:02 - 000000000 ____D C:\Users\kebli\AppData\Local\PlaceholderTileLogoFolder
2019-01-03 11:55 - 2018-01-16 06:02 - 000000000 ____D C:\Users\kebli\AppData\Local\Packages
2019-01-03 11:50 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-12-28 19:21 - 2018-12-09 14:18 - 000017262 _____ C:\VEW.txt
2018-12-25 11:16 - 2018-08-04 01:26 - 000000000 ____D C:\ProgramData\Packages
2018-12-23 12:05 - 2016-03-26 13:00 - 000000000 ____D C:\ProgramData\Intel
2018-12-23 12:05 - 2015-09-18 05:11 - 000000000 ____D C:\ProgramData\Package Cache
2018-12-23 12:04 - 2017-10-08 09:38 - 000000000 ____D C:\Program Files (x86)\Intel
2018-12-23 12:01 - 2017-10-08 09:38 - 000000000 ____D C:\Program Files\Intel
2018-12-21 00:12 - 2018-07-25 09:32 - 000000000 ____D C:\ProgramData\RivetNetworks
2018-12-21 00:11 - 2016-10-08 01:16 - 000000000 ____D C:\Users\kebli\AppData\Local\AMD
2018-12-20 23:42 - 2017-10-08 09:39 - 000000000 ____D C:\Program Files\AMD
2018-12-20 23:40 - 2017-10-08 09:38 - 000000000 ____D C:\Program Files (x86)\VulkanRT
==================== Files in the root of some directories =======
2015-11-02 19:34 - 2015-11-02 19:34 - 000007679 _____ () C:\Users\kebli\AppData\Local\Resmon.ResmonCfg
2018-04-29 00:09 - 2018-04-29 00:09 - 000000000 _____ () C:\Users\kebli\AppData\Local\{062078D9-1EAA-4A27-95D5-40AB4E70E42C}
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-08-04 00:49
==================== End of FRST.txt ============================
and, Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16.01.2019 01
Ran by KBen (19-01-2019 17:09:57)
Running from C:\Users\kebli\Desktop
Windows 10 Home Version 1803 17134.523 (X64) (2018-08-04 07:22:55)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4169369895-2292233020-3573544003-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4169369895-2292233020-3573544003-503 - Limited - Disabled)
Guest (S-1-5-21-4169369895-2292233020-3573544003-501 - Limited - Disabled)
KBen (S-1-5-21-4169369895-2292233020-3573544003-1001 - Administrator - Enabled) => C:\Users\kebli
KBenEbberly (S-1-5-21-4169369895-2292233020-3573544003-1006 - Administrator - Enabled)
WDAGUtilityAccount (S-1-5-21-4169369895-2292233020-3573544003-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
. . (HKLM\...\{EAA6C597-BD0D-454D-AEB7-FF0A57905C1C}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{8CBC102C-34F4-4EB9-9529-3B222367621F}) (Version: 3.7.0.6 - Intel) Hidden
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\Amazon Kindle) (Version: 1.15.0.43061 - Amazon)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 17.7 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.154.333 - AVAST Software) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bing Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.478.0 - Microsoft Corporation)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 3.56.74.1828 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 12 - CyberLink Corp.)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Dell Customer Connect (HKLM-x32\...\{04A41EBC-AB30-4574-A14D-E0CDFE31AB70}) (Version: 1.5.1.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{AB7F2792-2ED1-4C5C-9F28-680E5110BF72}) (Version: 3.1.1018.0 - Dell Products, LP)
Dell Foundation Services (HKLM\...\{B1714996-891A-43D2-8B83-CCFB2EC53978}) (Version: 2.3.3800.0 - Dell Inc.)
Dell Foundation Services (HKLM\...\{BDB50421-E961-42F3-B803-6DAC6F173834}) (Version: 3.4.16100.0 - Dell Inc.)
Dell Help & Support (HKLM\...\{457EFE69-8F49-43E0-80F9-1DEF4F7690C2}) (Version: 2.5.23.0 - Dell Inc.) Hidden
Dell Help & Support (HKLM-x32\...\InstallShield_{457EFE69-8F49-43E0-80F9-1DEF4F7690C2}) (Version: 2.5.23.0 - Dell Inc.)
Dell Product Registration (HKLM-x32\...\InstallShield_{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\{E98E94E2-12D1-48E5-AC69-2C312F466136}) (Version: 3.1.0.142 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{2B2C47D2-F037-4C03-B599-07D7AFE8DD54}) (Version: 3.3.0.4943 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{8ce1a5ae-856e-4b8e-a0e8-27dd7a209276}) (Version: 3.3.0.4943 - Dell Inc.)
Dell Update - SupportAssist Update Plugin (HKLM\...\{6DE68941-66DE-48DE-9C80-FE60C9DE0AD4}) (Version: 4.0.1.5857 - Dell Inc.) Hidden
Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{1dbe752f-b00e-4567-9276-141812b20d28}) (Version: 4.0.1.5857 - Dell Inc.)
Dell Update (HKLM-x32\...\{D8AE5F9D-647C-49B4-A666-1C20B44EC0E1}) (Version: 2.1.3.0 - Dell Inc.)
Dropbox 20 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.0 - Dropbox, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
GoTo Opener (HKLM-x32\...\{D144D2C2-4F96-48B7-BB2A-E9185050B619}) (Version: 1.0.491 - LogMeIn, Inc.)
GoToMeeting 8.39.1.11584 (HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\GoToMeeting) (Version: 8.39.1.11584 - LogMeIn, Inc.)
Intel® Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel® Corporation) Hidden
Intel® Computing Improvement Program (HKLM\...\{93FE134F-7678-4D90-A849-6FF6EB28CCDF}) (Version: 2.4.04289 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4590 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.16.1063 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{246c6cc0-9810-4728-9a29-28474de2eec5}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel® Wireless Bluetooth® (HKLM-x32\...\{00001090-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.90.1 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{f0bbb6e9-80c3-4fe8-8691-b51d1281d69e}) (Version: 3.7.0.6 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{3b62443b-0508-4b68-b01a-52a802851410}) (Version: 20.100.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.8006.3 - Waves Audio Ltd.) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\OneDriveSetup.exe) (Version: 18.240.1202.0004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
Mozilla Firefox 61.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 61.0.1 (x86 en-US)) (Version: 61.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2 - Mozilla)
OEM Application Profile (HKLM-x32\...\{12C2AEB0-ED60-4CCF-DD83-C65BC7CCFB50}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
OpenOffice 4.1.2 (HKLM-x32\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)
PDF-XChange Editor (HKLM\...\{3D1987D7-5A88-4DDA-9D29-6977AE2BDBD0}) (Version: 5.5.316.1 - Tracker Software Products (Canada) Ltd.)
PDF-XChange Editor (HKLM-x32\...\{3475c0cd-7dee-4863-ac1d-57cb530ee125}) (Version: 5.5.315.0 - Tracker Software Products (Canada) Ltd.)
Product Registration (HKLM\...\{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Dell Inc.) Hidden
PX Profile Update (HKLM-x32\...\{0D5E5C9A-84C2-D3E9-30EE-1836BA479E0E}) (Version: 1.00.1. - AMD) Hidden
PX Profile Update (HKLM-x32\...\{6551EEEC-4938-70FF-77EB-E83D1E3E88C8}) (Version: 1.00.1. - AMD) Hidden
PX Profile Update (HKLM-x32\...\{95145542-659F-1C89-B424-518BBC7F7556}) (Version: 1.00.1. - AMD) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7737 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revo Uninstaller Pro 3.1.4 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.4 - VS Revo Group, Ltd.)
SmartByte Drivers and Services (HKLM\...\{01F01829-4C5A-41B0-8198-0BDD02B34C47}) (Version: 2.0.643 - Rivet Networks)
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
SpywareBlaster 5.5 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.5.0 - BrightFort LLC)
System Requirements Lab Detection (HKLM-x32\...\{4610FE53-898B-43AE-9F05-6262FB165BFF}) (Version: 6.1.6.0 - Husdawg, LLC)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 4.4.0 - Tweaking.com)
Unity Web Player (HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\UnityWebPlayer) (Version: 5.3.2f1 - Unity Technologies ApS)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Wisdom-soft ScreenHunter 6.0 Free (HKLM-x32\...\Wisdom-soft ScreenHunter 6.0 Free) (Version: - Wisdom Software Inc.)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\kebli\AppData\Local\GoToMeeting\11282\G2MOutlookAddin64.dll (LogMeIn, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-11-23] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-11-23] (AVAST Software)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-05-07] (Cyberlink)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-05-07] (Cyberlink)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-11-23] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-01] (Piriform Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-10-26] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxDTCM.dll [2018-03-22] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-11-23] (AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-01] (Piriform Ltd)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2012-12-29] (VS Revo Group)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {000B1C89-7735-4CCD-BA1D-66EE33C841DE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2019-01-10] (Piriform Software Ltd)
Task: {0176B90D-7670-48E5-B03F-EC2404C53E1B} - System32\Tasks\G2MUploadTask-S-1-5-21-4169369895-2292233020-3573544003-1001 => C:\Users\kebli\AppData\Local\GoToMeeting\11584\g2mupload.exe [2019-01-18] (LogMeIn, Inc.)
Task: {0C21F844-69B2-4064-8B4B-43EA2771B535} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2015-05-29] ()
Task: {11282B8B-827F-4481-A5B8-FDF4867986FC} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-01-19] (AVAST Software)
Task: {14F0A37B-4697-4FF4-B1E8-E3BF48519126} - System32\Tasks\G2MUpdateTask-S-1-5-21-4169369895-2292233020-3573544003-1001 => C:\Users\kebli\AppData\Local\GoToMeeting\11584\g2mupdate.exe [2019-01-18] (LogMeIn, Inc.)
Task: {2065C0F3-4FCD-4147-A701-6299B5FFC583} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2017-05-02] (Tweaking.com)
Task: {379FF41C-724E-484C-80B0-816552DC45FE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2019-01-10] (Piriform Ltd)
Task: {4ECE522E-991C-49D0-9E76-639BEECFD3C7} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [2018-12-04] (DELL)
Task: {5678C54C-D7BC-4E53-B7A2-5DC1166756BA} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13] (Intel Corporation)
Task: {5EB2329D-A9AC-47A9-8B12-FBB089041235} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2017-10-11] (Intel® Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {76B4F24D-6656-4359-A527-2C9892E29A14} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {7A763B7B-62F0-4236-A117-323B69026058} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-12-10] (Google Inc.)
Task: {7AB9AF15-DDD2-42A5-9081-81F209F0F841} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-02-05] (Realtek Semiconductor)
Task: {81D84FBA-E575-497A-924B-6C521478A2AC} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2019-01-18] (AVAST Software)
Task: {875F5410-5C87-45CE-83DB-1F20D4F543D4} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe
Task: {8AA65B27-46A5-4A8D-A718-4996ADE6236A} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-08] (Adobe Systems Incorporated)
Task: {9D89E7D5-A194-4FE5-BDBA-2440FB4CDCC8} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLVDLauncher.exe [2015-01-28] (CyberLink Corp.)
Task: {A3ABC667-4B93-439F-A425-87FF506C71D9} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-09-08] (AVAST Software)
Task: {AD4CA133-62F5-4630-9BF6-8FBB3959B959} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13] (Intel Corporation)
Task: {C0A1125D-9966-4758-B2B4-6DB986483CBA} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_pepper.exe [2019-01-08] (Adobe Systems Incorporated)
Task: {C0CB6929-A415-4B65-995E-3179DC9B4FA6} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe [2015-05-07] (CyberLink)
Task: {D2E46815-ABBB-4697-942A-FC76C45738CE} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {D3526ADC-380F-4689-B5D5-D0859365B6A7} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-09-08] (AVAST Software)
Task: {E760FA32-9B3C-4385-BAF0-214A19FAE5CD} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-10-26] (Advanced Micro Devices, Inc.)
Task: {E8EEDC6C-1A80-47FD-9B50-13AFF1F00A77} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {ECC12274-BB53-4C38-8716-9D7A8EF92C4C} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [2018-12-12] (Dell Inc.)
Task: {F0CCBE85-BC49-464D-9B39-A5C377E658B8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-12-10] (Google Inc.)
Task: {F242CC28-38C9-4C66-8228-F41F028F7BE1} - System32\Tasks\S-1-5-21-4169369895-2292233020-3573544003-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-12-08] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-4169369895-2292233020-3573544003-1001.job => C:\Users\kebli\AppData\Local\GoToMeeting\11584\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-4169369895-2292233020-3573544003-1001.job => C:\Users\kebli\AppData\Local\GoToMeeting\11584\g2mupload.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-09-18 05:10 - 2014-04-14 19:59 - 000253776 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2018-11-07 21:24 - 2018-11-07 21:24 - 000192232 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
2019-01-10 18:03 - 2019-01-10 18:03 - 002587968 _____ () C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1466\libprotobuf.dll
2018-04-11 17:34 - 2018-04-11 17:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-11 17:34 - 2018-04-11 17:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-11 22:31 - 2018-11-08 20:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2019-01-10 14:18 - 2019-01-01 00:42 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-12-14 15:14 - 2018-12-14 15:15 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-12-14 15:14 - 2018-12-14 15:15 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll
2018-10-15 17:47 - 2018-10-15 17:48 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2018-12-14 15:14 - 2018-12-14 15:15 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-12-14 15:14 - 2018-12-14 15:15 - 010927616 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\LibWrapper.dll
2018-12-14 15:14 - 2018-12-14 15:15 - 002916864 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\skypert.dll
2018-12-14 15:14 - 2018-12-14 15:15 - 000688128 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-12-10 17:52 - 2018-12-10 17:55 - 034870272 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-12-10 17:52 - 2018-12-10 17:53 - 000292352 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-01-15 21:29 - 2018-01-15 21:30 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-11-28 23:19 - 2018-11-28 23:19 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-12-10 17:52 - 2018-12-10 17:52 - 005967872 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\EntCommon.dll
2018-12-10 17:52 - 2018-12-10 17:53 - 009072128 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\EntPlat.dll
2019-01-02 04:28 - 2019-01-02 04:28 - 000059376 _____ () C:\Program Files\CCleaner\branding.dll
2017-06-05 04:33 - 2017-06-05 04:33 - 000015360 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2017-06-05 04:33 - 2017-06-05 04:33 - 002519040 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2018-12-17 19:28 - 2018-12-11 23:11 - 005237216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libglesv2.dll
2018-12-17 19:28 - 2018-12-11 23:11 - 000117216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libegl.dll
2018-11-05 23:24 - 2018-11-05 23:24 - 000194048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-11-05 23:24 - 2018-11-05 23:24 - 002538056 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-11-05 23:24 - 2018-11-05 23:24 - 001754112 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
2019-01-16 14:01 - 2019-01-16 14:01 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2019-01-16 14:01 - 2019-01-16 14:01 - 065903104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-08 23:47 - 2017-10-08 23:49 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2019-01-16 14:01 - 2019-01-16 14:01 - 000012288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-11-14 16:12 - 2018-11-14 16:12 - 003715072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-11-14 16:12 - 2018-11-14 16:13 - 000036352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-08-23 15:52 - 2018-08-23 15:54 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll
2018-08-23 15:52 - 2018-08-23 15:54 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\opencv_core320.dll
2018-04-03 14:08 - 2018-04-03 14:10 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2019-01-16 14:01 - 2019-01-16 14:01 - 014186496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-11-14 16:12 - 2018-11-14 16:12 - 003569152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2019-01-16 14:01 - 2019-01-16 14:01 - 002871296 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-08-30 18:54 - 2018-08-30 18:56 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-08-02 13:20 - 2018-08-02 13:49 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-16 14:01 - 2019-01-16 14:01 - 000145920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\SKU.dll
2017-09-19 09:35 - 2017-09-19 09:35 - 000134008 _____ () C:\Program Files (x86)\Dell Customer Connect\ServiceTagPlusPlus.dll
2015-06-23 17:26 - 2015-06-23 17:26 - 000155888 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2018-03-27 12:41 - 2018-03-27 12:41 - 000134616 _____ () C:\Program Files (x86)\Dell Update\ServiceTagPlusPlus.dll
2017-11-09 00:44 - 2017-11-09 00:44 - 001244304 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-09-18 05:08 - 2014-12-08 01:28 - 000627672 _____ () C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMediaLibrary.dll
2014-12-08 16:28 - 2014-12-08 16:28 - 000016856 _____ () C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvcPS.dll
2018-06-25 15:29 - 2014-09-05 10:55 - 000132808 _____ () C:\Users\kebli\AppData\Local\Microsoft\BingDesktop\en-US\Apps\Wallpaper_5386c77076d04cf9a8b5d619b4cba48e\1.4.82\wallpaper.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\1001movie.com -> 1001movie.com
There are 6091 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 05:04 - 2019-01-09 03:33 - 000000857 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2018-01-20 01:21 - 2018-01-20 01:21 - 000000444 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\kebli\AppData\Local\Microsoft\BingDesktop\en-US\Apps\Wallpaper_5386c77076d04cf9a8b5d619b4cba48e\VersionIndependent\images\22926.jpg
DNS Servers: 192.168.43.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{6B1A5332-A410-46F7-994D-677207100D5B}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe (BlueStack Systems, Inc.)
FirewallRules: [{029F1ADF-BFDA-47A4-BA8E-21F09A6DAFD9}] => (Allow) C:\Program Files (x86)\CyberLink\CyberLink Media Suite\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe (CyberLink Corp.)
FirewallRules: [{9B12F191-6A81-41BC-9176-D8CC1BEA4F9A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{6426F3C1-7131-4E45-ACFC-80BF99EAA8DF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{DF84E282-8762-4C8D-B191-84F400F41F26}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe ()
FirewallRules: [{E1A2E030-4900-4582-B74A-174569767F7B}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe ()
FirewallRules: [{56D6CA72-9927-483F-AD5F-68DB351FBCC0}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe ()
FirewallRules: [{EF00A139-9566-40BB-B9BF-736A07DB8793}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe ()
FirewallRules: [{85640DB6-3E54-4F34-AD52-AD5E98774088}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{81084066-B1DA-4B70-8464-BDF11E08C27B}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
FirewallRules: [{91BEEA0E-5551-4655-951A-955EF242E5A0}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{BB8A871C-2BE8-42C4-8887-096CBCE5890F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{9F08464B-CAC7-4891-B3A4-2A7C01A5BE34}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{55784381-C8D3-4836-AB26-AB1BA0C5ACE0}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
==================== Restore Points =========================
08-01-2019 13:16:43 Windows Update
08-01-2019 13:17:37 Windows Update
16-01-2019 20:09:33 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/19/2019 11:06:06 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service ".NETFramework" in DLL "C:\WINDOWS\system32\mscoree.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (01/19/2019 01:54:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_WpnUserService, version: 10.0.17134.1, time stamp: 0xa38b9ab2
Faulting module name: NotificationController.dll, version: 10.0.17134.165, time stamp: 0xe0385185
Exception code: 0xc0000005
Fault offset: 0x000000000007c686
Faulting process id: 0x3b44
Faulting application start time: 0x01d4afc9fdf07da7
Faulting application path: C:\WINDOWS\system32\svchost.exe
Faulting module path: C:\Windows\System32\NotificationController.dll
Report Id: 1c662292-ff51-4f62-a327-bece8c13bbe4
Faulting package full name:
Faulting package-relative application ID:
Error: (01/19/2019 12:54:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_WpnUserService, version: 10.0.17134.1, time stamp: 0xa38b9ab2
Faulting module name: NotificationController.dll, version: 10.0.17134.165, time stamp: 0xe0385185
Exception code: 0xc0000005
Fault offset: 0x000000000007c686
Faulting process id: 0x4fe8
Faulting application start time: 0x01d4afb2f3171166
Faulting application path: C:\WINDOWS\system32\svchost.exe
Faulting module path: C:\Windows\System32\NotificationController.dll
Report Id: 8a030b1b-37af-45b2-8341-bdb9397662fe
Faulting package full name:
Faulting package-relative application ID:
Error: (01/18/2019 11:56:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_WpnUserService, version: 10.0.17134.1, time stamp: 0xa38b9ab2
Faulting module name: NotificationController.dll, version: 10.0.17134.165, time stamp: 0xe0385185
Exception code: 0xc0000005
Fault offset: 0x000000000007c686
Faulting process id: 0x3264
Faulting application start time: 0x01d4af52c6b8c5ed
Faulting application path: C:\WINDOWS\system32\svchost.exe
Faulting module path: C:\Windows\System32\NotificationController.dll
Report Id: 964f5ecb-7bb4-41ce-8727-1a7b6f68c93f
Faulting package full name:
Faulting package-relative application ID:
Error: (01/18/2019 02:50:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_WpnUserService, version: 10.0.17134.1, time stamp: 0xa38b9ab2
Faulting module name: NotificationController.dll, version: 10.0.17134.165, time stamp: 0xe0385185
Exception code: 0xc0000005
Fault offset: 0x000000000007c686
Faulting process id: 0x2de4
Faulting application start time: 0x01d4af0416ab419d
Faulting application path: C:\WINDOWS\system32\svchost.exe
Faulting module path: C:\Windows\System32\NotificationController.dll
Report Id: 451cb0dd-1acd-4f2f-a249-68911da17317
Faulting package full name:
Faulting package-relative application ID:
Error: (01/18/2019 02:09:53 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service ".NETFramework" in DLL "C:\WINDOWS\system32\mscoree.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (01/18/2019 01:57:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_WpnUserService, version: 10.0.17134.1, time stamp: 0xa38b9ab2
Faulting module name: NotificationController.dll, version: 10.0.17134.165, time stamp: 0xe0385185
Exception code: 0xc0000005
Fault offset: 0x000000000007c686
Faulting process id: 0x3894
Faulting application start time: 0x01d4aefcd3a9d7cd
Faulting application path: C:\WINDOWS\system32\svchost.exe
Faulting module path: C:\Windows\System32\NotificationController.dll
Report Id: a98ebb24-f42f-45f9-b189-3889946f3cf1
Faulting package full name:
Faulting package-relative application ID:
Error: (01/18/2019 01:08:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_WpnUserService, version: 10.0.17134.1, time stamp: 0xa38b9ab2
Faulting module name: NotificationController.dll, version: 10.0.17134.165, time stamp: 0xe0385185
Exception code: 0xc0000005
Fault offset: 0x000000000007c686
Faulting process id: 0x143c
Faulting application start time: 0x01d4aefa08d34c16
Faulting application path: C:\WINDOWS\system32\svchost.exe
Faulting module path: C:\Windows\System32\NotificationController.dll
Report Id: 6ba33a9f-3ec5-466e-ad97-889b003c0641
Faulting package full name:
Faulting package-relative application ID:
System errors:
=============
Error: (01/19/2019 04:06:56 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/19/2019 03:06:15 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-O8A2EKO)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
and APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
to the user DESKTOP-O8A2EKO\KBen SID (S-1-5-21-4169369895-2292233020-3573544003-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
Error: (01/19/2019 02:31:17 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-O8A2EKO)
Description: The server Microsoft.MicrosoftEdge_42.17134.1.0_neutral__8wekyb3d8bbwe!ContentProcess#{00031402-0001-0000-2701-9C0200000000} did not register with DCOM within the required timeout.
Error: (01/19/2019 01:31:25 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/19/2019 01:31:25 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/19/2019 01:30:29 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/19/2019 12:03:42 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-O8A2EKO)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-O8A2EKO\KBen SID (S-1-5-21-4169369895-2292233020-3573544003-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/19/2019 11:05:44 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-O8A2EKO)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
and APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
to the user DESKTOP-O8A2EKO\KBen SID (S-1-5-21-4169369895-2292233020-3573544003-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
==================== Memory info ===========================
Processor: Intel® Core™ i7-6500U CPU @ 2.50GHz
Percentage of memory in use: 33%
Total physical RAM: 16275.82 MB
Available physical RAM: 10821.71 MB
Total Virtual: 18707.82 MB
Available Virtual: 12336.77 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:1848.78 GB) (Free:1716.57 GB) NTFS
\\?\Volume{917e8194-70b2-42bd-bd7c-b170ba134d78}\ () (Fixed) (Total:0.84 GB) (Free:0.45 GB) NTFS
\\?\Volume{79049588-dba9-4c83-be42-a01776ed46db}\ (Image) (Fixed) (Total:12.78 GB) (Free:0.92 GB) NTFS
\\?\Volume{67692ed4-4711-4932-9712-3240e2999db2}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.45 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 61408B0D)
Partition: GPT.
==================== End of Addition.txt ============================
#65
Posted 19 January 2019 - 08:27 PM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
FRST says your Path is wrong. Control Panel, System, Advanced System Settings, Environment. In the bottom pane, scroll down until you see Path. Click on it then Edit. The first four entries should be the same as in the following picture.
It appears that you have two intel entries that come before the 4 core entries. If that is really the case then click on the first one then Move Down until it is either at the bottom or at least below the 4 core entries. Repeat for the second intel entry. Then OK.
FRST no longer shows the Avast browser as an installed program but there is a browser update entry. It's a service (search for services.msc and hit Entry) called Avast. Appears to be called %1!s! Update Service (avast) right click and select Properties then change the Startup Type to Disabled. OK
Repeat for:
%1!s! Update Service (avastm)
Close the services window.
Now search for
task scheduler
hit Enter.
Click on Task Scheduler Library. In the next pane see if you can find:
Task: {D3526ADC-380F-4689-B5D5-D0859365B6A7} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-09-08] (AVAST Software)
It may call itself {D3526ADC-380F-4689-B5D5-D0859365B6A7} or AvastUpdateTaskMachineCore. Right click on the entry and Disable. OK
We are still getting the WpnUserService errors. If you go into service.msc again and scroll down you will find two
Windows Push Notifications services. The first one should be set to Automatic and should be running. The second one (Users Service with a number after it) - try right click and select Propeties then change the Startup Type to Disabled. OK. That's the way mine is set up and I don't see any errors.
#66
Posted 24 January 2019 - 09:10 PM
Win10Enthusiast
- Topic Starter
-
- Member
-
- 50 posts
Member
I was able to carry out everything you asked, except for this:
Those below, I was not able to find.
In the next pane see if you can find:
Task: {D3526ADC-380F-4689-B5D5-D0859365B6A7} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-09-08] (AVAST Software)
It may call itself {D3526ADC-380F-4689-B5D5-D0859365B6A7} or AvastUpdateTaskMachineCore.
Would you like another FRST log?
#67
Posted 25 January 2019 - 07:12 AM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
OK but first clear the old errors:
To Clear the logs:
Copy the next line:
FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Then open an elevated command prompt:
http://www.howtogeek...-in-windows-10/
Right click in the Command Window and Paste (or Edit then Paste) and the copied line should appear. Hit Enter.
When the prompt returns, reboot.
Then run a new FRST scan with Addition.txt checeked and post both logs
#68
Posted 30 January 2019 - 07:43 PM
Win10Enthusiast
- Topic Starter
-
- Member
-
- 50 posts
Member
Hello RKinner. I hope you are having a nice New Year. Thank you very much for all the work you do for me. It is very much appreciated.
Here are the FRST scans.
FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30.01.2019
Ran by KBen (administrator) on DESKTOP-O8A2EKO (30-01-2019 19:38:00)
Running from C:\Users\kebli\Desktop
Loaded Profiles: KBen (Available Profiles: KBen)
Platform: Windows 10 Home Version 1803 17134.523 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\DriverStore\FileRepository\c0320070.inf_amd64_836aef5d167483e2\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxCUIService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\IntelCpHDCPSvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(CloudBees, Inc.) C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\IntelCpHeciSvc.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RNDBWM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxEM.exe
(CyberLink) C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe
(Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSATray.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDExtHost.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDAppHost.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDRuntimeHost.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDSurrogateHost.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1466\DSAPI.exe
(Dell Inc.) C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1466\pcdrwi.exe
(DELL) C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe
(Dell Inc.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dell) C:\Program Files\Dell\Dell Product Registration\PRSvc.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\atiw.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe\HxAccounts.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\kebli\Desktop\FRST64 (1).exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8848640 2016-02-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1419008 2016-02-05] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-19] (AVAST Software)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [718256 2015-12-22] (Waves Audio Ltd.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [322120 2017-04-19] (Intel Corporation)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2369240 2015-10-20] (Microsoft Corp.)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [126200 2019-01-24] (Intel)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-19] (AVAST Software)
HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-01-10] (Piriform Software Ltd)
HKU\S-1-5-18\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-01-10] (Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-17] (Google Inc.)
GroupPolicy: Restriction - Chrome <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.63 209.18.47.61
Tcpip\..\Interfaces\{cbdb64e4-631a-4bcb-bfd3-3b89faa0d84a}: [DhcpNameServer] 209.18.47.63 209.18.47.61
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell15.msn.com/?pc=DCTE
FireFox:
========
FF DefaultProfile: bs6lengf.default
FF ProfilePath: C:\Users\kebli\AppData\Roaming\Mozilla\Firefox\Profiles\bs6lengf.default [2019-01-30]
FF Homepage: Mozilla\Firefox\Profiles\bs6lengf.default -> |hxxps://www.yahoo.com/
FF Extension: (Avast SafePrice) - C:\Users\kebli\AppData\Roaming\Mozilla\Firefox\Profiles\bs6lengf.default\Extensions\[email protected] [2018-04-14]
FF Extension: (Avast Online Security) - C:\Users\kebli\AppData\Roaming\Mozilla\Firefox\Profiles\bs6lengf.default\Extensions\[email protected] [2018-08-02]
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-4169369895-2292233020-3573544003-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\kebli\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-01-22] (Unity Technologies ApS)
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR Profile: C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default [2019-01-30]
CHR Extension: (Slides) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Docs) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-31]
CHR Extension: (YouTube) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-31]
CHR Extension: (Google Search) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-12-20]
CHR Extension: (Sheets) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Supernova) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegpgpjbmbggplclldecdbpcmopmlbll [2015-11-02]
CHR Extension: (Google Docs Offline) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-26]
CHR Extension: (Avast Online Security) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-10-03]
CHR Extension: (Yahoo Partner) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcjjaajflhellmcfcecojihhmdbjmmlm [2018-06-07]
CHR Extension: (Oberlo - Aliexpress.com Product Importer) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmanipjnbjnhoicdnooapcnfonebefel [2019-01-25]
CHR Extension: (Instapaper) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldjkgaaoikpmhmkelcgkgacicjfbofhh [2018-12-10]
CHR Extension: (WeatherBug) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkkjobcechefaoknodniidfjapgfoco [2015-12-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Gmail) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-31]
CHR Extension: (Chrome Media Router) - C:\Users\kebli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-06]
CHR HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hcjjaajflhellmcfcecojihhmdbjmmlm] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0320070.inf_amd64_836aef5d167483e2\atiesrxx.exe [472456 2017-10-27] (AMD)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-19] (AVAST Software)
S4 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-09-08] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-19] (AVAST Software)
S4 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-09-08] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-01-19] (AVAST Software)
S2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173784 2015-10-20] (Microsoft Corp.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209392 2018-10-22] (Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3347440 2018-10-22] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218096 2018-10-22] (Dell Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2017-09-19] (Dell Inc.)
R2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [97616 2017-01-11] (Dell)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1466\DSAPI.exe [1035072 2019-01-10] (PC-Doctor, Inc.)
R2 Dell Help & Support; C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe [40976 2017-09-18] (Dell Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [124568 2018-04-20] (Dell Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237016 2018-03-27] (Dell Inc.)
R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [23288 2019-01-24] (Intel)
R2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [937208 2018-12-19] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [18504 2017-04-19] (Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [529256 2018-12-07] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [742704 2017-10-11] (Intel® Corporation)
R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S3 Intel® SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel Corporation)
S2 Intel® TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [668472 2017-10-11] (Intel® Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [213648 2017-11-09] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [310880 2018-12-05] ()
R2 Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [47144 2017-04-06] (Dell)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2014-04-14] ()
R2 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64184 2018-12-04] (CloudBees, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [310016 2016-02-05] (Realtek Semiconductor)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2114248 2018-12-04] (Rivet Networks)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39384 2018-12-12] (Dell Inc.)
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [195832 2018-12-19] ()
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [937208 2018-12-19] ()
R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [613296 2015-12-22] (Waves Audio Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-11] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4102752 2018-12-05] (Intel® Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0320070.inf_amd64_836aef5d167483e2\atikmdag.sys [40033672 2017-10-27] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0320070.inf_amd64_836aef5d167483e2\atikmpag.sys [536456 2017-10-27] (Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37304 2019-01-19] (AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [203488 2019-01-19] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [223056 2019-01-28] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196264 2019-01-19] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320888 2019-01-19] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [58160 2019-01-19] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-19] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [239808 2019-01-19] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46584 2019-01-19] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42488 2019-01-19] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [166792 2019-01-28] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111992 2019-01-19] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88144 2019-01-19] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034056 2019-01-19] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474648 2019-01-19] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [218056 2019-01-19] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380144 2019-01-19] (AVAST Software)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [269408 2018-02-21] (Bluestack System Inc. )
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [36400 2018-10-20] (Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-02-10] (Dell Computer Corporation)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [19440 2015-05-08] (OSR Open Systems Resources, Inc.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [147128 2018-12-07] (Intel Corporation)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3587232 2018-12-07] (Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402136 2015-05-27] (Realsil Semiconductor Corporation)
R3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [43008 2018-12-19] ()
R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [120008 2018-12-04] (Rivet Networks, LLC.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-11] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-11] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-11] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-01-30 19:38 - 2019-01-30 19:38 - 000025580 _____ C:\Users\kebli\Desktop\FRST.txt
2019-01-30 19:37 - 2019-01-30 19:37 - 002428928 _____ (Farbar) C:\Users\kebli\Desktop\FRST64 (1).exe
2019-01-30 18:27 - 2019-01-30 18:27 - 000000000 ___HD C:\OneDriveTemp
2019-01-29 15:01 - 2019-01-29 15:04 - 000000885 _____ C:\Users\kebli\Documents\Module 8 Lesson 2 Choosing the Perfect Hosting Company.txt
2019-01-29 14:52 - 2019-01-30 01:43 - 000000000 ____D C:\Users\kebli\Desktop\TeachingSells Module 8 How To Build Your Membership Site
2019-01-28 19:07 - 2019-01-28 19:07 - 000223056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-01-28 19:07 - 2019-01-28 19:07 - 000166792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-01-28 19:06 - 2019-01-29 10:40 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-01-28 19:05 - 2019-01-19 11:07 - 000474648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-01-28 19:05 - 2019-01-19 11:07 - 000380144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-01-28 19:05 - 2019-01-19 11:07 - 000239808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-01-28 19:05 - 2019-01-19 11:07 - 000218056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-01-28 19:05 - 2019-01-19 11:07 - 000203488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-01-28 19:05 - 2019-01-19 11:07 - 000111992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-01-28 19:05 - 2019-01-19 11:07 - 000088144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-01-28 19:05 - 2019-01-19 11:07 - 000046584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2019-01-28 19:05 - 2019-01-19 11:07 - 000015488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2019-01-28 19:05 - 2019-01-19 11:06 - 001034056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-01-28 19:05 - 2019-01-19 11:06 - 000320888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
2019-01-28 19:05 - 2019-01-19 11:06 - 000196264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-01-28 19:05 - 2019-01-19 11:06 - 000058160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-01-28 19:05 - 2019-01-19 11:06 - 000042488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-01-28 19:05 - 2019-01-19 11:06 - 000037304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-01-28 19:03 - 2019-01-19 11:06 - 000361352 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-01-28 19:02 - 2019-01-30 01:15 - 000003042 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2019-01-28 18:56 - 2019-01-28 18:56 - 000286168 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-01-28 18:53 - 2019-01-28 18:53 - 000000000 ____D C:\Program Files\Common Files\Intel
2019-01-28 18:47 - 2019-01-28 18:47 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2019-01-28 18:41 - 2019-01-28 23:34 - 000000000 ____D C:\Program Files (x86)\Intel Driver and Support Assistant
2019-01-28 18:41 - 2019-01-28 18:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver and Support Assistant
2019-01-28 18:40 - 2019-01-30 01:15 - 000002970 _____ C:\WINDOWS\System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2019-01-28 18:40 - 2019-01-30 01:15 - 000002678 _____ C:\WINDOWS\System32\Tasks\USER_ESRV_SVC_QUEENCREEK
2019-01-28 18:40 - 2019-01-30 01:15 - 000002604 _____ C:\WINDOWS\System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2019-01-25 00:28 - 2019-01-29 14:50 - 000000000 ____D C:\Users\kebli\Desktop\TeachingSells Dashboard
2019-01-19 17:08 - 2019-01-30 19:37 - 000000000 ____D C:\Users\kebli\Desktop\FRST-OlderVersion
2019-01-18 12:41 - 2019-01-30 18:20 - 000000664 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-4169369895-2292233020-3573544003-1001.job
2019-01-18 12:41 - 2019-01-30 18:20 - 000000568 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-4169369895-2292233020-3573544003-1001.job
2019-01-17 16:47 - 2019-01-17 16:47 - 000000000 ____D C:\Users\kebli\AppData\Local\GoTo Opener
2019-01-17 11:43 - 2019-01-30 01:15 - 000003194 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-01-16 01:46 - 2019-01-30 01:15 - 000002860 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4169369895-2292233020-3573544003-1001
2019-01-16 01:46 - 2019-01-16 01:46 - 000002369 _____ C:\Users\kebli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-01-10 17:58 - 2019-01-10 17:58 - 000000000 ____D C:\Users\kebli\AppData\Local\Dell Inc
2019-01-10 14:19 - 2019-01-01 07:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-10 14:19 - 2019-01-01 07:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-10 14:19 - 2019-01-01 01:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-10 14:19 - 2019-01-01 01:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-10 14:19 - 2019-01-01 01:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-01-10 14:19 - 2019-01-01 01:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-10 14:19 - 2019-01-01 01:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-10 14:19 - 2019-01-01 01:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-10 14:19 - 2019-01-01 01:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-10 14:19 - 2019-01-01 01:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-10 14:19 - 2019-01-01 01:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-10 14:19 - 2019-01-01 01:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-10 14:19 - 2019-01-01 01:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-10 14:19 - 2019-01-01 01:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-10 14:19 - 2019-01-01 01:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-10 14:19 - 2019-01-01 00:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-10 14:19 - 2019-01-01 00:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-10 14:19 - 2019-01-01 00:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-10 14:19 - 2019-01-01 00:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-01-10 14:19 - 2019-01-01 00:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-10 14:19 - 2019-01-01 00:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-10 14:19 - 2019-01-01 00:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-01-10 14:19 - 2019-01-01 00:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-10 14:19 - 2019-01-01 00:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-10 14:19 - 2019-01-01 00:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-10 14:19 - 2019-01-01 00:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-10 14:19 - 2019-01-01 00:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-10 14:19 - 2019-01-01 00:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-10 14:19 - 2019-01-01 00:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-10 14:19 - 2019-01-01 00:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-10 14:19 - 2019-01-01 00:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-10 14:19 - 2019-01-01 00:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-10 14:19 - 2019-01-01 00:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-10 14:19 - 2019-01-01 00:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-01-10 14:19 - 2019-01-01 00:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-10 14:19 - 2019-01-01 00:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-10 14:18 - 2019-01-01 07:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-01-10 14:18 - 2019-01-01 07:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-01-10 14:18 - 2019-01-01 07:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-01-10 14:18 - 2019-01-01 07:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-01-10 14:18 - 2019-01-01 07:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-10 14:18 - 2019-01-01 07:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
2019-01-10 14:18 - 2019-01-01 07:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2019-01-10 14:18 - 2019-01-01 07:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2019-01-10 14:18 - 2019-01-01 01:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-01-10 14:18 - 2019-01-01 01:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-01-10 14:18 - 2019-01-01 01:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-01-10 14:18 - 2019-01-01 01:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-10 14:18 - 2019-01-01 01:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-10 14:18 - 2019-01-01 01:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-10 14:18 - 2019-01-01 01:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-10 14:18 - 2019-01-01 00:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-10 14:18 - 2019-01-01 00:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-01-10 14:18 - 2019-01-01 00:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-10 14:18 - 2019-01-01 00:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-10 14:18 - 2019-01-01 00:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-01-10 14:18 - 2019-01-01 00:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-10 14:18 - 2019-01-01 00:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-10 14:18 - 2019-01-01 00:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-01-10 14:18 - 2019-01-01 00:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-10 14:18 - 2019-01-01 00:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-01-10 14:18 - 2019-01-01 00:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-10 14:18 - 2019-01-01 00:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-10 14:18 - 2019-01-01 00:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-10 14:18 - 2019-01-01 00:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-10 14:18 - 2019-01-01 00:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-10 14:18 - 2019-01-01 00:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-01-10 14:18 - 2019-01-01 00:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-01-10 14:18 - 2019-01-01 00:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-10 14:18 - 2019-01-01 00:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-10 14:18 - 2019-01-01 00:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-10 14:18 - 2019-01-01 00:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-01-10 14:18 - 2019-01-01 00:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-01-10 14:18 - 2019-01-01 00:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-01-10 14:18 - 2019-01-01 00:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-01-10 14:18 - 2019-01-01 00:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-10 14:18 - 2019-01-01 00:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-01-10 14:18 - 2019-01-01 00:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-10 14:18 - 2019-01-01 00:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-10 14:18 - 2019-01-01 00:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-10 14:18 - 2019-01-01 00:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-01-10 14:18 - 2019-01-01 00:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-01-10 14:18 - 2019-01-01 00:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-10 14:18 - 2019-01-01 00:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-10 14:18 - 2019-01-01 00:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2019-01-10 14:18 - 2018-12-31 23:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-01-10 14:18 - 2018-12-18 22:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-09 00:04 - 2018-09-19 22:12 - 001483576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-01-08 23:12 - 2019-01-08 23:12 - 000000000 ____D C:\Users\kebli\AppData\LocalLow\Temp
2019-01-08 13:17 - 2019-01-02 13:41 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-01-08 13:17 - 2019-01-02 13:41 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-05 23:02 - 2019-01-05 23:02 - 000000000 ____D C:\Users\kebli\Downloads\SupportAssistAgent
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-01-30 19:38 - 2015-11-23 15:23 - 000000000 ____D C:\FRST
2019-01-30 19:35 - 2018-08-04 00:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-01-30 19:35 - 2018-04-11 17:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-30 18:27 - 2015-10-30 21:54 - 000000000 ___RD C:\Users\kebli\OneDrive
2019-01-30 18:26 - 2018-12-14 12:44 - 000000000 ____D C:\Users\kebli\Desktop\Pics Dec152018
2019-01-30 18:26 - 2018-04-11 17:36 - 000000000 ____D C:\WINDOWS\INF
2019-01-30 18:24 - 2018-08-02 22:59 - 000000000 ____D C:\Users\kebli\AppData\Local\AVAST Software
2019-01-30 18:23 - 2015-11-01 00:26 - 000002217 _____ C:\Users\kebli\Desktop\ScreenHunter 6.0 Free.lnk
2019-01-30 18:20 - 2018-08-04 01:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-30 18:19 - 2018-04-11 15:04 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2019-01-30 17:49 - 2018-08-04 01:20 - 000004168 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8E32CCF5-6C3B-4761-B98F-5E7BA2CFD104}
2019-01-30 01:53 - 2018-12-14 12:43 - 000000000 ____D C:\Users\kebli\Desktop\KBL1
2019-01-30 01:31 - 2018-12-16 18:43 - 000000000 ____D C:\Users\kebli\Desktop\Get Ready For Digital Commerce Academy
2019-01-30 01:21 - 2018-12-09 13:04 - 000000000 ____D C:\Users\kebli\AppData\Local\D3DSCache
2019-01-30 01:15 - 2018-12-21 00:12 - 000002258 _____ C:\WINDOWS\System32\Tasks\SmartByte Telemetry
2019-01-30 01:15 - 2018-12-20 23:43 - 000002146 _____ C:\WINDOWS\System32\Tasks\StartCN
2019-01-30 01:15 - 2018-12-14 00:40 - 000002590 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2019-01-30 01:15 - 2018-12-13 23:51 - 000003008 _____ C:\WINDOWS\System32\Tasks\Tweaking.com - Windows Repair Tray Icon
2019-01-30 01:15 - 2018-12-10 18:22 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-01-30 01:15 - 2018-12-10 18:22 - 000003122 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-01-30 01:15 - 2018-09-10 00:22 - 000000000 ____D C:\Users\kebli\AppData\Local\CrashDumps
2019-01-30 01:15 - 2018-08-04 01:20 - 000003764 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-01-30 01:15 - 2018-08-04 01:20 - 000003446 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-01-30 01:15 - 2018-08-04 01:20 - 000003298 _____ C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2019-01-30 01:15 - 2018-08-04 01:20 - 000003262 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-4169369895-2292233020-3573544003-1001
2019-01-30 01:15 - 2018-08-04 01:20 - 000003166 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-4169369895-2292233020-3573544003-1001
2019-01-30 01:15 - 2018-08-04 01:20 - 000003118 _____ C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification
2019-01-30 01:15 - 2018-08-04 01:20 - 000002528 _____ C:\WINDOWS\System32\Tasks\CLVDLauncher
2019-01-30 01:15 - 2018-08-04 01:20 - 000002528 _____ C:\WINDOWS\System32\Tasks\CLMLSvc_P2G8
2019-01-30 01:15 - 2018-08-04 01:20 - 000002304 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_PushButton
2019-01-30 01:15 - 2018-08-04 01:20 - 000002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-01-30 01:15 - 2018-08-04 01:20 - 000002172 _____ C:\WINDOWS\System32\Tasks\DropboxOEM
2019-01-30 01:15 - 2018-08-04 01:20 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-01-29 20:01 - 2018-04-11 17:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-29 20:01 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-01-29 17:27 - 2018-08-04 00:56 - 000000000 ____D C:\Users\kebli
2019-01-29 14:34 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-01-28 19:07 - 2018-12-13 21:59 - 000002078 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-01-28 19:07 - 2018-06-10 20:57 - 000002090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2019-01-28 19:03 - 2018-04-11 17:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-01-28 18:53 - 2018-08-04 01:09 - 000775884 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-01-28 18:53 - 2017-10-08 09:38 - 000000000 ____D C:\Program Files (x86)\Intel
2019-01-28 18:53 - 2016-03-26 13:00 - 000000000 ____D C:\ProgramData\Intel
2019-01-28 18:53 - 2015-09-18 05:11 - 000000000 ____D C:\ProgramData\Package Cache
2019-01-28 18:49 - 2017-10-08 09:38 - 000000000 ____D C:\Program Files\Intel
2019-01-28 18:43 - 2018-12-23 11:37 - 000000000 ____D C:\Users\kebli\Downloads\Intel Driver and Support Assistant
2019-01-27 22:44 - 2018-08-04 01:26 - 000000000 ____D C:\ProgramData\Packages
2019-01-22 12:40 - 2017-09-15 03:08 - 000000259 _____ C:\WINDOWS\SysWOW64\SmartFlow.txt
2019-01-19 00:08 - 2017-09-29 05:23 - 000000000 ____D C:\Program Files\rempl
2019-01-18 18:27 - 2017-08-14 23:53 - 000000000 ____D C:\Users\kebli\AppData\Local\GoToMeeting
2019-01-18 10:32 - 2015-12-05 22:50 - 000000000 ____D C:\Program Files\CCleaner
2019-01-17 16:47 - 2016-01-08 10:57 - 000000000 ____D C:\Users\kebli\AppData\Local\Citrix
2019-01-11 18:01 - 2015-09-18 05:26 - 000000000 ____D C:\ProgramData\PCDr
2019-01-10 18:03 - 2015-09-18 05:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2019-01-10 17:58 - 2017-07-23 12:26 - 000000000 ____D C:\ProgramData\SupportAssist
2019-01-10 17:35 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-01-10 17:35 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-01-10 14:27 - 2018-04-11 17:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-08 14:38 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-01-08 14:38 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-01-08 13:21 - 2015-10-31 00:04 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-08 13:18 - 2015-10-31 00:04 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-03 11:55 - 2018-12-17 14:02 - 000000000 ____D C:\Users\kebli\AppData\Local\PlaceholderTileLogoFolder
2019-01-03 11:55 - 2018-01-16 06:02 - 000000000 ____D C:\Users\kebli\AppData\Local\Packages
2019-01-03 11:50 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
==================== Files in the root of some directories =======
2015-11-02 19:34 - 2015-11-02 19:34 - 000007679 _____ () C:\Users\kebli\AppData\Local\Resmon.ResmonCfg
2018-04-29 00:09 - 2018-04-29 00:09 - 000000000 _____ () C:\Users\kebli\AppData\Local\{062078D9-1EAA-4A27-95D5-40AB4E70E42C}
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-08-04 00:49
==================== End of FRST.txt ============================
Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30.01.2019
Ran by KBen (30-01-2019 19:39:33)
Running from C:\Users\kebli\Desktop
Windows 10 Home Version 1803 17134.523 (X64) (2018-08-04 07:22:55)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4169369895-2292233020-3573544003-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4169369895-2292233020-3573544003-503 - Limited - Disabled)
Guest (S-1-5-21-4169369895-2292233020-3573544003-501 - Limited - Disabled)
KBen (S-1-5-21-4169369895-2292233020-3573544003-1001 - Administrator - Enabled) => C:\Users\kebli
KBenEbberly (S-1-5-21-4169369895-2292233020-3573544003-1006 - Administrator - Enabled)
WDAGUtilityAccount (S-1-5-21-4169369895-2292233020-3573544003-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
. . (HKLM\...\{C9E0C9E5-FC47-4032-A58E-3C058A42D131}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{411D9283-B606-4612-80F8-8C9716EA229B}) (Version: 19.1.4.4 - Intel) Hidden
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\Amazon Kindle) (Version: 1.15.0.43061 - Amazon)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 17.7 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.154.333 - AVAST Software) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bing Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.478.0 - Microsoft Corporation)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 3.56.74.1828 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 12 - CyberLink Corp.)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Dell Customer Connect (HKLM-x32\...\{04A41EBC-AB30-4574-A14D-E0CDFE31AB70}) (Version: 1.5.1.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{AB7F2792-2ED1-4C5C-9F28-680E5110BF72}) (Version: 3.1.1018.0 - Dell Products, LP)
Dell Foundation Services (HKLM\...\{B1714996-891A-43D2-8B83-CCFB2EC53978}) (Version: 2.3.3800.0 - Dell Inc.)
Dell Foundation Services (HKLM\...\{BDB50421-E961-42F3-B803-6DAC6F173834}) (Version: 3.4.16100.0 - Dell Inc.)
Dell Help & Support (HKLM\...\{457EFE69-8F49-43E0-80F9-1DEF4F7690C2}) (Version: 2.5.23.0 - Dell Inc.) Hidden
Dell Help & Support (HKLM-x32\...\InstallShield_{457EFE69-8F49-43E0-80F9-1DEF4F7690C2}) (Version: 2.5.23.0 - Dell Inc.)
Dell Product Registration (HKLM-x32\...\InstallShield_{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\{E98E94E2-12D1-48E5-AC69-2C312F466136}) (Version: 3.1.0.142 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{2B2C47D2-F037-4C03-B599-07D7AFE8DD54}) (Version: 3.3.0.4943 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{8ce1a5ae-856e-4b8e-a0e8-27dd7a209276}) (Version: 3.3.0.4943 - Dell Inc.)
Dell Update - SupportAssist Update Plugin (HKLM\...\{6DE68941-66DE-48DE-9C80-FE60C9DE0AD4}) (Version: 4.0.1.5857 - Dell Inc.) Hidden
Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{1dbe752f-b00e-4567-9276-141812b20d28}) (Version: 4.0.1.5857 - Dell Inc.)
Dell Update (HKLM-x32\...\{D8AE5F9D-647C-49B4-A666-1C20B44EC0E1}) (Version: 2.1.3.0 - Dell Inc.)
Dropbox 20 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.0 - Dropbox, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
GoTo Opener (HKLM-x32\...\{D144D2C2-4F96-48B7-BB2A-E9185050B619}) (Version: 1.0.491 - LogMeIn, Inc.)
GoToMeeting 8.39.1.11584 (HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\GoToMeeting) (Version: 8.39.1.11584 - LogMeIn, Inc.)
Intel® Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel® Corporation) Hidden
Intel® Computing Improvement Program (HKLM\...\{D40D4164-EEDB-4F0F-85C6-2058A9E34CC7}) (Version: 2.4.04370 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4590 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.16.1063 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{246c6cc0-9810-4728-9a29-28474de2eec5}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel® Wireless Bluetooth® (HKLM-x32\...\{00000110-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.110.0.3 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{0cd7e1f9-3f68-47e1-9ef9-206a7069e6ca}) (Version: 19.1.4.4 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{6aa2484c-1a35-428e-a857-8ee0a874d2d1}) (Version: 20.110.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.8006.3 - Waves Audio Ltd.) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\OneDriveSetup.exe) (Version: 18.240.1202.0004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
Mozilla Firefox 61.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 61.0.1 (x86 en-US)) (Version: 61.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2 - Mozilla)
OEM Application Profile (HKLM-x32\...\{12C2AEB0-ED60-4CCF-DD83-C65BC7CCFB50}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
OpenOffice 4.1.2 (HKLM-x32\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)
PDF-XChange Editor (HKLM\...\{3D1987D7-5A88-4DDA-9D29-6977AE2BDBD0}) (Version: 5.5.316.1 - Tracker Software Products (Canada) Ltd.)
PDF-XChange Editor (HKLM-x32\...\{3475c0cd-7dee-4863-ac1d-57cb530ee125}) (Version: 5.5.315.0 - Tracker Software Products (Canada) Ltd.)
Product Registration (HKLM\...\{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Dell Inc.) Hidden
PX Profile Update (HKLM-x32\...\{0D5E5C9A-84C2-D3E9-30EE-1836BA479E0E}) (Version: 1.00.1. - AMD) Hidden
PX Profile Update (HKLM-x32\...\{6551EEEC-4938-70FF-77EB-E83D1E3E88C8}) (Version: 1.00.1. - AMD) Hidden
PX Profile Update (HKLM-x32\...\{95145542-659F-1C89-B424-518BBC7F7556}) (Version: 1.00.1. - AMD) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7737 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revo Uninstaller Pro 3.1.4 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.4 - VS Revo Group, Ltd.)
SmartByte Drivers and Services (HKLM\...\{01F01829-4C5A-41B0-8198-0BDD02B34C47}) (Version: 2.0.643 - Rivet Networks)
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
SpywareBlaster 5.5 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.5.0 - BrightFort LLC)
System Requirements Lab Detection (HKLM-x32\...\{4610FE53-898B-43AE-9F05-6262FB165BFF}) (Version: 6.1.6.0 - Husdawg, LLC)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 4.4.0 - Tweaking.com)
Unity Web Player (HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\UnityWebPlayer) (Version: 5.3.2f1 - Unity Technologies ApS)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Wisdom-soft ScreenHunter 6.0 Free (HKLM-x32\...\Wisdom-soft ScreenHunter 6.0 Free) (Version: - Wisdom Software Inc.)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\kebli\AppData\Local\GoToMeeting\11282\G2MOutlookAddin64.dll (LogMeIn, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-19] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-19] (AVAST Software)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-05-07] (Cyberlink)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-05-07] (Cyberlink)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-19] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-01] (Piriform Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-10-26] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxDTCM.dll [2018-03-22] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-19] (AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-01] (Piriform Ltd)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2012-12-29] (VS Revo Group)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {000B1C89-7735-4CCD-BA1D-66EE33C841DE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2019-01-10] (Piriform Software Ltd)
Task: {0176B90D-7670-48E5-B03F-EC2404C53E1B} - System32\Tasks\G2MUploadTask-S-1-5-21-4169369895-2292233020-3573544003-1001 => C:\Users\kebli\AppData\Local\GoToMeeting\11584\g2mupload.exe [2019-01-18] (LogMeIn, Inc.)
Task: {0C21F844-69B2-4064-8B4B-43EA2771B535} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2015-05-29] ()
Task: {14F0A37B-4697-4FF4-B1E8-E3BF48519126} - System32\Tasks\G2MUpdateTask-S-1-5-21-4169369895-2292233020-3573544003-1001 => C:\Users\kebli\AppData\Local\GoToMeeting\11584\g2mupdate.exe [2019-01-18] (LogMeIn, Inc.)
Task: {2065C0F3-4FCD-4147-A701-6299B5FFC583} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2017-05-02] (Tweaking.com)
Task: {379FF41C-724E-484C-80B0-816552DC45FE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2019-01-10] (Piriform Ltd)
Task: {4ECE522E-991C-49D0-9E76-639BEECFD3C7} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [2018-12-04] (DELL)
Task: {5EB2329D-A9AC-47A9-8B12-FBB089041235} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2017-10-11] (Intel® Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {6FD6589C-E586-485A-AD2B-599679DA33CD} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13] (Intel Corporation)
Task: {7A763B7B-62F0-4236-A117-323B69026058} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-12-10] (Google Inc.)
Task: {7AB9AF15-DDD2-42A5-9081-81F209F0F841} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-02-05] (Realtek Semiconductor)
Task: {81D84FBA-E575-497A-924B-6C521478A2AC} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2019-01-18] (AVAST Software)
Task: {875F5410-5C87-45CE-83DB-1F20D4F543D4} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe
Task: {8AA65B27-46A5-4A8D-A718-4996ADE6236A} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-08] (Adobe Systems Incorporated)
Task: {9CC53BFD-1961-4B11-BB51-E0AAB5471C4C} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13] (Intel Corporation)
Task: {9D89E7D5-A194-4FE5-BDBA-2440FB4CDCC8} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLVDLauncher.exe [2015-01-28] (CyberLink Corp.)
Task: {A3ABC667-4B93-439F-A425-87FF506C71D9} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-09-08] (AVAST Software)
Task: {C0A1125D-9966-4758-B2B4-6DB986483CBA} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_pepper.exe [2019-01-08] (Adobe Systems Incorporated)
Task: {C0CB6929-A415-4B65-995E-3179DC9B4FA6} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe [2015-05-07] (CyberLink)
Task: {C152674A-F98C-4153-85F6-1634F79388D4} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {CD86EA63-2340-4F17-9C63-F1426DF0666E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {D2E46815-ABBB-4697-942A-FC76C45738CE} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {D3526ADC-380F-4689-B5D5-D0859365B6A7} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-09-08] (AVAST Software)
Task: {DA2208D6-DC4D-4EC3-8553-E6B8613D903D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-01-19] (AVAST Software)
Task: {E760FA32-9B3C-4385-BAF0-214A19FAE5CD} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-10-26] (Advanced Micro Devices, Inc.)
Task: {ECC12274-BB53-4C38-8716-9D7A8EF92C4C} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [2018-12-12] (Dell Inc.)
Task: {F0CCBE85-BC49-464D-9B39-A5C377E658B8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-12-10] (Google Inc.)
Task: {F242CC28-38C9-4C66-8228-F41F028F7BE1} - System32\Tasks\S-1-5-21-4169369895-2292233020-3573544003-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-12-08] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-4169369895-2292233020-3573544003-1001.job => C:\Users\kebli\AppData\Local\GoToMeeting\11584\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-4169369895-2292233020-3573544003-1001.job => C:\Users\kebli\AppData\Local\GoToMeeting\11584\g2mupload.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-09-18 05:10 - 2014-04-14 19:59 - 000253776 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2018-12-19 19:01 - 2018-12-19 19:01 - 000195832 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
2018-04-11 17:34 - 2018-04-11 17:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-11 17:34 - 2018-04-11 17:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-11 22:31 - 2018-11-08 20:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2019-01-10 14:18 - 2019-01-01 00:42 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-10-15 17:47 - 2018-10-15 17:48 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2019-01-29 17:42 - 2019-01-29 17:42 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2019-01-29 17:42 - 2019-01-29 17:43 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll
2019-01-29 17:42 - 2019-01-29 17:42 - 011029504 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\LibWrapper.dll
2019-01-29 17:42 - 2019-01-29 17:43 - 002923520 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\skypert.dll
2019-01-29 17:42 - 2019-01-29 17:43 - 000688128 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-12-14 15:14 - 2018-12-14 15:15 - 002384384 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\Processing.NDI.Lib.UWP.x64.dll
2018-08-02 12:43 - 2018-08-02 12:44 - 001922224 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2019-01-29 17:42 - 2019-01-29 17:43 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2019-01-22 14:24 - 2019-01-22 14:24 - 028012544 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Video.UI.exe
2019-01-22 14:24 - 2019-01-22 14:24 - 000305152 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-01-15 21:29 - 2018-01-15 21:30 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-11-28 23:19 - 2018-11-28 23:19 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-22 14:24 - 2019-01-22 14:24 - 006187520 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\EntCommon.dll
2019-01-22 14:24 - 2019-01-22 14:24 - 009388544 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\EntPlat.dll
2017-06-05 04:33 - 2017-06-05 04:33 - 000015360 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2017-06-05 04:33 - 2017-06-05 04:33 - 002519040 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2019-01-19 11:07 - 2019-01-19 11:07 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2019-01-19 11:06 - 2019-01-19 11:06 - 000667016 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2019-01-02 04:28 - 2019-01-02 04:28 - 000059376 _____ () C:\Program Files\CCleaner\branding.dll
2018-12-19 19:01 - 2018-12-19 19:01 - 000937208 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
2018-12-19 19:01 - 2018-12-19 19:01 - 002329336 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_modeler.dll
2018-12-19 19:01 - 2018-12-19 19:01 - 000282360 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\pl_agent_lib.dll
2018-12-19 19:01 - 2018-12-19 19:01 - 000578296 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_acpi_battery_input.dll
2018-12-19 19:01 - 2018-12-19 19:01 - 000616696 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_wifi_input.dll
2018-12-19 19:01 - 2018-12-19 19:01 - 000267000 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\devices_use_input.dll
2018-12-19 19:01 - 2018-12-19 19:01 - 000323832 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_system_power_state_input.dll
2018-12-19 19:01 - 2018-12-19 19:01 - 000978680 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_os_input.dll
2018-12-19 19:01 - 2018-12-19 19:01 - 000243960 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_winstat_input.dll
2018-12-19 19:01 - 2018-12-19 19:01 - 000750840 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_upnp_input.dll
2018-12-19 19:01 - 2018-12-19 19:01 - 000411384 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_process_input.dll
2018-12-19 19:01 - 2018-12-19 19:01 - 000558840 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_sgx_input.dll
2018-12-19 19:01 - 2018-12-19 19:01 - 000665336 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_sampler_input.dll
2018-12-19 19:01 - 2018-12-19 19:01 - 000853240 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_hw_input.dll
2018-12-19 19:01 - 2018-12-19 19:01 - 000636152 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_fps_input.dll
2018-12-19 19:01 - 2018-12-19 19:01 - 000303864 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_heartbeat_input.dll
2018-12-19 19:01 - 2018-12-19 19:01 - 000778488 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\sql_logger.dll
2018-12-19 19:01 - 2018-12-19 19:01 - 000863480 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
2018-12-19 19:01 - 2018-12-19 19:01 - 000312568 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_user_waiting_input.dll
2018-12-19 19:01 - 2018-12-19 19:01 - 000555768 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_events_input.dll
2018-12-19 19:01 - 2018-12-19 19:01 - 000636152 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_foreground_window_input.dll
2019-01-10 18:03 - 2019-01-10 18:03 - 002587968 _____ () C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1466\libprotobuf.dll
2018-12-17 19:28 - 2018-12-11 23:11 - 005237216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libglesv2.dll
2018-12-17 19:28 - 2018-12-11 23:11 - 000117216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libegl.dll
2019-01-28 12:34 - 2019-01-28 12:36 - 000481280 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2019-01-28 12:34 - 2019-01-28 12:36 - 080636416 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-08 23:47 - 2017-10-08 23:49 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2019-01-28 12:34 - 2019-01-28 12:35 - 003824640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2019-01-16 14:01 - 2019-01-16 14:01 - 000012288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2019-01-28 12:34 - 2019-01-28 12:36 - 014225408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2019-01-28 12:34 - 2019-01-28 12:35 - 002871296 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-08-30 18:54 - 2018-08-30 18:56 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-08-02 13:20 - 2018-08-02 13:49 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-28 12:34 - 2019-01-28 12:36 - 000146432 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\SKU.dll
2019-01-29 19:45 - 2019-01-29 19:45 - 000282624 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-11-05 23:24 - 2018-11-05 23:24 - 002538056 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-29 19:45 - 2019-01-29 19:45 - 001757696 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
2019-01-16 14:00 - 2019-01-16 14:01 - 025375744 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\Music.UI.exe
2019-01-16 14:00 - 2019-01-16 14:01 - 000305152 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-01-15 21:29 - 2018-01-15 21:30 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-11-28 23:19 - 2018-11-28 23:19 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-16 14:00 - 2019-01-16 14:00 - 006187520 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\EntCommon.dll
2018-12-19 00:22 - 2018-12-19 00:23 - 001436760 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
2015-09-18 05:08 - 2014-12-08 01:28 - 000627672 _____ () C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMediaLibrary.dll
2014-12-08 16:28 - 2014-12-08 16:28 - 000016856 _____ () C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvcPS.dll
2018-06-25 15:29 - 2014-09-05 10:55 - 000132808 _____ () C:\Users\kebli\AppData\Local\Microsoft\BingDesktop\en-US\Apps\Wallpaper_5386c77076d04cf9a8b5d619b4cba48e\1.4.82\wallpaper.dll
2017-09-19 09:35 - 2017-09-19 09:35 - 000134008 _____ () C:\Program Files (x86)\Dell Customer Connect\ServiceTagPlusPlus.dll
2015-06-23 17:26 - 2015-06-23 17:26 - 000155888 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2018-03-27 12:41 - 2018-03-27 12:41 - 000134616 _____ () C:\Program Files (x86)\Dell Update\ServiceTagPlusPlus.dll
2017-11-09 00:44 - 2017-11-09 00:44 - 001244304 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\1001movie.com -> 1001movie.com
There are 6091 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 05:04 - 2019-01-09 03:33 - 000000857 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2018-01-20 01:21 - 2018-01-20 01:21 - 000000444 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\kebli\AppData\Local\Microsoft\BingDesktop\en-US\Apps\Wallpaper_5386c77076d04cf9a8b5d619b4cba48e\VersionIndependent\images\60078.jpg
DNS Servers: 209.18.47.63 - 209.18.47.61
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{6B1A5332-A410-46F7-994D-677207100D5B}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe (BlueStack Systems, Inc.)
FirewallRules: [{029F1ADF-BFDA-47A4-BA8E-21F09A6DAFD9}] => (Allow) C:\Program Files (x86)\CyberLink\CyberLink Media Suite\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe (CyberLink Corp.)
FirewallRules: [{9B12F191-6A81-41BC-9176-D8CC1BEA4F9A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{6426F3C1-7131-4E45-ACFC-80BF99EAA8DF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{85640DB6-3E54-4F34-AD52-AD5E98774088}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{91BEEA0E-5551-4655-951A-955EF242E5A0}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{BB8A871C-2BE8-42C4-8887-096CBCE5890F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{83F4BF9E-ED79-42C6-AB13-70196654EAE9}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe ()
FirewallRules: [{2237736C-D430-4A75-B1C1-4076861D4DFC}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe ()
FirewallRules: [{4F998A00-AF47-4041-B401-2C8A68597DDF}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe ()
FirewallRules: [{E3627E52-4FEC-46F8-B2AA-D3515E6092A4}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe ()
FirewallRules: [{A0A31F9C-FD23-4A76-972E-3EED58E2C495}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
FirewallRules: [{9F08464B-CAC7-4891-B3A4-2A7C01A5BE34}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{55784381-C8D3-4836-AB26-AB1BA0C5ACE0}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
==================== Restore Points =========================
16-01-2019 20:09:33 Scheduled Checkpoint
25-01-2019 22:27:22 Scheduled Checkpoint
28-01-2019 18:47:22 Installed Intel® Wireless Bluetooth®
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/30/2019 06:30:09 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid.
.
Operation:
Executing Asynchronous Operation
Context:
Current State: DoSnapshotSet
Error: (01/30/2019 06:24:42 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "WmiApRpl" in DLL "c:\windows\System32\wbem\wmiaprpl.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (01/30/2019 06:24:42 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
Error: (01/30/2019 06:24:42 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "Lsa" in DLL "C:\Windows\System32\Secur32.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (01/30/2019 06:24:42 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "ESENT" in DLL "C:\WINDOWS\system32\esentprf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
System errors:
=============
Error: (01/30/2019 06:30:37 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/30/2019 06:29:01 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel® Management and Security Application Local Management Service service hung on starting.
Error: (01/30/2019 06:28:07 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-O8A2EKO)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-O8A2EKO\KBen SID (S-1-5-21-4169369895-2292233020-3573544003-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/30/2019 06:27:18 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-O8A2EKO)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-O8A2EKO\KBen SID (S-1-5-21-4169369895-2292233020-3573544003-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/30/2019 06:20:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (60000 milliseconds) while waiting for the BingDesktopUpdate service to connect.
Error: (01/30/2019 06:20:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/30/2019 06:20:41 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
==================== Memory info ===========================
Processor: Intel® Core™ i7-6500U CPU @ 2.50GHz
Percentage of memory in use: 30%
Total physical RAM: 16275.82 MB
Available physical RAM: 11318.27 MB
Total Virtual: 18707.82 MB
Available Virtual: 12984.46 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:1848.78 GB) (Free:1714.6 GB) NTFS
\\?\Volume{917e8194-70b2-42bd-bd7c-b170ba134d78}\ () (Fixed) (Total:0.84 GB) (Free:0.45 GB) NTFS
\\?\Volume{79049588-dba9-4c83-be42-a01776ed46db}\ (Image) (Fixed) (Total:12.78 GB) (Free:0.92 GB) NTFS
\\?\Volume{67692ed4-4711-4932-9712-3240e2999db2}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.45 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 61408B0D)
Partition: GPT.
==================== End of Addition.txt ============================
#69
Posted 31 January 2019 - 03:48 PM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
You had two services hang:
Error: (01/30/2019 06:29:01 PM) (Source: Service Control Manager) (EventID: 7022) (User: )Description: The Intel® Management and Security Application Local Management Service service hung on starting....
Error: (01/30/2019 06:20:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: )Description: A timeout was reached (60000 milliseconds) while waiting for the BingDesktopUpdate service to connect.
The first one was probably just a bit slow starting since it appears to be running now. The second one we have already talked about. It apparently is also just a bit slow starting as it it is also running.
The only other error of any concern is:
.Error: (01/30/2019 06:30:09 PM) (Source: VSS) (EventID: 8193) (User: )Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid.
This is usually caused by trying to save the backups to a full or non-existent drive. Sometimes it is caused by Click to Run Office. (Their Q: drive doesn't really exist so you can copy stuff from it when you make backups)
You are still running Intel® Security Assist. This is foistware that gets installed when you update Adobe products. It used to be called McAfee Security Assist until Intel bought McAfee. It doesn't make your PC any safer.
You also have SpywareBlaster 5.5 installed. I understand what they are trying to do but I fear that it slows the networking down a lot. You might try uninstalling it and if uninstalling doesn't remove all of the restricted sites:
Looks like this in your FRST scan:
==================== Internet Explorer trusted/restricted ===============(If an entry is included in the fixlist, it will be removed from the registry.)IE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\008i.com -> 008i.comIE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\008k.com -> 008k.comIE restricted site: HKU\S-1-5-21-4169369895-2292233020-3573544003-1001\...\00hq.com -> 00hq.com...
Then get Deldomains.inf
https://forums.major...ldomains.74355/
Once you unzip and then right click and Install it will remove all restricted sites. If you don't see a difference then just reinstall SpywareBlaster
I worked on a Dell this week. Was running slow. Finally just went into msconfig. Services and unchecked everything that started with Dell. OK. Then into task manager (more details) Startup and Disabled everything that started with Dell then rebooted. Made an amazing difference in the speed of the boot and in the amount of CPU used. Doesn't seem to have hurt anything. He will have to check for updates manually from the Dell site but after a couple of years Dell loses interest and stops updating older PCs. You might try that. If it breaks something you can always go back in and turn everything on again.
#70
Posted 07 February 2019 - 01:08 AM
Win10Enthusiast
- Topic Starter
-
- Member
-
- 50 posts
Member
I will be getting back to you in the next day or two RKinner, had a family crisis.
#71
Posted 09 February 2019 - 12:41 AM
Win10Enthusiast
- Topic Starter
-
- Member
-
- 50 posts
Member
Thanks for all of your help, RKinner. It is greatly appreciated.
I am not sure how to uninstall Intel® Security Assist.
I did uninstall SpywareBlaster 5.5
I am not sure how to install Del Domains, I might need help with that one.
#72
Posted 09 February 2019 - 06:46 AM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
Intel Security Assist should show up in Programs and Features.
Search for
programs and features
hit Enter
Find Intel Security Assist
Uninstall.
I see they left off a step on deldomain.inf.
Download it from
http://forums.majorg.../DelDomains.zip
Save then right click and Extract All.
Find deldomain.inf and right click and Install. Ignore the warning.
#73
Posted 12 February 2019 - 08:39 PM
Win10Enthusiast
- Topic Starter
-
- Member
-
- 50 posts
Member
OK RKinner, I uninstalled Intel Security Assist
I also installed deldomain.inf.
OK, what's next?
#74
Posted 13 February 2019 - 08:29 AM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
How is it running now?
#75
Posted 13 February 2019 - 12:55 PM
Win10Enthusiast
- Topic Starter
-
- Member
-
- 50 posts
Member
It is very fast when I start it up in the morning.
It did get a little slow after windows updates but then it sped right back up.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
