I was playing a word search game on pch.com when my game suddenly disappeared and a ransomware screen appeared with a British woman's voice telling me that my computer had been hijacked. I was able to get rid of that screen and ran my antivirus software. But I'm concerned that remnants of that may still be on my desktop Dell OptiPlex.
Here are the readouts from Farbar Recovery Scan Tool:
Ran by Dell (administrator) on DELL-PC (Dell Inc. OptiPlex 360) (14-05-2019 18:02:43)
Running from C:\Users\Dell\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads
Loaded Profiles: Dell & DefaultAppPool (Available Profiles: Dell & DefaultAppPool)
Platform: Microsoft Windows 10 Pro Version 1709 16299.371 (X86) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Amazon Services LLC -> ) C:\Users\Dell\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\wfcrun32.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files\Citrix\Receiver\Receiver.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(LAVASOFT SOFTWARE CANADA INC -> ) C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(LAVASOFT SOFTWARE CANADA INC -> Lavasoft) C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe
(Logitech, Inc. -> ) C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Logitech, Inc. -> Logitech Inc.) C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Dell\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x86__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> ) C:\Windows\System32\Windows.WARP.JITService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [221576 2019-02-09] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [ConnectionCenter] => C:\Program Files\Citrix\ICA Client\concentr.exe [383328 2014-11-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM\...\Run: [LWS] => C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-2931432088-2454819386-741456421-1000\...\Run: [Amazon Cloud Player] => C:\Users\Dell\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3168576 2014-03-07] (Amazon Services LLC -> )
HKU\S-1-5-21-2931432088-2454819386-741456421-1000\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-05-23] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2931432088-2454819386-741456421-1000\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe [7511384 2019-05-13] (LAVASOFT SOFTWARE CANADA INC -> Lavasoft)
HKU\S-1-5-21-2931432088-2454819386-741456421-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [16571320 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2931432088-2454819386-741456421-1000\...\MountPoints2: {d314d0f0-b2aa-11e3-8f04-806e6f6e6963} - "D:\Setup.EXE"
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [vidc.i420] => C:\WINDOWS\system32\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [MSVideo] => C:\WINDOWS\system32\vfwwdm32.dll [57856 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\AppCompatFlags\InstalledSDB\{49cd2afd-8679-48a5-90ab-e7044bee2465}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{49cd2afd-8679-48a5-90ab-e7044bee2465}.sdb [2018-06-27]
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> %SystemRoot%\inf\unregmp2.exe /ShowWMP
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files\AVAST Software\Browser\Application\73.0.1270.86\Installer\chrmstp.exe [2019-04-21] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-21] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Task: {03574738-566D-4E13-8FA2-B3B63B6DA8DF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {0A8738B0-D7E2-4164-97EA-762FB8E32CFA} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {0B186A9B-7312-49B3-8635-014A1CDC764C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {0B9233CE-50BB-44A8-9A0D-CC407F7BCBA9} - System32\Tasks\SafeZone scheduled Autoupdate 1465393856 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [1057824 2017-08-04] (AVAST Software s.r.o. -> Avast Software)
Task: {18EAFFA5-BEBA-4AE8-B2B1-76E654ADBC60} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {21DAC2E4-1ED7-4B16-AAA6-130449A798E2} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1656472 2019-02-09] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {24768FEF-8144-4810-A8B9-79B61931E8BC} - System32\Tasks\{6E0327EF-A229-460E-AED0-9B72DE0051FC} => "c:\windows\system32\launchwinapp.exe" hxxp://ui.skype.com/ui/0/7.8.0.102/en/go/help.faq.installer?source=lightinstaller&LastError=1618
Task: {265494C7-834D-4804-B05A-544E13384E40} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {28830FC8-99F8-4AB3-A1AC-614381DFE2C1} - System32\Tasks\WpsUpdateTask_Dell => C:\Users\Dell\AppData\Local\Kingsoft\WPS Office\10.2.0.6020\wtoolex\wpsupdate.exe [648320 2018-04-08] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {303C9978-0139-408D-848C-3F895281F107} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {3328B0B8-DEC7-4803-87A0-573FA798D4BF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {44FCADF6-ACDF-4E1B-9263-A84F13351126} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {46252C2F-9C0D-457F-A90B-BF0337EB6FDA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {463E4145-D228-4251-997C-F4261F337CA9} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [1960168 2019-04-11] (AVAST Software s.r.o. -> AVAST Software)
Task: {47A16926-CD73-4478-8734-7BAD453A5A74} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {4A3F832B-A39A-45B4-9F57-1323784DEF5A} - System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => C:\Program Files\rempl\remsh.exe
Task: {4A746E6C-8454-4E99-B24D-235E99D174D2} - System32\Tasks\Driver Tuneup_Logon => C:\Program Files\Driver Tuneup\drivertuneup.exe [2381152 2017-08-16] (DRIVER UPDATER TOOLS -> driver-tuneup.com)
Task: {4B472331-EEA0-4B52-8D3D-FB35D3215CBA} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4F0D174F-A259-49BD-A74A-F3D98DEB98CB} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2385800 2019-05-13] (AVAST Software s.r.o. -> AVAST Software)
Task: {4F9605BC-2A35-48C5-854C-7D4A6FC17CA1} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {57FFD35F-0C6F-4AD5-9B25-79A44C5A1E2A} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {5881C0EF-717C-4851-A4DF-BAF17242373B} - System32\Tasks\CC-Cleaner_Logon => C:\Program Files\CC-Cleaner for DELL-PC\scad.exe
Task: {5C65F38F-7EF6-4422-BCA9-A1B8AE8E04F7} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {5F236D6B-DFCD-4B84-B825-ACA4DCFE8AC6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-05] (Google Inc -> Google Inc.)
Task: {644E137B-1310-469E-B426-FA5F5DF9F4A3} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {64C73F97-748D-45B1-B89F-3E7ECDFC1BDD} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6AB5DEF1-3FCE-46E8-8969-4C5E52EB88C2} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1624408 2019-02-25] (AVAST Software s.r.o. -> AVAST Software)
Task: {7BF7A248-4927-46F2-B23C-AD6B3B5A4884} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7E87604D-9CE3-491D-B1D1-5BDFF0E6C475} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {81072B60-3680-4214-8612-141C0E45F909} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {83160928-D23F-4053-8EA9-D09370E1F878} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [1960168 2019-04-11] (AVAST Software s.r.o. -> AVAST Software)
Task: {8944CB8D-5A6F-4D98-9249-1562DD5E7BC9} - System32\Tasks\G2MUploadTask-S-1-5-21-2931432088-2454819386-741456421-1000 => C:\Users\Dell\AppData\Local\Citrix\GoToMeeting\5636\g2mupload.exe [41536 2016-10-13] (Citrix Online -> Citrix Online, a division of Citrix Systems, Inc.)
Task: {9193F921-54B4-4D0B-A3FA-99770F9A3016} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16571320 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {98E5740D-DDC8-4898-9AA0-534EC2072760} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9D172B28-1811-4AB9-8719-DD1FA0BC0069} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9F4040A0-FDBC-47B8-A151-D173B8B2258A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A211E180-287B-4C83-B500-374E819B94C8} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A426FE01-09BA-4283-94BA-91092D0FB285} - System32\Tasks\RegAce Scheduled Scan - Dell => C:\Program Files\RegAce System Suite\RegAce.exe
Task: {A75507C7-278B-4E30-AA47-52A1EF79985E} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_31_0_0_153_Plugin.exe [1456128 2018-12-02] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {AD48963A-26C8-4A76-BE89-E5C1FF672A02} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-05-26] (AVAST Software s.r.o. -> AVAST Software) <==== ATTENTION
Task: {B0224B7F-B52F-48DD-B004-222432057D82} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-05-26] (AVAST Software s.r.o. -> AVAST Software) <==== ATTENTION
Task: {B1FCF443-6A10-4B03-8EC7-EC1FFA089D09} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {B2A86B9F-2808-4434-8A1F-062553B70886} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C4F1932D-8222-41D0-8045-10B5C1A4C361} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {C7301135-CABF-4F30-AFFE-411C0D413934} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C9A39D22-B5EC-4518-A440-3D030ADF99C0} - System32\Tasks\G2MUpdateTask-S-1-5-21-2931432088-2454819386-741456421-1000 => C:\Users\Dell\AppData\Local\Citrix\GoToMeeting\5636\g2mupdate.exe [41536 2016-10-13] (Citrix Online -> Citrix Online, a division of Citrix Systems, Inc.)
Task: {CB8B72F8-5BBD-47E3-AC17-4636F36DFC7B} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3519856 2018-04-12] (Easeware Technology Limited -> Easeware)
Task: {CC6FB896-DA6F-444D-9ECE-376CB6441711} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {D0274884-7113-4B64-AB9C-8E1BC310A9F1} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D0733552-F1B7-4A46-BB89-BD18EBCEC9CE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D36FD9D1-2BA7-48C5-9076-3930E3F9EF78} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-05] (Google Inc -> Google Inc.)
Task: {D6792768-72CF-4706-804D-C98344F6DA29} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D9D0EC2B-EBA8-4076-BAB3-DBD060DA7BB1} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {E0115FE1-8A3F-4D43-9349-B69D46661F15} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-12-02] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {E61CAA43-AA76-47F2-AEE9-7721477DA684} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1190424 2018-08-14] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {E7BDEF00-F21B-4118-AF2B-071FFB8856EB} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {EB2D0FDB-018A-46D4-9C90-B746BC847500} - System32\Tasks\S-1-5-21-2931432088-2454819386-741456421-1000\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [103424 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
Task: {F35ADE33-EDD9-4E5F-8B60-43498CFD57BD} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {F613A590-D644-4C08-BA45-FFD85B5D447C} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F851604E-B140-41E4-8D6A-296C8FD978F9} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FE48F93D-E775-4F8D-B2D0-048EC1E1E54B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2931432088-2454819386-741456421-1000.job => C:\Users\Dell\AppData\Local\Citrix\GoToMeeting\5636\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2931432088-2454819386-741456421-1000.job => C:\Users\Dell\AppData\Local\Citrix\GoToMeeting\5636\g2mupload.exe
Task: C:\WINDOWS\Tasks\RegAce Scheduled Scan - Dell.job => C:\Program Files\RegAce System Suite\RegAce.exe
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9e30b6f3-b0b9-40b7-beee-9aca2ca0da7f}: [DhcpNameServer] 192.168.1.1
==================
HKU\S-1-5-21-2931432088-2454819386-741456421-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COS2&ptag=D082017-AA1FD30A82A&form=CONMHP&conlogo=CT3335665
HKU\S-1-5-21-2931432088-2454819386-741456421-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2931432088-2454819386-741456421-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D082017-AA1FD30A82A&form=CONBDF&conlogo=CT3335665&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2931432088-2454819386-741456421-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D082017-AA1FD30A82A&form=CONBDF&conlogo=CT3335665&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2931432088-2454819386-741456421-1000 -> {2CC68BCF-FBE2-433E-B0D4-898417AB79EA} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2931432088-2454819386-741456421-1000 -> {FFF4C4D8-A65C-4254-A0CB-107396E584D8} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll [2018-09-23] (Oracle America, Inc. -> Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-30] (Google Inc -> Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-09-23] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-30] (Google Inc -> Google Inc.)
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
======
Edge Extension: (Amazon Assistant) -> xxx_AmazoncomAmazonAssistant_343d40qqvtj1t => C:\Program Files\WindowsApps\Amazon.com.AmazonAssistant_10.1806.9.0_neutral__343d40qqvtj1t [2018-06-21]
========
FF ProfilePath: C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\6kl0dbfv.default-1521378898138 [2019-05-14]
FF Homepage: Mozilla\Firefox\Profiles\6kl0dbfv.default-1521378898138 -> hxxp://www.bing.com/?pc=COS2&ptag=D082017-AA1FD30A82A&form=CONMHP&conlogo=CT3335665
FF NewTab: Mozilla\Firefox\Profiles\6kl0dbfv.default-1521378898138 -> hxxp://www.bing.com/?pc=COS2&ptag=D082017-AA1FD30A82A&form=CONMHP&conlogo=CT3335665
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_31_0_0_153.dll [2018-12-02] (Adobe Systems Incorporated -> )
FF Plugin: @Citrix.com/npican -> C:\Program Files\Citrix\ICA Client\npicaN.dll [2014-11-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-09-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-09-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-21] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-21] (Google Inc -> Google LLC)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-04] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2931432088-2454819386-741456421-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Dell\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-08-12] (Citrix Online -> Citrix Online)
FF Plugin HKU\S-1-5-21-2931432088-2454819386-741456421-1000: SkypePlugin -> C:\Users\Dell\AppData\Local\SkypePlugin\7.5.0.127\npGatewayNpapi.dll [2015-08-02] (Microsoft Corporation -> Skype Technologies S.A.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\dsengine.js [2017-12-26] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\dsengine.cfg [2017-12-26] <==== ATTENTION
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.msn.com/?pc=avmsp&ocid=PerDHP
CHR StartupUrls: Default -> "hxxps://www.msn.com/?pc=avmsp&ocid=PerDHP"
CHR DefaultSearchURL: Default -> hxxps://defaultsearch.co/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> Adaware Secure
CHR Profile: C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default [2019-05-14]
CHR Extension: (Docs) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-03]
CHR Extension: (Google Drive) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-28]
CHR Extension: (YouTube) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-28]
CHR Extension: (Google Search) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-04]
CHR Extension: (Google Docs Offline) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-15]
CHR Extension: (Gmail) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-04]
CHR Extension: (Chrome Media Router) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-21]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [pcahildbjonlnmkfcdeiglkeodeijdco] - hxxps://clients2.google.com/service/update2/crx
S2 avast; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-05-26] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [309480 2019-02-09] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-05-26] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-02-09] (AVAST Software s.r.o. -> AVAST Software)
R2 LM__bdsvc; C:\Program Files\Lexmark\Bidi\LM__bdsvc.exe [583680 2016-06-06] () [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2891976 2018-02-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WCAssistantService; C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [25944 2019-05-13] (LAVASOFT SOFTWARE CANADA INC -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\NisSrv.exe [279240 2018-03-18] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MsMpEng.exe [87040 2018-03-18] (Microsoft Corporation -> Microsoft Corporation)
S3 AvastSecureBrowserElevationService; "C:\Program Files\AVAST Software\Browser\Application\73.0.1270.86\elevation_service.exe" [X]
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [172424 2019-05-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [220128 2019-05-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [158240 2019-05-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [255360 2019-05-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [51264 2019-05-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [14976 2019-02-09] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [194680 2019-05-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [40904 2019-05-13] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [138480 2019-05-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [101200 2019-05-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [73008 2019-05-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [783232 2019-05-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [403408 2019-05-13] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [165464 2019-05-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [312464 2019-05-13] (AVAST Software s.r.o. -> AVAST Software)
R3 igfx; C:\WINDOWS\system32\DRIVERS\igdkmd32.sys [4815872 2012-03-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [38912 2018-03-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [237608 2018-03-18] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [93736 2018-03-18] (Microsoft Windows -> Microsoft Corporation)
R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [186880 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath
==================== One month (created) ========
2019-05-14 17:34 - 2019-05-14 17:34 - 001793024 _____ (Farbar) C:\Users\Dell\Downloads\FRST.exe
2019-05-14 17:12 - 2019-05-14 17:12 - 000000000 ___HD C:\OneDriveTemp
2019-05-13 19:46 - 2019-05-13 19:46 - 000000153 _____ C:\Users\Dell\AppData\Local\{9F60687C-6A8A-4B17-AB32-CC38BEAEF364}
2019-05-13 19:45 - 2019-05-13 19:45 - 000047720 _____ () C:\WINDOWS\system32\Drivers\staport.sys.155779113123405
2019-05-13 19:45 - 2019-05-13 19:45 - 000000077 _____ C:\WINDOWS\system32\Drivers\aswSP.sys.sum
2019-05-13 19:43 - 2019-05-13 19:41 - 000311176 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-05-14 17:49 - 2014-03-24 15:53 - 126228304 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-05-14 17:38 - 2018-05-26 18:17 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-05-14 17:38 - 2018-05-26 18:17 - 000002409 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2019-05-14 17:37 - 2015-08-08 23:46 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-05-14 17:37 - 2014-04-13 18:31 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-14 17:22 - 2014-04-13 18:32 - 000001034 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-05-14 17:21 - 2018-09-23 22:19 - 000000000 ____D C:\Windows10Upgrade
2019-05-14 17:13 - 2018-05-26 18:14 - 000000000 ____D C:\Users\Dell\AppData\Local\AVAST Software
2019-05-14 17:12 - 2015-08-09 07:56 - 000000000 __RDL C:\Users\Dell\OneDrive
2019-05-13 20:30 - 2018-04-08 21:36 - 000000000 ____D C:\Users\Dell\Documents\RESUMES
2019-05-13 20:24 - 2017-09-29 07:55 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2019-05-13 20:23 - 2017-09-29 07:55 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-05-13 20:21 - 2017-09-29 07:55 - 000000000 ___HD C:\Program Files\WindowsApps
2019-05-13 20:00 - 2018-02-05 14:02 - 000000000 ____D C:\Users\Dell\AppData\Local\Packages
2019-05-13 19:51 - 2018-02-05 13:53 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-05-13 19:45 - 2014-03-25 11:44 - 000403408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-05-13 19:45 - 2014-03-25 11:44 - 000312464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-05-13 19:43 - 2017-09-29 07:55 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-05-13 19:42 - 2019-02-25 21:34 - 000194680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-05-13 19:42 - 2016-06-08 09:47 - 000040904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-05-13 19:42 - 2014-03-25 11:44 - 000165464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-05-13 19:42 - 2014-03-25 11:44 - 000138480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-05-13 19:42 - 2014-03-25 11:44 - 000101200 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-05-13 19:42 - 2014-03-25 11:44 - 000073008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-05-13 19:40 - 2019-02-09 16:54 - 000255360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
2019-05-13 19:40 - 2019-02-09 16:54 - 000220128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-05-13 19:40 - 2019-02-09 16:54 - 000158240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-05-13 19:40 - 2019-02-09 16:54 - 000051264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-05-13 19:40 - 2019-02-09 16:54 - 000034720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-05-13 19:40 - 2017-11-13 08:09 - 000172424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-05-13 19:40 - 2014-03-25 11:44 - 000783232 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-05-13 19:36 - 2015-08-09 07:56 - 000002397 _____ C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-04-21 12:26 - 2018-02-05 14:01 - 000000000 ____D C:\Users\Dell
2019-04-21 11:58 - 2017-09-29 07:52 - 000000000 ____D C:\WINDOWS\INF
2019-04-21 11:51 - 2014-03-25 11:44 - 000309176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw1aa535a10566d872.tmp
2019-04-21 11:44 - 2018-02-05 13:56 - 001100334 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-21 11:35 - 2018-02-05 14:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-08-18 18:08 - 2017-08-18 18:08 - 000000002 _____ () C:\Users\Dell\AppData\Roaming\acc.txt
2015-06-07 07:40 - 2015-08-22 13:00 - 000000093 _____ () C:\Users\Dell\AppData\Roaming\ARCompanion.log
2017-08-20 11:19 - 2017-08-20 11:19 - 000000002 _____ () C:\Users\Dell\AppData\Roaming\view.txt
2019-05-13 19:46 - 2019-05-13 19:46 - 000000153 _____ () C:\Users\Dell\AppData\Local\{9F60687C-6A8A-4B17-AB32-CC38BEAEF364}
LastRegBack: 2019-05-14 17:46
==================== End of FRST.txt ============================
Ran by Dell (14-05-2019 18:04:26)
Running from C:\Users\Dell\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads
Microsoft Windows 10 Pro Version 1709 16299.371 (X86) (2018-02-05 18:29:30)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
DefaultAccount (S-1-5-21-2931432088-2454819386-741456421-503 - Limited - Disabled)
Dell (S-1-5-21-2931432088-2454819386-741456421-1000 - Administrator - Enabled) => C:\Users\Dell
Guest (S-1-5-21-2931432088-2454819386-741456421-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2931432088-2454819386-741456421-1002 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-2931432088-2454819386-741456421-504 - Limited - Disabled)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
Adobe AIR (HKLM\...\Adobe AIR) (Version: 26.0.0.127 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 31.0.0.153 - Adobe Systems Incorporated)
Amazon Cloud Player (HKU\S-1-5-21-2931432088-2454819386-741456421-1000\...\Amazon Amazon Cloud Player) (Version: 2.4.0.26 - Amazon Services LLC)
Apple Application Support (32-bit) (HKLM\...\{C56BA005-F02C-461B-ACA5-A0CE3E32578F}) (Version: 6.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2A2C8640-5402-428A-909A-0236CB2B77C7}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 19.4.2374 - AVAST Software)
Avast Secure Browser (HKLM\...\Avast Secure Browser) (Version: 73.0.1270.86 - AVAST Software)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
CameraHelperMsi (HKLM\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
CC-Cleaner (HKLM\...\{F751A81C-AAF7-4E24-8E40-231FD881A20B}_is1) (Version: 1.0.0.2502 - )
CCleaner (HKLM\...\CCleaner) (Version: 5.57 - Piriform)
Citrix Online Launcher (HKLM\...\{48947098-A67C-46D4-90C5-9F2F6F0F96FE}) (Version: 1.0.449 - Citrix)
Citrix Receiver (HKLM\...\CitrixOnlinePluginPackWeb) (Version: 13.4.400.9 - Citrix Systems, Inc.)
Customer Support (HKLM\...\{B33D89E4-FB43-6749-447E-2E469AC9EB5B}) (Version: 1.0.0.0 - Lexmark International, Inc.)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Driver Easy 5.6.2 (HKLM\...\DriverEasy_is1) (Version: 5.6.2 - Easeware)
Driver Tuneup (HKLM\...\{9132F466-FD4C-4DF1-85F0-818CC4567B2F}_is1) (Version: 1.0.0.34273 - driver-tuneup.com)
Dropbox (HKU\S-1-5-21-2931432088-2454819386-741456421-1000\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
erLT (HKLM\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
EU Waste Recycling Information (HKLM\...\{42DF7152-0B7D-7917-4633-94E00C7BE684}) (Version: 1.0.0.0 - Lexmark International, Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GoToMeeting 8.10.0.7495 (HKU\S-1-5-21-2931432088-2454819386-741456421-1000\...\GoToMeeting) (Version: 8.10.0.7495 - LogMeIn, Inc.)
iCloud (HKLM\...\{FAF5F9DA-73F2-4BF3-8268-E45AAC42B533}) (Version: 7.5.0.34 - Apple Inc.)
Information Center (HKLM\...\{851828ED-8353-E017-70EE-BF284CE2B799}) (Version: 1.0.0.0 - Lexmark International, Inc.)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Intel® TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
Itibiti RTC (HKLM\...\{730E03E4-350E-48E5-9D3E-4329903D454D}) (Version: 0.0.1 - Itibiti Inc) Hidden <==== ATTENTION
Java 8 Update 181 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Lexmark Network Twain Scan Driver (HKLM\...\{57799805-67CC-4401-5C6F-540D2E3DDE40}) (Version: 1.19.138.0 - Lexmark International, Inc.)
Lexmark Printer Software G2 PS3 Print Driver (HKLM\...\{C4114CDE-B0CD-4623-B5E2-5BE2C9702095}) (Version: 2.5.1.0 - Lexmark International, Inc.)
Lexmark Printer Software G2 Scan Driver (HKLM\...\{7932657D-8209-D3FB-4B19-D133EDE01DBB}) (Version: 2.5.1.0 - Lexmark International, Inc.)
Lexmark Status Center (HKLM\...\{B26B2B9C-01F7-44FE-8FBE-655073CBB0B0}) (Version: 2.4.53.0 - Lexmark International, Inc.)
Lexmark USB Bidi Solution (HKLM\...\{C5DB19F7-C720-4D88-B10F-704DE806F777}) (Version: 1.3.61.0 - Lexmark International, Inc.)
Logitech Webcam Software (HKLM\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2931432088-2454819386-741456421-1000\...\OneDriveSetup.exe) (Version: 19.062.0331.0006 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 47.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 47.0.2 (x86 en-US)) (Version: 47.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Online Plug-in (HKLM\...\{67FE17FA-BD96-469D-9AAE-A65B9E650B0B}) (Version: 13.4.400.9 - Citrix Systems, Inc.) Hidden
OpenOffice 4.1.1 (HKLM\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
PhotoPad Image Editor (HKLM\...\PhotoPad) (Version: 4.12 - NCH Software)
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
SafeZone Stable 4.58.2552.909 (HKLM\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Self-service Plug-in (HKLM\...\{F506798C-A221-40EF-BF4D-616DF049123C}) (Version: 3.4.400.49109 - Citrix Systems, Inc.) Hidden
Skype Web Plugin (HKLM\...\{F7C13D74-E0FD-4A76-896A-E8687769767D}) (Version: 7.5.0.127 - Skype Technologies S.A.)
Skype™ 7.40 (HKLM\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
UpdateAssistant (HKLM\...\{D66FEADA-C0EB-446E-955B-77E60B1FD5A1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
UserTesting.com Recorder Plugin (HKU\S-1-5-21-2931432088-2454819386-741456421-1000\...\UserTestingPlugin) (Version: - UserTesting.com)
Vz In-Home Agent (HKLM\...\VzInHomeAgent) (Version: 9.0.89.0 - Verizon)
Web Companion (HKLM\...\{7da819bc-37f0-4b3f-90ac-de2c15ef81e3}) (Version: 4.7.1987.3881 - Lavasoft)
Windows 10 Update and Privacy Settings (HKLM\...\{542CC2C2-ABAF-4604-8723-DA296AF74540}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows 10 Update Assistant (HKLM\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation)
Windows Driver Package - Lexmark International Printer (01/28/2016 2.5.1.0) (HKLM\...\7C43EFCAB92000EDB22A02000370EC696A57A525) (Version: 01/28/2016 2.5.1.0 - Lexmark International)
Windows Setup Remediations (x86) (KB4023057) (HKLM\...\{49cd2afd-8679-48a5-90ab-e7044bee2465}.sdb) (Version: - )
WPS Office (10.2.0.6020) (HKU\S-1-5-21-2931432088-2454819386-741456421-1000\...\Kingsoft Office) (Version: 10.2.0.6020 - Kingsoft Corp.)
=========
Amazon Assistant -> C:\Program Files\WindowsApps\Amazon.com.AmazonAssistant_10.1806.9.0_neutral__343d40qqvtj1t [2018-06-21] (Amazon Assistant)
Assigned Access Lock app -> C:\Windows\SystemApps\Microsoft.Windows.AssignedAccessLockApp_cw5n1h2txyewy [2017-09-29] (Microsoft Corporation)
Microsoft Phone -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.43.20002.1000_x86__8wekyb3d8bbwe [2018-09-20] (Microsoft Corporation)
Microsoft Phone Companion -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x86__8wekyb3d8bbwe [2018-02-19] (Microsoft Corporation)
SecondaryTileExperience -> C:\Windows\SystemApps\Microsoft.Windows.SecondaryTileExperience_cw5n1h2txyewy [2017-09-29] (Microsoft Corporation)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x86__kzf8qxf38zg5c [2019-02-09] (Skype)
Take a Test -> C:\Windows\SystemApps\Microsoft.Windows.SecureAssessmentBrowser_cw5n1h2txyewy [2017-09-29] (Microsoft Corporation)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x86__8wekyb3d8bbwe [2015-11-18] (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2931432088-2454819386-741456421-1000_Classes\CLSID\{7253b364-18c5-555a-4b07-26abb39c9f99}\InprocServer32 -> C:\Users\Dell\AppData\Local\SkypePlugin\7.5.0.127\EdgeBrokerPS.dll (Microsoft Corporation -> Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-2931432088-2454819386-741456421-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Dell\AppData\Local\Citrix\GoToMeeting\6140\G2MOutlookAddin.dll (Citrix Online -> Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-2931432088-2454819386-741456421-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2931432088-2454819386-741456421-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2931432088-2454819386-741456421-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2931432088-2454819386-741456421-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox -> Dropbox, Inc.)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [4222864 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2016-03-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams.dll [2018-05-23] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2016-03-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers1_S-1-5-21-2931432088-2454819386-741456421-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-10] (Dropbox -> Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-2931432088-2454819386-741456421-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-10] (Dropbox -> Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-2931432088-2454819386-741456421-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-10] (Dropbox -> Dropbox, Inc.)
==================== Loaded Modules (Whitelisted) ==============
2016-06-06 11:25 - 2016-06-06 11:25 - 000583680 _____ () [File not signed] C:\Program Files\Lexmark\Bidi\LM__bdsvc.exe
2014-11-20 04:22 - 2014-11-20 04:22 - 002293760 _____ (Apache Software Foundation) [File not signed] C:\Program Files\Citrix\Receiver\xerces-c_3_1.dll
2014-09-01 04:52 - 2014-09-01 04:52 - 001101824 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Citrix\ICA Client\MFC80.DLL
2014-09-01 04:52 - 2014-09-01 04:52 - 000057344 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Citrix\ICA Client\MFC80ENU.DLL
==================== Association (Whitelisted) ===============
==================== Internet Explorer trusted/restricted ===============
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-2931432088-2454819386-741456421-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2931432088-2454819386-741456421-1000\...\webcompanion.com -> hxxp://webcompanion.com
==================== Other Areas ============================
HKU\S-1-5-21-2931432088-2454819386-741456421-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== FirewallRules (Whitelisted) ===============
FirewallRules: [UDP Query User{7B54D6F6-AC04-4927-AF01-4D82F27DDCCD}C:\program files\skype\phone\skype.exe] => (Block) C:\program files\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B8518A6A-9BCB-4B30-8A57-5D8271C39998}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{2A42CE64-8733-49DC-8346-8216BDFDCD10}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{E0699B53-F799-45CF-9A97-D7E756E36161}] => (Allow) D:\install\x86\installgui.exe (Lexmark International, Inc. -> )
FirewallRules: [{F04EFA29-B5AC-4742-8ED4-3629A7BAFC0C}] => (Allow) D:\install\x86\installgui.exe (Lexmark International, Inc. -> )
FirewallRules: [{9A80F34D-7A21-4B14-95C8-0460E5D77598}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{5B5BAD19-6CE2-4394-83B8-143D2BE5E356}] => (Allow) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
14-05-2019 17:47:34 Windows Update
==================== Event log errors: =========================
==================
Error: (05/14/2019 05:52:04 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
Access is denied.
.
Description: Product: Microsoft Office Professional Plus 2010 - Update 'Definition Update for Microsoft Office 2010 (KB3115475) 32-Bit Edition' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft....k/?LinkId=23127
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.
Description: Activation context generation failed for "C:\Program Files\Citrix\ICA Client\MFC80.DLL".Error in manifest or policy file "C:\Program Files\Citrix\ICA Client\Microsoft.VC80.MFCLOC.MANIFEST" on line 5.
Component identity found in manifest does not match the identity of the component requested.
Reference is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Definition is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762".
Please use sxstrace.exe for detailed diagnosis.
Description: Task Scheduling Error: m->NextScheduledSPRetry 15593
Description: Task Scheduling Error: m->NextScheduledEvent 15593
Description: Task Scheduling Error: Continuously busy for more than a second
System errors:
=============
Error: (05/14/2019 05:47:38 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Office 2010 (KB3115475) 32-Bit Edition.
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
Windows Defender:
===================================
Date: 2018-03-18 10:40:50.526
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {863E4470-C2BF-43D0-934D-D5DF6A51A07D}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Network Inspection System
Error Code: 0x8007045b
Error description: A system shutdown is in progress.
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x8007045b
Error description: A system shutdown is in progress.
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007045b
Error description: A system shutdown is in progress.
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Network Inspection System
Error Code: 0x8007045b
Error description: A system shutdown is in progress.
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x8007045b
Error description: A system shutdown is in progress.
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
===================================
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Motherboard: Dell Inc. 0T656F
Processor: Intel® Core2 Duo CPU E7500 @ 2.93GHz
Percentage of memory in use: 70%
Total physical RAM: 3060.96 MB
Available physical RAM: 908.26 MB
Total Virtual: 6132.96 MB
Available Virtual: 3318.55 MB
Drive d: (Lexmark) (CDROM) (Total:0.39 GB) (Free:0 GB) CDFS
\\?\Volume{ee411f60-0000-0000-0000-802425000000}\ () (Fixed) (Total:0.44 GB) (Free:0.13 GB) NTFS
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 149 GB) (Disk ID: EE411F60)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=148.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)