Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Weird login screen behavior from Windows 10

windows 10 password login fake login screen

  • Please log in to reply

#211
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,549 posts
  • MVP

Says it's a 64 bit system:

 

Platform: Windows 10 Home Version 1909 18363.1082 (X64) Language: English (United States)

 

 

 

Your Brave browser is not happy.  Why don't you try Firefox for a while.

 

Do you want me to tell FRST to remove Avira?


  • 0

Advertisements


#212
daba

daba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 367 posts

Yes please. Thx. Okay. Wilco.


  • 0

#213
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,549 posts
  • MVP

Download the attached fixlist.txt to the same location as FRST

Attached File  fixlist.txt   10.87KB   51 downloads

Run FRST and press Fix
A fix log will be generated please post that

Reboot if the fix doesn't reboot it for you

 

Go to Control Panel, Programs and Features.  Try to uninstall any that say Avira.  Expect they will say they have already been removed and ask if you want to remove the entry.  Say yes.

 

Right-click the file "avira_registry_cleaner_en.exe" that you previously saved on your desktop and select Run as administrator.

7. Click Accept.

8. Activate the Avira Antivirus control box.

9. Click Remove.

10. Close the program again.

11. Restart your computer.


Run FRST again but this time make sure Addition.txt is checked and hit Scan.  Post both logs.


 


  • 0

#214
daba

daba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 367 posts

I'm an idiot.Didnt hit post. TYpng vey bd.

Fix result of Farbar Recovery Scan Tool (x64) Version: 11-10-2020
Ran by David Jackson (12-10-2020 19:14:35) Run:12
Running from C:\Users\David Jackson\Desktop
Loaded Profiles: David Jackson
Boot Mode: Normal
==============================================

fixlist content:
*****************
CMD: sc stop AviraOptimizerHost
CMD: sc stop AviraPhantomVPN
CMD: sc stop AviraSecurity
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [704720 2020-09-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {21502A61-3EEA-4DD4-BEB9-730C9B04E2CE} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [30106496 2020-10-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {8BBD9E48-D1AD-4C50-9E18-A1023B11A20C} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1045976 2020-09-01] (Dell Inc. -> Dell Inc.)
Task: {8E9545BB-8354-41B5-B7EB-2FBE21D68677} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2020-07-21]
FF Extension: (Avast Online Security) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2020-04-10] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/aos/update.json]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [No File]
CHR Extension: (Avira Safe Shopping) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2020-09-10]
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2988544 2020-06-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [384544 2020-10-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AviraSecurity; "C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe" [X]
S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project)
Avira (HKLM-x32\...\{47430B15-7CE6-46CF-903E-B85CD2D29A7D}) (Version: 1.2.151.3852 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{f24507a8-a438-4e46-9563-6d53c727bd7e}) (Version: 1.2.151.3852 - Avira Operations GmbH & Co. KG) Hidden
Avira Software Updater (HKLM-x32\...\{073825B9-FF06-4690-8CE4-3C0B72036122}) (Version: 2.0.6.37231 - Avira Operations GmbH & Co. KG) Hidden
Unlock: C:\Program Files (x86)\Avira
C:\Program Files (x86)\Avira
Unlock: C:\ProgramData\Avira
C:\ProgramData\Avira
Unlock: C:\Documents and Settings\All Users\Application Data\Avira
C:\Documents and Settings\All Users\Application Data\Avira
Unlock: HKEY_LOCAL_MACHINE\SOFTWARE\AVIRA
REG: reg delete HKEY_LOCAL_MACHINE\SOFTWARE\AVIRA
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-09-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-09-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-09-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-09-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{6A8A7E34-5E25-4311-8DC5-984F064772DD}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{20A72F54-35A3-4FCA-AF11-82BDB8D7D0B1}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{6693D3E3-2768-4BBC-A6D6-2E0E27B38073}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
CMD: netsh winsock reset
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot:


*****************


========= sc stop AviraOptimizerHost =========


SERVICE_NAME: AviraOptimizerHost
        TYPE               : 10  WIN32_OWN_PROCESS  
        STATE              : 3  STOP_PENDING
                                (STOPPABLE, PAUSABLE, ACCEPTS_SHUTDOWN)
        WIN32_EXIT_CODE    : 0  (0x0)
        SERVICE_EXIT_CODE  : 0  (0x0)
        CHECKPOINT         : 0x0
        WAIT_HINT          : 0x1388

========= End of CMD: =========


========= sc stop AviraPhantomVPN =========


SERVICE_NAME: AviraPhantomVPN
        TYPE               : 10  WIN32_OWN_PROCESS  
        STATE              : 3  STOP_PENDING
                                (STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
        WIN32_EXIT_CODE    : 0  (0x0)
        SERVICE_EXIT_CODE  : 0  (0x0)
        CHECKPOINT         : 0x0
        WAIT_HINT          : 0x0

========= End of CMD: =========


========= sc stop AviraSecurity =========

[SC] ControlService FAILED 1062:

The service has not been started.


========= End of CMD: =========

[1556] C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe => process closed successfully.
[4072] C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe => process closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Avira SystrayStartTrigger" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{21502A61-3EEA-4DD4-BEB9-730C9B04E2CE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{21502A61-3EEA-4DD4-BEB9-730C9B04E2CE}" => removed successfully
C:\WINDOWS\System32\Tasks\AviraSystemSpeedupUpdate => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AviraSystemSpeedupUpdate" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8BBD9E48-D1AD-4C50-9E18-A1023B11A20C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8BBD9E48-D1AD-4C50-9E18-A1023B11A20C}" => removed successfully
C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AutoUpdate => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dell SupportAssistAgent AutoUpdate" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8E9545BB-8354-41B5-B7EB-2FBE21D68677}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E9545BB-8354-41B5-B7EB-2FBE21D68677}" => removed successfully
C:\WINDOWS\System32\Tasks\Avira_Security_Update => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avira_Security_Update" => removed successfully
C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] => moved successfully
C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] => moved successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf => removed successfully
CHR Extension: (Avira Safe Shopping) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2020-09-10] => Error: No automatic fix found for this entry.
HKLM\System\CurrentControlSet\Services\AviraOptimizerHost => removed successfully
AviraOptimizerHost => service removed successfully
AviraPhantomVPN => Unable to stop service.
HKLM\System\CurrentControlSet\Services\AviraPhantomVPN => removed successfully
AviraPhantomVPN => service removed successfully
HKLM\System\CurrentControlSet\Services\AviraSecurity => removed successfully
AviraSecurity => service removed successfully
HKLM\System\CurrentControlSet\Services\aftap0901 => removed successfully
aftap0901 => service removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{47430B15-7CE6-46CF-903E-B85CD2D29A7D}\\SystemComponent" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{f24507a8-a438-4e46-9563-6d53c727bd7e}\\SystemComponent" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{073825B9-FF06-4690-8CE4-3C0B72036122}\\SystemComponent" => removed successfully
"C:\Program Files (x86)\Avira" => was unlocked

"C:\Program Files (x86)\Avira" folder move:

Could not move "C:\Program Files (x86)\Avira" => Scheduled to move on reboot.

"C:\ProgramData\Avira" => was unlocked

"C:\ProgramData\Avira" folder move:

Could not move "C:\ProgramData\Avira" => Scheduled to move on reboot.

"C:\Documents and Settings\All Users\Application Data\Avira" => was unlocked

"C:\Documents and Settings\All Users\Application Data\Avira" folder move:

Could not move "C:\Documents and Settings\All Users\Application Data\Avira" => Scheduled to move on reboot.

"HKEY_LOCAL_MACHINE\SOFTWARE\AVIRA" => not found

========= reg delete HKEY_LOCAL_MACHINE\SOFTWARE\AVIRA =========

Permanently delete the registry key HKEY_LOCAL_MACHINE\SOFTWARE\AVIRA (Yes/No)? ERROR: The system was unable to find the specified registry key or value.


========= End of Reg: =========

HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SystemSpeedupFilesMenu => removed successfully
HKLM\Software\Classes\CLSID\{14cb2bd0-2375-3d10-9b5d-5e18865c8959} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\SystemSpeedupFoldersMenu => removed successfully
HKLM\Software\Classes\CLSID\{700866bb-c8e9-3e71-b359-abb28baed0e8} => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\SystemSpeedupDesktopMenu => removed successfully
HKLM\Software\Classes\CLSID\{0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SystemSpeedupFilesMenu => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6A8A7E34-5E25-4311-8DC5-984F064772DD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{20A72F54-35A3-4FCA-AF11-82BDB8D7D0B1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6693D3E3-2768-4BBC-A6D6-2E0E27B38073}" => removed successfully
"AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}" => removed successfully

========= netsh winsock reset =========


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= End of CMD: =========


========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========

Failed to clear log AirSpaceChannel.
The requested operation cannot be performed over an enabled direct channel. The channel must first be disabled.
Failed to clear log DebugChannel.
The requested operation cannot be performed over an enabled direct channel. The channel must first be disabled.
Failed to clear log Intel-SST-CFD-HDA/IntelSST.
The instance name passed was not recognized as valid by a WMI data provider.
Failed to clear log Microsoft-RMS-MSIPC/Debug.
The requested operation cannot be performed over an enabled direct channel. The channel must first be disabled.
Failed to clear log Microsoft-Windows-LiveId/Analytic.
Access is denied.
Failed to clear log Microsoft-Windows-LiveId/Operational.
Access is denied.
Failed to clear log Microsoft-Windows-USBVideo/Analytic.
The instance name passed was not recognized as valid by a WMI data provider.

========= End of CMD: =========


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 12-10-2020 19:20:18)

C:\Program Files (x86)\Avira => Is moved successfully
C:\ProgramData\Avira => Is moved successfully
C:\Documents and Settings\All Users\Application Data\Avira => Is moved successfully

==== End of Fixlog 19:20:21 ====


  • 0

#215
daba

daba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 367 posts
Typing on my cell. Laptop skipping bad. Avira Reg Fix says need to boot in Safe Mode. Tried with F8 yesterday, didn't work. Logs coming.
  • 0

#216
daba

daba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 367 posts

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-10-2020
Ran by David Jackson (administrator) on DAVIDDELL2 (Dell Inc. Vostro 3478) (12-10-2020 19:47:16)
Running from C:\Users\David Jackson\Desktop
Loaded Profiles: David Jackson
Platform: Windows 10 Home Version 1909 18363.1082 (X64) Language: English (United States)
Default browser: "C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe" --single-argument %1
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPUF.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0359160.inf_amd64_77f1d6913ff60c38\B358802\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0359160.inf_amd64_77f1d6913ff60c38\B358802\atiesrxx.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\atiw.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(F.lux Software LLC -> f.lux Software LLC) C:\Users\David Jackson\AppData\Local\FluxSoftware\Flux\flux.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® pGFX 2020 -> ) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_cf129e457c51e71b\OneApp.IGCC.WinService.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0ff9f497187b8bed\igfxCUIService.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0ff9f497187b8bed\igfxEM.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_020c2c7d3ac4a7d3\IntelCpHDCPSvc.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_020c2c7d3ac4a7d3\IntelCpHeciSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2009.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2009.7-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <6>
(Open-Shell) [File not signed] C:\Program Files\Open-Shell\StartMenu.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7193.611\DSAPI.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Open-Shell Start Menu] => C:\Program Files\Open-Shell\StartMenu.exe [216576 2018-08-18] (Open-Shell) [File not signed]
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [318920 2019-05-30] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => c:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1235160 2019-09-26] (Waves Inc -> Waves Audio Ltd.)
HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\Run: [f.lux] => C:\Users\David Jackson\AppData\Local\FluxSoftware\Flux\flux.exe [1469968 2020-06-17] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe [2095272 2020-10-07] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.121\Installer\chrmstp.exe [2020-09-23] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\86.1.15.72\Installer\chrmstp.exe [2020-10-07] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {044E1B9A-370F-4F6F-BADB-0A0F0DA37B38} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-09-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {11FCF4AA-3F7D-4378-967A-F69D76B06EE6} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_pepper.exe [1497656 2020-09-08] (Adobe Inc. -> Adobe)
Task: {1628DE49-B22E-47A2-9958-9B7685BB85C5} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {1EC872FD-257A-42A2-A96F-1FE2A48525A3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1FEE1AB6-7875-4C51-8A22-DFEA95CAE2DE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {2D9B5C67-AA2D-4FE1-8F01-EEA440144BCF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {529BF201-0512-4F97-A595-3A1659566AD9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5FC8279F-34E1-4E48-96E4-05997EF10D17} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {74F7F83F-2E3D-47E4-AB60-9AD942D901C5} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {75198F92-0F54-4164-926B-3AA5947FE1E3} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {85493095-4007-4EB6-9694-D88CFAE7F7AE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {88ED97AE-1C6D-4D2A-9146-CCA89DD15351} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645240 2020-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {8A38CDAD-EF90-4699-B677-E6471EE6F8F7} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-09-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {8A408B5D-FB1B-4DEC-B6C8-7B2A2CC01B52} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-09-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {8EEC5CF0-6E3A-4C54-8E3A-812E083C98B1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {8EEF8BDB-7F61-42CC-AAB2-4D3F723DAA43} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645240 2020-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {9501F0CA-ADFF-4560-8128-A85B9067C8B7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A2E715DF-301D-4D24-868D-15650F4A0840} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645240 2020-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {BB8CD43C-4901-4FC2-AA25-E43E380B45FF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-24] (Google LLC -> Google LLC)
Task: {DCA8B5F6-E9BC-44A1-B703-96C3D0C61484} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {E38E129F-E321-4A15-B8F3-5D84AD3E8B3D} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [664784 2020-10-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {E7611AFD-1B56-4D55-AE60-0C0DE6CB3B2D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-24] (Google LLC -> Google LLC)
Task: {EC8B1B18-0FAC-4DC3-9501-10DB2041BDAC} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-08] (Adobe Inc. -> Adobe)
Task: {F3BD7406-3407-4868-B770-5B166A045ADE} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.254
Tcpip\..\Interfaces\{8c70cad8-062e-4f13-8ce5-2a31ab038f35}: [DhcpNameServer] 10.0.0.254
Tcpip\..\Interfaces\{b3d91cbd-008e-4ca0-a438-0fc4de714817}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{e74bf68f-123f-41dc-be80-cfca9c0eab71}: [DhcpNameServer] 192.168.88.1 192.168.1.1

FireFox:
========
FF DefaultProfile: 58x27176.default-1552496324060
FF ProfilePath: C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060 [2020-10-12]
FF Extension: (Clear Cache) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2019-07-10]
FF Extension: (Reverso – Translation, dictionary) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2020-07-21]
FF Extension: (Simple Translate) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2020-05-11]
FF Extension: (uBlock Origin) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2020-10-12]
FF Extension: (Startpage.com — Private Search Engine) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\{20fc2e06-e3e4-4b2b-812b-ab431220cada}.xpi [2019-10-27]
FF Extension: (Zhongwen: Chinese-English Dictionary) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\{b65c7bc6-846b-4f65-b6ed-099d7e042309}.xpi [2019-03-14] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-09-11] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default [2020-10-11]
CHR Extension: (Slides) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-24]
CHR Extension: (Docs) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-24]
CHR Extension: (Google Drive) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-04-24]
CHR Extension: (YouTube) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-24]
CHR Extension: (Avira Safe Shopping) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2020-09-10]
CHR Extension: (uBlock Origin) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-09-27]
CHR Extension: (Sheets) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-24]
CHR Extension: (Google Docs Offline) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-27]
CHR Extension: (Avast Online Security) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-09-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-24]
CHR Extension: (Gmail) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-04-24]
CHR Extension: (Chrome Media Router) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-10]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-08] (Adobe Inc. -> Adobe)
R2 AUEPLauncher; C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPLauncher.exe [61624 2020-09-10] (Advanced Micro Devices, Inc. -> AMD)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [284720 2020-08-08] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3563568 2020-08-08] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [490032 2020-08-08] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [40656 2020-04-09] (Dell Inc -> )
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7193.611\DSAPI.exe [987632 2020-10-10] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [37056 2020-07-29] (Dell Inc -> )
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31704 2020-09-01] (Dell Inc. -> Dell Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\NisSrv.exe [2372048 2020-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MsMpEng.exe [128376 2020-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 asvpndrv; C:\WINDOWS\System32\drivers\asvpndrv.sys [31744 2014-05-18] (Astrill -> Astrill)
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [42376 2020-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
U5 PROCMON24; C:\Windows\System32\Drivers\PROCMON24.sys [97176 2019-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Sysinternals - www.sysinternals.com)
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 rspWhySoSlow; C:\WINDOWS\System32\DRIVERS\rspWhy64.sys [28928 2016-12-17] (Daniel Terhell -> Resplendence Software Projects Sp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-10-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [428264 2020-10-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69864 2020-10-11] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-12 19:47 - 2020-10-12 19:49 - 000023804 _____ C:\Users\David Jackson\Desktop\FRST.txt
2020-10-12 19:42 - 2020-10-12 19:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-10-12 19:40 - 2020-10-12 19:40 - 000003132 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2020-10-12 19:40 - 2020-10-12 19:40 - 000003118 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2020-10-12 19:22 - 2020-10-12 19:42 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-10-12 19:14 - 2020-10-12 19:20 - 000014347 _____ C:\Users\David Jackson\Desktop\Fixlog.txt
2020-10-12 13:32 - 2020-10-12 13:32 - 002299392 _____ (Farbar) C:\Users\David Jackson\Desktop\FRST64 (1).exe
2020-10-12 12:21 - 2020-10-12 12:27 - 383118040 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Intel-HD-Graphics-Driver_82KT0_WIN_26.20.100.7263_A04 (1).EXE
2020-10-12 12:07 - 2020-10-12 12:07 - 000000000 ____D C:\WINDOWS\system32\ihvmanager
2020-10-12 11:54 - 2020-10-12 12:00 - 383118040 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Intel-HD-Graphics-Driver_82KT0_WIN_26.20.100.7263_A04.EXE
2020-10-12 11:51 - 2020-10-12 11:51 - 000610384 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\SupportAssistLauncher (1).exe
2020-10-12 11:40 - 2020-10-12 11:41 - 103156624 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Qualcomm-QCA61x4A-QCA9377-WiFi-and-Bluetooth-Driver_4747J_WIN_12.0.0.916_A33 (1).EXE
2020-10-11 23:21 - 2020-10-11 23:21 - 014363136 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\SupportAssist-Update-Plugin-Application_VN1DC_WIN_5.2.1.12926_A00.EXE
2020-10-11 23:10 - 2020-10-11 23:10 - 000000000 ____D C:\WINDOWS\{11A89B9C-E4A8-479A-9C38-07489C2FC153}
2020-10-11 23:09 - 2020-10-11 23:10 - 026781280 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Dell-Update-Application-for-Windows-10_26GC8_WIN_3.1.3_A00.EXE
2020-10-11 23:07 - 2020-10-11 23:07 - 010339496 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Dell-Mobile-Connect-Driver_6YDGY_WIN_3.1_A00.EXE
2020-10-11 23:04 - 2020-10-12 19:41 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2020-10-11 23:04 - 2020-10-11 23:04 - 000000000 ____D C:\Program Files (x86)\DummyDir
2020-10-11 23:00 - 2020-10-11 23:02 - 084948256 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Dell-Alienware-Digital-Delivery-Application_9MRKW_WIN_4.0.52.0_A17.EXE
2020-10-11 22:53 - 2020-10-11 22:53 - 000001077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves MaxxAudioPro.lnk
2020-10-11 22:53 - 2020-10-11 22:53 - 000000000 ____D C:\Program Files\Waves
2020-10-11 22:51 - 2020-10-11 22:52 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2020-10-11 22:47 - 2020-02-17 23:36 - 024942088 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioCapture64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 024161688 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRenderAVX64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 024063104 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRender64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 007272536 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2020-10-11 22:47 - 2020-02-17 23:36 - 003793640 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioMeters64.exe
2020-10-11 22:47 - 2020-02-17 23:36 - 003769296 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 003676960 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2020-10-11 22:47 - 2020-02-17 23:36 - 003353720 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 003159672 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 002930048 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 001353216 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 000692056 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 000575080 _____ (Intel Corporation) C:\WINDOWS\system32\tbb_waves.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 000343600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 000240024 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTHDASIO64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 000200600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RTHDASIO.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 000192872 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 000023584 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2020-10-11 22:47 - 2020-02-17 23:22 - 038528612 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2020-10-11 22:47 - 2018-01-08 04:04 - 005804772 _____ C:\WINDOWS\system32\Drivers\rtvienna.dat
2020-10-11 22:43 - 2019-12-19 15:07 - 002877104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2020-10-11 22:38 - 2020-10-11 22:54 - 000000000 ___HD C:\Program Files (x86)\Temp
2020-10-11 22:37 - 2020-10-11 22:37 - 000019632 _____ C:\WINDOWS\SysWOW64\RtkMsgs.dll
2020-10-11 22:23 - 2020-10-11 22:31 - 490330584 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Realtek-High-Definition-Audio-Driver_MM88C_WIN_6.0.8895.1_A16.EXE
2020-10-11 22:23 - 2020-10-11 22:23 - 012362680 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Intel-Chipset-Device-Software_5MPRF_WIN_10.1.18121.8164_A09.EXE
2020-10-11 22:12 - 2020-10-11 22:13 - 097367512 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Intel-Management-Engine-Interface-Driver_V0N4T_WIN_1932.12.0.1298_A03.EXE
2020-10-11 22:12 - 2020-10-11 22:12 - 006705368 _____ C:\Users\David Jackson\Downloads\Vostro_3478_3578_Inspiron_3476_3576_1.10.0.exe
2020-10-11 18:26 - 2020-10-11 18:27 - 000000000 ____D C:\Users\Public\Speedup Sessions
2020-10-11 18:24 - 2020-10-11 18:25 - 004434320 _____ (Avira Operations GmbH & Co. KG) C:\Users\David Jackson\Downloads\avira_en_sptl1_cbc6c5b27d137256__pavws-spotlight-release.exe
2020-10-11 18:13 - 2020-10-11 18:13 - 003181960 _____ (Avira Operations GmbH & Co. KG) C:\Users\David Jackson\Desktop\avira_registry_cleaner_en.exe
2020-10-11 13:12 - 2020-10-11 13:12 - 000000000 ____D C:\Users\David Jackson\Documents\TotalAV
2020-10-11 13:08 - 2020-10-11 13:08 - 000000000 ____D C:\ProgramData\SecuritySuite
2020-10-11 12:55 - 2020-10-11 12:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
2020-10-11 12:50 - 2020-10-11 12:50 - 013988288 _____ C:\Users\David Jackson\Downloads\TotalAV_Setup.exe
2020-10-11 00:07 - 2020-10-11 00:07 - 000158535 _____ C:\Users\David Jackson\Downloads\87866-795042.lies-students-hear.pdf
2020-10-10 20:32 - 2020-10-10 20:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2020-10-10 20:29 - 2020-10-10 20:29 - 000000000 _____ C:\WINDOWS\invcol.tmp
2020-10-10 20:27 - 2020-10-10 20:27 - 000000000 ____D C:\Program Files (x86)\Dell
2020-10-10 20:26 - 2020-10-10 20:26 - 000000000 ____D C:\ProgramData\SupportAssist
2020-10-10 20:25 - 2020-10-10 20:25 - 000610384 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\SupportAssistLauncher.exe
2020-10-09 11:22 - 2020-10-09 11:22 - 000003304 _____ C:\WINDOWS\system32\Tasks\StartCNBM
2020-10-08 18:38 - 2020-10-08 18:38 - 000003194 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2020-10-08 18:37 - 2020-10-08 18:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software
2020-10-08 18:36 - 2020-10-08 18:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2020-10-08 18:18 - 2020-09-28 17:28 - 001753712 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-10-08 18:18 - 2020-09-28 17:28 - 001753712 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-10-08 18:18 - 2020-09-28 17:28 - 001593456 _____ (AMD) C:\WINDOWS\system32\coinst_20.20.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 001359472 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-10-08 18:18 - 2020-09-28 17:28 - 001359472 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-10-08 18:18 - 2020-09-28 17:28 - 001047792 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 001047792 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000910248 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000910248 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000736880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000621168 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000496752 _____ C:\WINDOWS\system32\GameManager64.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000493168 _____ C:\WINDOWS\system32\dgtrayicon.exe
2020-10-08 18:18 - 2020-09-28 17:28 - 000380016 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000186992 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000166512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000156784 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000142448 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000046704 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000043632 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000019784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000019784 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 004631664 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 004156016 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 001783408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 001344624 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 001344624 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000761456 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2020-10-08 18:18 - 2020-09-28 17:27 - 000468592 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000456304 _____ C:\WINDOWS\system32\atieah64.exe
2020-10-08 18:18 - 2020-09-28 17:27 - 000351856 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2020-10-08 18:18 - 2020-09-28 17:27 - 000339568 _____ C:\WINDOWS\system32\clinfo.exe
2020-10-08 18:18 - 2020-09-28 17:27 - 000245360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000213104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000182400 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000167024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000158648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000140912 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000135792 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000125552 _____ C:\WINDOWS\system32\atidxx64.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000107632 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000070256 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2020-10-08 18:18 - 2020-09-28 17:26 - 000130232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2020-10-08 18:18 - 2020-09-28 17:26 - 000108248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2020-10-08 18:18 - 2020-09-28 16:26 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2020-10-08 18:18 - 2020-09-28 16:26 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2020-10-08 18:18 - 2020-09-28 16:26 - 000548096 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2020-10-08 18:18 - 2020-09-28 16:26 - 000548096 _____ C:\WINDOWS\system32\atiapfxx.blb
2020-10-08 18:18 - 2020-09-23 15:43 - 000510368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdfendrsr.exe
2020-10-08 18:18 - 2020-09-23 15:43 - 000088992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdfendr.sys
2020-10-08 18:18 - 2020-07-27 08:41 - 000062056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdxe.sys
2020-10-08 18:17 - 2020-09-28 17:27 - 072714352 _____ C:\WINDOWS\system32\amd_comgr.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 060127344 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 000941168 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 000768624 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 000553584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 000383600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 000134768 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 000122480 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 000120432 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 000107120 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000546800 _____ C:\WINDOWS\system32\amdmiracast.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000489584 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000380016 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000198832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000167912 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000135928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000130232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000120264 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000108248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2020-10-08 14:45 - 2020-10-08 14:45 - 002779059 _____ C:\Users\David Jackson\Downloads\i-to-i-tefl-level-5-180-hour-course-guide.pdf
2020-10-02 23:21 - 2020-10-02 23:22 - 103156624 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Qualcomm-QCA61x4A-QCA9377-WiFi-and-Bluetooth-Driver_4747J_WIN_12.0.0.916_A33.EXE
2020-10-01 11:44 - 2020-10-01 11:44 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-10-01 11:44 - 2020-09-10 18:14 - 000905528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2020-10-01 11:44 - 2020-09-10 18:14 - 000436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2020-09-28 08:40 - 2020-10-12 13:32 - 000000000 ____D C:\Users\David Jackson\Desktop\FRST-OlderVersion
2020-09-24 16:31 - 2020-09-24 16:31 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-09-24 16:31 - 2020-09-24 16:31 - 000002144 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-09-23 12:36 - 2020-10-12 19:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-09-14 13:16 - 2020-09-14 13:16 - 000000000 ____D C:\Users\David Jackson\AppData\Roaming\Macromedia
2020-09-14 13:09 - 2020-09-14 13:09 - 000002132 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2020-09-14 13:09 - 2020-09-14 13:09 - 000002132 _____ C:\ProgramData\Desktop\Acrobat Reader DC.lnk
2020-09-14 12:33 - 2019-06-07 13:20 - 000687943 _____ C:\Users\David Jackson\Desktop\Passport scan.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-12 19:48 - 2020-01-24 00:15 - 000000000 ____D C:\FRST
2020-10-12 19:48 - 2019-01-30 23:19 - 000000000 ____D C:\ProgramData\Mozilla
2020-10-12 19:46 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-10-12 19:44 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-10-12 19:42 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Registration
2020-10-12 19:42 - 2018-10-17 11:02 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-10-12 19:42 - 2018-10-17 11:02 - 000000000 ____D C:\Users\David Jackson\AppData\LocalLow\Mozilla
2020-10-12 19:42 - 2018-10-17 11:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-10-12 19:40 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-10-12 19:39 - 2018-10-17 11:39 - 000000000 __SHD C:\Users\David Jackson\IntelGraphicsProfiles
2020-10-12 19:38 - 2019-08-25 23:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-10-12 19:37 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-10-12 19:36 - 2019-10-06 14:14 - 000000000 ____D C:\Users\David Jackson\AppData\Local\OpenShell
2020-10-12 19:29 - 2019-03-13 22:07 - 000000000 ____D C:\ProgramData\Package Cache
2020-10-12 18:53 - 2019-08-25 22:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-10-12 12:27 - 2018-12-19 10:36 - 000000000 ____D C:\Users\David Jackson\AppData\Local\CrashDumps
2020-10-12 12:09 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-10-12 12:08 - 2019-10-04 15:23 - 000000000 ____D C:\Program Files (x86)\Qualcomm
2020-10-12 11:28 - 2020-03-05 15:22 - 000735058 _____ C:\WINDOWS\system32\perfh010.dat
2020-10-12 11:28 - 2020-03-05 15:22 - 000135432 _____ C:\WINDOWS\system32\perfc010.dat
2020-10-12 11:28 - 2020-01-14 21:53 - 000745756 _____ C:\WINDOWS\system32\perfh00C.dat
2020-10-12 11:28 - 2020-01-14 21:53 - 000139160 _____ C:\WINDOWS\system32\perfc00C.dat
2020-10-12 11:28 - 2020-01-14 21:35 - 000696098 _____ C:\WINDOWS\system32\perfh007.dat
2020-10-12 11:28 - 2020-01-14 21:35 - 000139468 _____ C:\WINDOWS\system32\perfc007.dat
2020-10-12 11:28 - 2019-08-26 08:17 - 000395550 _____ C:\WINDOWS\system32\prfh0804.dat
2020-10-12 11:28 - 2019-08-26 08:17 - 000122334 _____ C:\WINDOWS\system32\prfc0804.dat
2020-10-12 11:28 - 2019-08-25 23:03 - 003916954 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-10-12 11:27 - 2019-03-13 22:08 - 000000000 ____D C:\Program Files (x86)\Intel
2020-10-12 11:27 - 2018-10-17 11:32 - 000000000 ____D C:\ProgramData\Intel
2020-10-12 11:27 - 2018-10-17 11:32 - 000000000 ____D C:\Program Files\Intel
2020-10-12 11:16 - 2018-11-01 14:56 - 000000000 ____D C:\Users\David Jackson\AppData\Local\PlaceholderTileLogoFolder
2020-10-12 10:12 - 2019-10-04 15:22 - 000000000 ____D C:\ProgramData\Dell
2020-10-11 23:22 - 2019-10-08 22:42 - 000000000 ____D C:\Program Files\Dell
2020-10-11 23:08 - 2019-04-27 12:01 - 000000000 ____D C:\Users\David Jackson\AppData\Local\Downloaded Installations
2020-10-11 22:53 - 2018-10-17 08:52 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2020-10-11 22:53 - 2018-10-17 08:52 - 000000000 ____D C:\WINDOWS\system32\RTCOM
2020-10-11 22:46 - 2019-10-04 15:22 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-10-11 13:06 - 2019-10-08 22:52 - 000000000 ____D C:\ProgramData\PCDr
2020-10-11 12:58 - 2018-10-18 10:25 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-10-11 12:54 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-10-10 20:30 - 2019-10-08 22:43 - 000000000 ____D C:\Users\David Jackson\AppData\Local\Dell Inc
2020-10-10 20:07 - 2019-10-07 12:18 - 000016560 _____ C:\VEW.txt
2020-10-10 18:13 - 2018-10-17 11:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-10-10 12:19 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-10-09 19:25 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-10-09 11:22 - 2018-10-17 11:31 - 000000000 ____D C:\Program Files\AMD
2020-10-08 18:37 - 2020-01-30 14:14 - 000003160 _____ C:\WINDOWS\system32\Tasks\StartCN
2020-10-08 18:37 - 2020-01-30 14:14 - 000003080 _____ C:\WINDOWS\system32\Tasks\StartDVR
2020-10-08 18:29 - 2020-06-10 10:38 - 000000000 ____D C:\WINDOWS\system32\AMD
2020-10-08 18:18 - 2020-02-14 10:27 - 000000000 ____D C:\AMD
2020-10-07 20:21 - 2020-05-11 12:00 - 000002424 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2020-10-07 20:21 - 2020-05-11 12:00 - 000002383 _____ C:\Users\Public\Desktop\Brave.lnk
2020-10-07 20:21 - 2020-05-11 12:00 - 000002383 _____ C:\ProgramData\Desktop\Brave.lnk
2020-10-06 21:59 - 2018-10-17 10:44 - 000000000 ____D C:\Users\David Jackson\AppData\Roaming\vlc
2020-09-27 18:23 - 2020-09-02 22:12 - 000000000 ____D C:\Users\Public\Security Sessions
2020-09-23 19:57 - 2020-04-24 13:53 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-23 19:57 - 2020-04-24 13:53 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-09-23 19:57 - 2020-04-24 13:53 - 000002262 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-09-14 13:11 - 2019-01-12 22:37 - 000000000 ____D C:\Users\David Jackson\AppData\Local\Adobe
2020-09-14 13:08 - 2019-06-11 19:34 - 000000000 ____D C:\Program Files (x86)\Adobe

==================== Files in the root of some directories ========

2019-01-27 14:38 - 2019-01-27 14:48 - 000000094 _____ () C:\Users\David Jackson\AppData\Roaming\AlamySizeCheck Preferences
2019-03-15 01:43 - 2019-03-15 01:43 - 039718141 _____ () C:\Users\David Jackson\AppData\Local\Ahiramto

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


  • 0

#217
daba

daba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 367 posts

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-10-2020
Ran by David Jackson (administrator) on DAVIDDELL2 (Dell Inc. Vostro 3478) (12-10-2020 19:47:16)
Running from C:\Users\David Jackson\Desktop
Loaded Profiles: David Jackson
Platform: Windows 10 Home Version 1909 18363.1082 (X64) Language: English (United States)
Default browser: "C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe" --single-argument %1
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPUF.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0359160.inf_amd64_77f1d6913ff60c38\B358802\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0359160.inf_amd64_77f1d6913ff60c38\B358802\atiesrxx.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\atiw.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(F.lux Software LLC -> f.lux Software LLC) C:\Users\David Jackson\AppData\Local\FluxSoftware\Flux\flux.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® pGFX 2020 -> ) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_cf129e457c51e71b\OneApp.IGCC.WinService.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0ff9f497187b8bed\igfxCUIService.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0ff9f497187b8bed\igfxEM.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_020c2c7d3ac4a7d3\IntelCpHDCPSvc.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_020c2c7d3ac4a7d3\IntelCpHeciSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2009.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2009.7-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <6>
(Open-Shell) [File not signed] C:\Program Files\Open-Shell\StartMenu.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7193.611\DSAPI.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Open-Shell Start Menu] => C:\Program Files\Open-Shell\StartMenu.exe [216576 2018-08-18] (Open-Shell) [File not signed]
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [318920 2019-05-30] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => c:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1235160 2019-09-26] (Waves Inc -> Waves Audio Ltd.)
HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\Run: [f.lux] => C:\Users\David Jackson\AppData\Local\FluxSoftware\Flux\flux.exe [1469968 2020-06-17] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe [2095272 2020-10-07] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.121\Installer\chrmstp.exe [2020-09-23] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\86.1.15.72\Installer\chrmstp.exe [2020-10-07] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {044E1B9A-370F-4F6F-BADB-0A0F0DA37B38} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-09-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {11FCF4AA-3F7D-4378-967A-F69D76B06EE6} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_pepper.exe [1497656 2020-09-08] (Adobe Inc. -> Adobe)
Task: {1628DE49-B22E-47A2-9958-9B7685BB85C5} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {1EC872FD-257A-42A2-A96F-1FE2A48525A3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1FEE1AB6-7875-4C51-8A22-DFEA95CAE2DE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {2D9B5C67-AA2D-4FE1-8F01-EEA440144BCF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {529BF201-0512-4F97-A595-3A1659566AD9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5FC8279F-34E1-4E48-96E4-05997EF10D17} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {74F7F83F-2E3D-47E4-AB60-9AD942D901C5} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {75198F92-0F54-4164-926B-3AA5947FE1E3} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {85493095-4007-4EB6-9694-D88CFAE7F7AE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {88ED97AE-1C6D-4D2A-9146-CCA89DD15351} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645240 2020-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {8A38CDAD-EF90-4699-B677-E6471EE6F8F7} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-09-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {8A408B5D-FB1B-4DEC-B6C8-7B2A2CC01B52} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-09-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {8EEC5CF0-6E3A-4C54-8E3A-812E083C98B1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {8EEF8BDB-7F61-42CC-AAB2-4D3F723DAA43} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645240 2020-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {9501F0CA-ADFF-4560-8128-A85B9067C8B7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A2E715DF-301D-4D24-868D-15650F4A0840} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645240 2020-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {BB8CD43C-4901-4FC2-AA25-E43E380B45FF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-24] (Google LLC -> Google LLC)
Task: {DCA8B5F6-E9BC-44A1-B703-96C3D0C61484} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {E38E129F-E321-4A15-B8F3-5D84AD3E8B3D} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [664784 2020-10-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {E7611AFD-1B56-4D55-AE60-0C0DE6CB3B2D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-24] (Google LLC -> Google LLC)
Task: {EC8B1B18-0FAC-4DC3-9501-10DB2041BDAC} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-08] (Adobe Inc. -> Adobe)
Task: {F3BD7406-3407-4868-B770-5B166A045ADE} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.254
Tcpip\..\Interfaces\{8c70cad8-062e-4f13-8ce5-2a31ab038f35}: [DhcpNameServer] 10.0.0.254
Tcpip\..\Interfaces\{b3d91cbd-008e-4ca0-a438-0fc4de714817}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{e74bf68f-123f-41dc-be80-cfca9c0eab71}: [DhcpNameServer] 192.168.88.1 192.168.1.1

FireFox:
========
FF DefaultProfile: 58x27176.default-1552496324060
FF ProfilePath: C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060 [2020-10-12]
FF Extension: (Clear Cache) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2019-07-10]
FF Extension: (Reverso – Translation, dictionary) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2020-07-21]
FF Extension: (Simple Translate) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2020-05-11]
FF Extension: (uBlock Origin) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2020-10-12]
FF Extension: (Startpage.com — Private Search Engine) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\{20fc2e06-e3e4-4b2b-812b-ab431220cada}.xpi [2019-10-27]
FF Extension: (Zhongwen: Chinese-English Dictionary) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\{b65c7bc6-846b-4f65-b6ed-099d7e042309}.xpi [2019-03-14] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-09-11] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default [2020-10-11]
CHR Extension: (Slides) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-24]
CHR Extension: (Docs) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-24]
CHR Extension: (Google Drive) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-04-24]
CHR Extension: (YouTube) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-24]
CHR Extension: (Avira Safe Shopping) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2020-09-10]
CHR Extension: (uBlock Origin) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-09-27]
CHR Extension: (Sheets) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-24]
CHR Extension: (Google Docs Offline) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-27]
CHR Extension: (Avast Online Security) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-09-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-24]
CHR Extension: (Gmail) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-04-24]
CHR Extension: (Chrome Media Router) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-10]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-08] (Adobe Inc. -> Adobe)
R2 AUEPLauncher; C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPLauncher.exe [61624 2020-09-10] (Advanced Micro Devices, Inc. -> AMD)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [284720 2020-08-08] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3563568 2020-08-08] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [490032 2020-08-08] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [40656 2020-04-09] (Dell Inc -> )
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7193.611\DSAPI.exe [987632 2020-10-10] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [37056 2020-07-29] (Dell Inc -> )
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31704 2020-09-01] (Dell Inc. -> Dell Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\NisSrv.exe [2372048 2020-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MsMpEng.exe [128376 2020-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 asvpndrv; C:\WINDOWS\System32\drivers\asvpndrv.sys [31744 2014-05-18] (Astrill -> Astrill)
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [42376 2020-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
U5 PROCMON24; C:\Windows\System32\Drivers\PROCMON24.sys [97176 2019-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Sysinternals - www.sysinternals.com)
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 rspWhySoSlow; C:\WINDOWS\System32\DRIVERS\rspWhy64.sys [28928 2016-12-17] (Daniel Terhell -> Resplendence Software Projects Sp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-10-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [428264 2020-10-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69864 2020-10-11] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-12 19:47 - 2020-10-12 19:49 - 000023804 _____ C:\Users\David Jackson\Desktop\FRST.txt
2020-10-12 19:42 - 2020-10-12 19:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-10-12 19:40 - 2020-10-12 19:40 - 000003132 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2020-10-12 19:40 - 2020-10-12 19:40 - 000003118 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2020-10-12 19:22 - 2020-10-12 19:42 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-10-12 19:14 - 2020-10-12 19:20 - 000014347 _____ C:\Users\David Jackson\Desktop\Fixlog.txt
2020-10-12 13:32 - 2020-10-12 13:32 - 002299392 _____ (Farbar) C:\Users\David Jackson\Desktop\FRST64 (1).exe
2020-10-12 12:21 - 2020-10-12 12:27 - 383118040 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Intel-HD-Graphics-Driver_82KT0_WIN_26.20.100.7263_A04 (1).EXE
2020-10-12 12:07 - 2020-10-12 12:07 - 000000000 ____D C:\WINDOWS\system32\ihvmanager
2020-10-12 11:54 - 2020-10-12 12:00 - 383118040 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Intel-HD-Graphics-Driver_82KT0_WIN_26.20.100.7263_A04.EXE
2020-10-12 11:51 - 2020-10-12 11:51 - 000610384 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\SupportAssistLauncher (1).exe
2020-10-12 11:40 - 2020-10-12 11:41 - 103156624 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Qualcomm-QCA61x4A-QCA9377-WiFi-and-Bluetooth-Driver_4747J_WIN_12.0.0.916_A33 (1).EXE
2020-10-11 23:21 - 2020-10-11 23:21 - 014363136 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\SupportAssist-Update-Plugin-Application_VN1DC_WIN_5.2.1.12926_A00.EXE
2020-10-11 23:10 - 2020-10-11 23:10 - 000000000 ____D C:\WINDOWS\{11A89B9C-E4A8-479A-9C38-07489C2FC153}
2020-10-11 23:09 - 2020-10-11 23:10 - 026781280 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Dell-Update-Application-for-Windows-10_26GC8_WIN_3.1.3_A00.EXE
2020-10-11 23:07 - 2020-10-11 23:07 - 010339496 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Dell-Mobile-Connect-Driver_6YDGY_WIN_3.1_A00.EXE
2020-10-11 23:04 - 2020-10-12 19:41 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2020-10-11 23:04 - 2020-10-11 23:04 - 000000000 ____D C:\Program Files (x86)\DummyDir
2020-10-11 23:00 - 2020-10-11 23:02 - 084948256 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Dell-Alienware-Digital-Delivery-Application_9MRKW_WIN_4.0.52.0_A17.EXE
2020-10-11 22:53 - 2020-10-11 22:53 - 000001077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves MaxxAudioPro.lnk
2020-10-11 22:53 - 2020-10-11 22:53 - 000000000 ____D C:\Program Files\Waves
2020-10-11 22:51 - 2020-10-11 22:52 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2020-10-11 22:47 - 2020-02-17 23:36 - 024942088 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioCapture64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 024161688 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRenderAVX64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 024063104 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRender64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 007272536 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2020-10-11 22:47 - 2020-02-17 23:36 - 003793640 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioMeters64.exe
2020-10-11 22:47 - 2020-02-17 23:36 - 003769296 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 003676960 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2020-10-11 22:47 - 2020-02-17 23:36 - 003353720 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 003159672 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 002930048 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 001353216 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 000692056 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 000575080 _____ (Intel Corporation) C:\WINDOWS\system32\tbb_waves.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 000343600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 000240024 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTHDASIO64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 000200600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RTHDASIO.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 000192872 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 000023584 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2020-10-11 22:47 - 2020-02-17 23:22 - 038528612 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2020-10-11 22:47 - 2018-01-08 04:04 - 005804772 _____ C:\WINDOWS\system32\Drivers\rtvienna.dat
2020-10-11 22:43 - 2019-12-19 15:07 - 002877104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2020-10-11 22:38 - 2020-10-11 22:54 - 000000000 ___HD C:\Program Files (x86)\Temp
2020-10-11 22:37 - 2020-10-11 22:37 - 000019632 _____ C:\WINDOWS\SysWOW64\RtkMsgs.dll
2020-10-11 22:23 - 2020-10-11 22:31 - 490330584 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Realtek-High-Definition-Audio-Driver_MM88C_WIN_6.0.8895.1_A16.EXE
2020-10-11 22:23 - 2020-10-11 22:23 - 012362680 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Intel-Chipset-Device-Software_5MPRF_WIN_10.1.18121.8164_A09.EXE
2020-10-11 22:12 - 2020-10-11 22:13 - 097367512 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Intel-Management-Engine-Interface-Driver_V0N4T_WIN_1932.12.0.1298_A03.EXE
2020-10-11 22:12 - 2020-10-11 22:12 - 006705368 _____ C:\Users\David Jackson\Downloads\Vostro_3478_3578_Inspiron_3476_3576_1.10.0.exe
2020-10-11 18:26 - 2020-10-11 18:27 - 000000000 ____D C:\Users\Public\Speedup Sessions
2020-10-11 18:24 - 2020-10-11 18:25 - 004434320 _____ (Avira Operations GmbH & Co. KG) C:\Users\David Jackson\Downloads\avira_en_sptl1_cbc6c5b27d137256__pavws-spotlight-release.exe
2020-10-11 18:13 - 2020-10-11 18:13 - 003181960 _____ (Avira Operations GmbH & Co. KG) C:\Users\David Jackson\Desktop\avira_registry_cleaner_en.exe
2020-10-11 13:12 - 2020-10-11 13:12 - 000000000 ____D C:\Users\David Jackson\Documents\TotalAV
2020-10-11 13:08 - 2020-10-11 13:08 - 000000000 ____D C:\ProgramData\SecuritySuite
2020-10-11 12:55 - 2020-10-11 12:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
2020-10-11 12:50 - 2020-10-11 12:50 - 013988288 _____ C:\Users\David Jackson\Downloads\TotalAV_Setup.exe
2020-10-11 00:07 - 2020-10-11 00:07 - 000158535 _____ C:\Users\David Jackson\Downloads\87866-795042.lies-students-hear.pdf
2020-10-10 20:32 - 2020-10-10 20:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2020-10-10 20:29 - 2020-10-10 20:29 - 000000000 _____ C:\WINDOWS\invcol.tmp
2020-10-10 20:27 - 2020-10-10 20:27 - 000000000 ____D C:\Program Files (x86)\Dell
2020-10-10 20:26 - 2020-10-10 20:26 - 000000000 ____D C:\ProgramData\SupportAssist
2020-10-10 20:25 - 2020-10-10 20:25 - 000610384 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\SupportAssistLauncher.exe
2020-10-09 11:22 - 2020-10-09 11:22 - 000003304 _____ C:\WINDOWS\system32\Tasks\StartCNBM
2020-10-08 18:38 - 2020-10-08 18:38 - 000003194 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2020-10-08 18:37 - 2020-10-08 18:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software
2020-10-08 18:36 - 2020-10-08 18:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2020-10-08 18:18 - 2020-09-28 17:28 - 001753712 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-10-08 18:18 - 2020-09-28 17:28 - 001753712 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-10-08 18:18 - 2020-09-28 17:28 - 001593456 _____ (AMD) C:\WINDOWS\system32\coinst_20.20.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 001359472 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-10-08 18:18 - 2020-09-28 17:28 - 001359472 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-10-08 18:18 - 2020-09-28 17:28 - 001047792 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 001047792 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000910248 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000910248 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000736880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000621168 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000496752 _____ C:\WINDOWS\system32\GameManager64.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000493168 _____ C:\WINDOWS\system32\dgtrayicon.exe
2020-10-08 18:18 - 2020-09-28 17:28 - 000380016 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000186992 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000166512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000156784 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000142448 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000046704 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000043632 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000019784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000019784 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 004631664 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 004156016 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 001783408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 001344624 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 001344624 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000761456 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2020-10-08 18:18 - 2020-09-28 17:27 - 000468592 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000456304 _____ C:\WINDOWS\system32\atieah64.exe
2020-10-08 18:18 - 2020-09-28 17:27 - 000351856 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2020-10-08 18:18 - 2020-09-28 17:27 - 000339568 _____ C:\WINDOWS\system32\clinfo.exe
2020-10-08 18:18 - 2020-09-28 17:27 - 000245360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000213104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000182400 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000167024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000158648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000140912 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000135792 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000125552 _____ C:\WINDOWS\system32\atidxx64.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000107632 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000070256 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2020-10-08 18:18 - 2020-09-28 17:26 - 000130232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2020-10-08 18:18 - 2020-09-28 17:26 - 000108248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2020-10-08 18:18 - 2020-09-28 16:26 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2020-10-08 18:18 - 2020-09-28 16:26 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2020-10-08 18:18 - 2020-09-28 16:26 - 000548096 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2020-10-08 18:18 - 2020-09-28 16:26 - 000548096 _____ C:\WINDOWS\system32\atiapfxx.blb
2020-10-08 18:18 - 2020-09-23 15:43 - 000510368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdfendrsr.exe
2020-10-08 18:18 - 2020-09-23 15:43 - 000088992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdfendr.sys
2020-10-08 18:18 - 2020-07-27 08:41 - 000062056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdxe.sys
2020-10-08 18:17 - 2020-09-28 17:27 - 072714352 _____ C:\WINDOWS\system32\amd_comgr.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 060127344 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 000941168 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 000768624 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 000553584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 000383600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 000134768 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 000122480 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 000120432 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 000107120 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000546800 _____ C:\WINDOWS\system32\amdmiracast.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000489584 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000380016 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000198832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000167912 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000135928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000130232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000120264 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000108248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2020-10-08 14:45 - 2020-10-08 14:45 - 002779059 _____ C:\Users\David Jackson\Downloads\i-to-i-tefl-level-5-180-hour-course-guide.pdf
2020-10-02 23:21 - 2020-10-02 23:22 - 103156624 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Qualcomm-QCA61x4A-QCA9377-WiFi-and-Bluetooth-Driver_4747J_WIN_12.0.0.916_A33.EXE
2020-10-01 11:44 - 2020-10-01 11:44 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-10-01 11:44 - 2020-09-10 18:14 - 000905528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2020-10-01 11:44 - 2020-09-10 18:14 - 000436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2020-09-28 08:40 - 2020-10-12 13:32 - 000000000 ____D C:\Users\David Jackson\Desktop\FRST-OlderVersion
2020-09-24 16:31 - 2020-09-24 16:31 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-09-24 16:31 - 2020-09-24 16:31 - 000002144 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-09-23 12:36 - 2020-10-12 19:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-09-14 13:16 - 2020-09-14 13:16 - 000000000 ____D C:\Users\David Jackson\AppData\Roaming\Macromedia
2020-09-14 13:09 - 2020-09-14 13:09 - 000002132 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2020-09-14 13:09 - 2020-09-14 13:09 - 000002132 _____ C:\ProgramData\Desktop\Acrobat Reader DC.lnk
2020-09-14 12:33 - 2019-06-07 13:20 - 000687943 _____ C:\Users\David Jackson\Desktop\Passport scan.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-12 19:48 - 2020-01-24 00:15 - 000000000 ____D C:\FRST
2020-10-12 19:48 - 2019-01-30 23:19 - 000000000 ____D C:\ProgramData\Mozilla
2020-10-12 19:46 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-10-12 19:44 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-10-12 19:42 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Registration
2020-10-12 19:42 - 2018-10-17 11:02 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-10-12 19:42 - 2018-10-17 11:02 - 000000000 ____D C:\Users\David Jackson\AppData\LocalLow\Mozilla
2020-10-12 19:42 - 2018-10-17 11:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-10-12 19:40 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-10-12 19:39 - 2018-10-17 11:39 - 000000000 __SHD C:\Users\David Jackson\IntelGraphicsProfiles
2020-10-12 19:38 - 2019-08-25 23:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-10-12 19:37 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-10-12 19:36 - 2019-10-06 14:14 - 000000000 ____D C:\Users\David Jackson\AppData\Local\OpenShell
2020-10-12 19:29 - 2019-03-13 22:07 - 000000000 ____D C:\ProgramData\Package Cache
2020-10-12 18:53 - 2019-08-25 22:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-10-12 12:27 - 2018-12-19 10:36 - 000000000 ____D C:\Users\David Jackson\AppData\Local\CrashDumps
2020-10-12 12:09 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-10-12 12:08 - 2019-10-04 15:23 - 000000000 ____D C:\Program Files (x86)\Qualcomm
2020-10-12 11:28 - 2020-03-05 15:22 - 000735058 _____ C:\WINDOWS\system32\perfh010.dat
2020-10-12 11:28 - 2020-03-05 15:22 - 000135432 _____ C:\WINDOWS\system32\perfc010.dat
2020-10-12 11:28 - 2020-01-14 21:53 - 000745756 _____ C:\WINDOWS\system32\perfh00C.dat
2020-10-12 11:28 - 2020-01-14 21:53 - 000139160 _____ C:\WINDOWS\system32\perfc00C.dat
2020-10-12 11:28 - 2020-01-14 21:35 - 000696098 _____ C:\WINDOWS\system32\perfh007.dat
2020-10-12 11:28 - 2020-01-14 21:35 - 000139468 _____ C:\WINDOWS\system32\perfc007.dat
2020-10-12 11:28 - 2019-08-26 08:17 - 000395550 _____ C:\WINDOWS\system32\prfh0804.dat
2020-10-12 11:28 - 2019-08-26 08:17 - 000122334 _____ C:\WINDOWS\system32\prfc0804.dat
2020-10-12 11:28 - 2019-08-25 23:03 - 003916954 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-10-12 11:27 - 2019-03-13 22:08 - 000000000 ____D C:\Program Files (x86)\Intel
2020-10-12 11:27 - 2018-10-17 11:32 - 000000000 ____D C:\ProgramData\Intel
2020-10-12 11:27 - 2018-10-17 11:32 - 000000000 ____D C:\Program Files\Intel
2020-10-12 11:16 - 2018-11-01 14:56 - 000000000 ____D C:\Users\David Jackson\AppData\Local\PlaceholderTileLogoFolder
2020-10-12 10:12 - 2019-10-04 15:22 - 000000000 ____D C:\ProgramData\Dell
2020-10-11 23:22 - 2019-10-08 22:42 - 000000000 ____D C:\Program Files\Dell
2020-10-11 23:08 - 2019-04-27 12:01 - 000000000 ____D C:\Users\David Jackson\AppData\Local\Downloaded Installations
2020-10-11 22:53 - 2018-10-17 08:52 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2020-10-11 22:53 - 2018-10-17 08:52 - 000000000 ____D C:\WINDOWS\system32\RTCOM
2020-10-11 22:46 - 2019-10-04 15:22 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-10-11 13:06 - 2019-10-08 22:52 - 000000000 ____D C:\ProgramData\PCDr
2020-10-11 12:58 - 2018-10-18 10:25 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-10-11 12:54 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-10-10 20:30 - 2019-10-08 22:43 - 000000000 ____D C:\Users\David Jackson\AppData\Local\Dell Inc
2020-10-10 20:07 - 2019-10-07 12:18 - 000016560 _____ C:\VEW.txt
2020-10-10 18:13 - 2018-10-17 11:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-10-10 12:19 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-10-09 19:25 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-10-09 11:22 - 2018-10-17 11:31 - 000000000 ____D C:\Program Files\AMD
2020-10-08 18:37 - 2020-01-30 14:14 - 000003160 _____ C:\WINDOWS\system32\Tasks\StartCN
2020-10-08 18:37 - 2020-01-30 14:14 - 000003080 _____ C:\WINDOWS\system32\Tasks\StartDVR
2020-10-08 18:29 - 2020-06-10 10:38 - 000000000 ____D C:\WINDOWS\system32\AMD
2020-10-08 18:18 - 2020-02-14 10:27 - 000000000 ____D C:\AMD
2020-10-07 20:21 - 2020-05-11 12:00 - 000002424 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2020-10-07 20:21 - 2020-05-11 12:00 - 000002383 _____ C:\Users\Public\Desktop\Brave.lnk
2020-10-07 20:21 - 2020-05-11 12:00 - 000002383 _____ C:\ProgramData\Desktop\Brave.lnk
2020-10-06 21:59 - 2018-10-17 10:44 - 000000000 ____D C:\Users\David Jackson\AppData\Roaming\vlc
2020-09-27 18:23 - 2020-09-02 22:12 - 000000000 ____D C:\Users\Public\Security Sessions
2020-09-23 19:57 - 2020-04-24 13:53 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-23 19:57 - 2020-04-24 13:53 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-09-23 19:57 - 2020-04-24 13:53 - 000002262 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-09-14 13:11 - 2019-01-12 22:37 - 000000000 ____D C:\Users\David Jackson\AppData\Local\Adobe
2020-09-14 13:08 - 2019-06-11 19:34 - 000000000 ____D C:\Program Files (x86)\Adobe

==================== Files in the root of some directories ========

2019-01-27 14:38 - 2019-01-27 14:48 - 000000094 _____ () C:\Users\David Jackson\AppData\Roaming\AlamySizeCheck Preferences
2019-03-15 01:43 - 2019-03-15 01:43 - 039718141 _____ () C:\Users\David Jackson\AppData\Local\Ahiramto

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


  • 0

#218
daba

daba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 367 posts

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-10-2020
Ran by David Jackson (administrator) on DAVIDDELL2 (Dell Inc. Vostro 3478) (12-10-2020 19:47:16)
Running from C:\Users\David Jackson\Desktop
Loaded Profiles: David Jackson
Platform: Windows 10 Home Version 1909 18363.1082 (X64) Language: English (United States)
Default browser: "C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe" --single-argument %1
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPUF.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0359160.inf_amd64_77f1d6913ff60c38\B358802\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0359160.inf_amd64_77f1d6913ff60c38\B358802\atiesrxx.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\atiw.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(F.lux Software LLC -> f.lux Software LLC) C:\Users\David Jackson\AppData\Local\FluxSoftware\Flux\flux.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® pGFX 2020 -> ) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_cf129e457c51e71b\OneApp.IGCC.WinService.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0ff9f497187b8bed\igfxCUIService.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0ff9f497187b8bed\igfxEM.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_020c2c7d3ac4a7d3\IntelCpHDCPSvc.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_020c2c7d3ac4a7d3\IntelCpHeciSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2009.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2009.7-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <6>
(Open-Shell) [File not signed] C:\Program Files\Open-Shell\StartMenu.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7193.611\DSAPI.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Open-Shell Start Menu] => C:\Program Files\Open-Shell\StartMenu.exe [216576 2018-08-18] (Open-Shell) [File not signed]
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [318920 2019-05-30] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => c:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1235160 2019-09-26] (Waves Inc -> Waves Audio Ltd.)
HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\Run: [f.lux] => C:\Users\David Jackson\AppData\Local\FluxSoftware\Flux\flux.exe [1469968 2020-06-17] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe [2095272 2020-10-07] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.121\Installer\chrmstp.exe [2020-09-23] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\86.1.15.72\Installer\chrmstp.exe [2020-10-07] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {044E1B9A-370F-4F6F-BADB-0A0F0DA37B38} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-09-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {11FCF4AA-3F7D-4378-967A-F69D76B06EE6} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_pepper.exe [1497656 2020-09-08] (Adobe Inc. -> Adobe)
Task: {1628DE49-B22E-47A2-9958-9B7685BB85C5} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {1EC872FD-257A-42A2-A96F-1FE2A48525A3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1FEE1AB6-7875-4C51-8A22-DFEA95CAE2DE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {2D9B5C67-AA2D-4FE1-8F01-EEA440144BCF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {529BF201-0512-4F97-A595-3A1659566AD9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5FC8279F-34E1-4E48-96E4-05997EF10D17} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {74F7F83F-2E3D-47E4-AB60-9AD942D901C5} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {75198F92-0F54-4164-926B-3AA5947FE1E3} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {85493095-4007-4EB6-9694-D88CFAE7F7AE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {88ED97AE-1C6D-4D2A-9146-CCA89DD15351} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645240 2020-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {8A38CDAD-EF90-4699-B677-E6471EE6F8F7} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-09-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {8A408B5D-FB1B-4DEC-B6C8-7B2A2CC01B52} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-09-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {8EEC5CF0-6E3A-4C54-8E3A-812E083C98B1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {8EEF8BDB-7F61-42CC-AAB2-4D3F723DAA43} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645240 2020-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {9501F0CA-ADFF-4560-8128-A85B9067C8B7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A2E715DF-301D-4D24-868D-15650F4A0840} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645240 2020-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {BB8CD43C-4901-4FC2-AA25-E43E380B45FF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-24] (Google LLC -> Google LLC)
Task: {DCA8B5F6-E9BC-44A1-B703-96C3D0C61484} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {E38E129F-E321-4A15-B8F3-5D84AD3E8B3D} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [664784 2020-10-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {E7611AFD-1B56-4D55-AE60-0C0DE6CB3B2D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-24] (Google LLC -> Google LLC)
Task: {EC8B1B18-0FAC-4DC3-9501-10DB2041BDAC} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-08] (Adobe Inc. -> Adobe)
Task: {F3BD7406-3407-4868-B770-5B166A045ADE} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.254
Tcpip\..\Interfaces\{8c70cad8-062e-4f13-8ce5-2a31ab038f35}: [DhcpNameServer] 10.0.0.254
Tcpip\..\Interfaces\{b3d91cbd-008e-4ca0-a438-0fc4de714817}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{e74bf68f-123f-41dc-be80-cfca9c0eab71}: [DhcpNameServer] 192.168.88.1 192.168.1.1

FireFox:
========
FF DefaultProfile: 58x27176.default-1552496324060
FF ProfilePath: C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060 [2020-10-12]
FF Extension: (Clear Cache) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2019-07-10]
FF Extension: (Reverso – Translation, dictionary) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2020-07-21]
FF Extension: (Simple Translate) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2020-05-11]
FF Extension: (uBlock Origin) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2020-10-12]
FF Extension: (Startpage.com — Private Search Engine) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\{20fc2e06-e3e4-4b2b-812b-ab431220cada}.xpi [2019-10-27]
FF Extension: (Zhongwen: Chinese-English Dictionary) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\{b65c7bc6-846b-4f65-b6ed-099d7e042309}.xpi [2019-03-14] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-09-11] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default [2020-10-11]
CHR Extension: (Slides) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-24]
CHR Extension: (Docs) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-24]
CHR Extension: (Google Drive) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-04-24]
CHR Extension: (YouTube) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-24]
CHR Extension: (Avira Safe Shopping) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2020-09-10]
CHR Extension: (uBlock Origin) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-09-27]
CHR Extension: (Sheets) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-24]
CHR Extension: (Google Docs Offline) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-27]
CHR Extension: (Avast Online Security) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-09-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-24]
CHR Extension: (Gmail) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-04-24]
CHR Extension: (Chrome Media Router) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-10]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-08] (Adobe Inc. -> Adobe)
R2 AUEPLauncher; C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPLauncher.exe [61624 2020-09-10] (Advanced Micro Devices, Inc. -> AMD)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [284720 2020-08-08] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3563568 2020-08-08] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [490032 2020-08-08] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [40656 2020-04-09] (Dell Inc -> )
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7193.611\DSAPI.exe [987632 2020-10-10] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [37056 2020-07-29] (Dell Inc -> )
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31704 2020-09-01] (Dell Inc. -> Dell Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\NisSrv.exe [2372048 2020-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MsMpEng.exe [128376 2020-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 asvpndrv; C:\WINDOWS\System32\drivers\asvpndrv.sys [31744 2014-05-18] (Astrill -> Astrill)
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [42376 2020-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
U5 PROCMON24; C:\Windows\System32\Drivers\PROCMON24.sys [97176 2019-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Sysinternals - www.sysinternals.com)
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 rspWhySoSlow; C:\WINDOWS\System32\DRIVERS\rspWhy64.sys [28928 2016-12-17] (Daniel Terhell -> Resplendence Software Projects Sp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-10-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [428264 2020-10-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69864 2020-10-11] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-12 19:47 - 2020-10-12 19:49 - 000023804 _____ C:\Users\David Jackson\Desktop\FRST.txt
2020-10-12 19:42 - 2020-10-12 19:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-10-12 19:40 - 2020-10-12 19:40 - 000003132 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2020-10-12 19:40 - 2020-10-12 19:40 - 000003118 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2020-10-12 19:22 - 2020-10-12 19:42 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-10-12 19:14 - 2020-10-12 19:20 - 000014347 _____ C:\Users\David Jackson\Desktop\Fixlog.txt
2020-10-12 13:32 - 2020-10-12 13:32 - 002299392 _____ (Farbar) C:\Users\David Jackson\Desktop\FRST64 (1).exe
2020-10-12 12:21 - 2020-10-12 12:27 - 383118040 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Intel-HD-Graphics-Driver_82KT0_WIN_26.20.100.7263_A04 (1).EXE
2020-10-12 12:07 - 2020-10-12 12:07 - 000000000 ____D C:\WINDOWS\system32\ihvmanager
2020-10-12 11:54 - 2020-10-12 12:00 - 383118040 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Intel-HD-Graphics-Driver_82KT0_WIN_26.20.100.7263_A04.EXE
2020-10-12 11:51 - 2020-10-12 11:51 - 000610384 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\SupportAssistLauncher (1).exe
2020-10-12 11:40 - 2020-10-12 11:41 - 103156624 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Qualcomm-QCA61x4A-QCA9377-WiFi-and-Bluetooth-Driver_4747J_WIN_12.0.0.916_A33 (1).EXE
2020-10-11 23:21 - 2020-10-11 23:21 - 014363136 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\SupportAssist-Update-Plugin-Application_VN1DC_WIN_5.2.1.12926_A00.EXE
2020-10-11 23:10 - 2020-10-11 23:10 - 000000000 ____D C:\WINDOWS\{11A89B9C-E4A8-479A-9C38-07489C2FC153}
2020-10-11 23:09 - 2020-10-11 23:10 - 026781280 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Dell-Update-Application-for-Windows-10_26GC8_WIN_3.1.3_A00.EXE
2020-10-11 23:07 - 2020-10-11 23:07 - 010339496 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Dell-Mobile-Connect-Driver_6YDGY_WIN_3.1_A00.EXE
2020-10-11 23:04 - 2020-10-12 19:41 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2020-10-11 23:04 - 2020-10-11 23:04 - 000000000 ____D C:\Program Files (x86)\DummyDir
2020-10-11 23:00 - 2020-10-11 23:02 - 084948256 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Dell-Alienware-Digital-Delivery-Application_9MRKW_WIN_4.0.52.0_A17.EXE
2020-10-11 22:53 - 2020-10-11 22:53 - 000001077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves MaxxAudioPro.lnk
2020-10-11 22:53 - 2020-10-11 22:53 - 000000000 ____D C:\Program Files\Waves
2020-10-11 22:51 - 2020-10-11 22:52 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2020-10-11 22:47 - 2020-02-17 23:36 - 024942088 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioCapture64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 024161688 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRenderAVX64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 024063104 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRender64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 007272536 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2020-10-11 22:47 - 2020-02-17 23:36 - 003793640 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioMeters64.exe
2020-10-11 22:47 - 2020-02-17 23:36 - 003769296 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 003676960 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2020-10-11 22:47 - 2020-02-17 23:36 - 003353720 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 003159672 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 002930048 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 001353216 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 000692056 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 000575080 _____ (Intel Corporation) C:\WINDOWS\system32\tbb_waves.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 000343600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 000240024 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTHDASIO64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 000200600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RTHDASIO.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 000192872 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 000023584 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2020-10-11 22:47 - 2020-02-17 23:22 - 038528612 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2020-10-11 22:47 - 2018-01-08 04:04 - 005804772 _____ C:\WINDOWS\system32\Drivers\rtvienna.dat
2020-10-11 22:43 - 2019-12-19 15:07 - 002877104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2020-10-11 22:38 - 2020-10-11 22:54 - 000000000 ___HD C:\Program Files (x86)\Temp
2020-10-11 22:37 - 2020-10-11 22:37 - 000019632 _____ C:\WINDOWS\SysWOW64\RtkMsgs.dll
2020-10-11 22:23 - 2020-10-11 22:31 - 490330584 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Realtek-High-Definition-Audio-Driver_MM88C_WIN_6.0.8895.1_A16.EXE
2020-10-11 22:23 - 2020-10-11 22:23 - 012362680 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Intel-Chipset-Device-Software_5MPRF_WIN_10.1.18121.8164_A09.EXE
2020-10-11 22:12 - 2020-10-11 22:13 - 097367512 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Intel-Management-Engine-Interface-Driver_V0N4T_WIN_1932.12.0.1298_A03.EXE
2020-10-11 22:12 - 2020-10-11 22:12 - 006705368 _____ C:\Users\David Jackson\Downloads\Vostro_3478_3578_Inspiron_3476_3576_1.10.0.exe
2020-10-11 18:26 - 2020-10-11 18:27 - 000000000 ____D C:\Users\Public\Speedup Sessions
2020-10-11 18:24 - 2020-10-11 18:25 - 004434320 _____ (Avira Operations GmbH & Co. KG) C:\Users\David Jackson\Downloads\avira_en_sptl1_cbc6c5b27d137256__pavws-spotlight-release.exe
2020-10-11 18:13 - 2020-10-11 18:13 - 003181960 _____ (Avira Operations GmbH & Co. KG) C:\Users\David Jackson\Desktop\avira_registry_cleaner_en.exe
2020-10-11 13:12 - 2020-10-11 13:12 - 000000000 ____D C:\Users\David Jackson\Documents\TotalAV
2020-10-11 13:08 - 2020-10-11 13:08 - 000000000 ____D C:\ProgramData\SecuritySuite
2020-10-11 12:55 - 2020-10-11 12:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
2020-10-11 12:50 - 2020-10-11 12:50 - 013988288 _____ C:\Users\David Jackson\Downloads\TotalAV_Setup.exe
2020-10-11 00:07 - 2020-10-11 00:07 - 000158535 _____ C:\Users\David Jackson\Downloads\87866-795042.lies-students-hear.pdf
2020-10-10 20:32 - 2020-10-10 20:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2020-10-10 20:29 - 2020-10-10 20:29 - 000000000 _____ C:\WINDOWS\invcol.tmp
2020-10-10 20:27 - 2020-10-10 20:27 - 000000000 ____D C:\Program Files (x86)\Dell
2020-10-10 20:26 - 2020-10-10 20:26 - 000000000 ____D C:\ProgramData\SupportAssist
2020-10-10 20:25 - 2020-10-10 20:25 - 000610384 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\SupportAssistLauncher.exe
2020-10-09 11:22 - 2020-10-09 11:22 - 000003304 _____ C:\WINDOWS\system32\Tasks\StartCNBM
2020-10-08 18:38 - 2020-10-08 18:38 - 000003194 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2020-10-08 18:37 - 2020-10-08 18:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software
2020-10-08 18:36 - 2020-10-08 18:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2020-10-08 18:18 - 2020-09-28 17:28 - 001753712 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-10-08 18:18 - 2020-09-28 17:28 - 001753712 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-10-08 18:18 - 2020-09-28 17:28 - 001593456 _____ (AMD) C:\WINDOWS\system32\coinst_20.20.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 001359472 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-10-08 18:18 - 2020-09-28 17:28 - 001359472 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-10-08 18:18 - 2020-09-28 17:28 - 001047792 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 001047792 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000910248 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000910248 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000736880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000621168 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000496752 _____ C:\WINDOWS\system32\GameManager64.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000493168 _____ C:\WINDOWS\system32\dgtrayicon.exe
2020-10-08 18:18 - 2020-09-28 17:28 - 000380016 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000186992 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000166512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000156784 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000142448 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000046704 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000043632 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000019784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000019784 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 004631664 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 004156016 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 001783408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 001344624 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 001344624 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000761456 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2020-10-08 18:18 - 2020-09-28 17:27 - 000468592 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000456304 _____ C:\WINDOWS\system32\atieah64.exe
2020-10-08 18:18 - 2020-09-28 17:27 - 000351856 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2020-10-08 18:18 - 2020-09-28 17:27 - 000339568 _____ C:\WINDOWS\system32\clinfo.exe
2020-10-08 18:18 - 2020-09-28 17:27 - 000245360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000213104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000182400 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000167024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000158648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000140912 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000135792 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000125552 _____ C:\WINDOWS\system32\atidxx64.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000107632 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000070256 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2020-10-08 18:18 - 2020-09-28 17:26 - 000130232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2020-10-08 18:18 - 2020-09-28 17:26 - 000108248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2020-10-08 18:18 - 2020-09-28 16:26 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2020-10-08 18:18 - 2020-09-28 16:26 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2020-10-08 18:18 - 2020-09-28 16:26 - 000548096 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2020-10-08 18:18 - 2020-09-28 16:26 - 000548096 _____ C:\WINDOWS\system32\atiapfxx.blb
2020-10-08 18:18 - 2020-09-23 15:43 - 000510368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdfendrsr.exe
2020-10-08 18:18 - 2020-09-23 15:43 - 000088992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdfendr.sys
2020-10-08 18:18 - 2020-07-27 08:41 - 000062056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdxe.sys
2020-10-08 18:17 - 2020-09-28 17:27 - 072714352 _____ C:\WINDOWS\system32\amd_comgr.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 060127344 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 000941168 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 000768624 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 000553584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 000383600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 000134768 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 000122480 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 000120432 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 000107120 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000546800 _____ C:\WINDOWS\system32\amdmiracast.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000489584 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000380016 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000198832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000167912 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000135928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000130232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000120264 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000108248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2020-10-08 14:45 - 2020-10-08 14:45 - 002779059 _____ C:\Users\David Jackson\Downloads\i-to-i-tefl-level-5-180-hour-course-guide.pdf
2020-10-02 23:21 - 2020-10-02 23:22 - 103156624 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Qualcomm-QCA61x4A-QCA9377-WiFi-and-Bluetooth-Driver_4747J_WIN_12.0.0.916_A33.EXE
2020-10-01 11:44 - 2020-10-01 11:44 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-10-01 11:44 - 2020-09-10 18:14 - 000905528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2020-10-01 11:44 - 2020-09-10 18:14 - 000436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2020-09-28 08:40 - 2020-10-12 13:32 - 000000000 ____D C:\Users\David Jackson\Desktop\FRST-OlderVersion
2020-09-24 16:31 - 2020-09-24 16:31 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-09-24 16:31 - 2020-09-24 16:31 - 000002144 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-09-23 12:36 - 2020-10-12 19:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-09-14 13:16 - 2020-09-14 13:16 - 000000000 ____D C:\Users\David Jackson\AppData\Roaming\Macromedia
2020-09-14 13:09 - 2020-09-14 13:09 - 000002132 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2020-09-14 13:09 - 2020-09-14 13:09 - 000002132 _____ C:\ProgramData\Desktop\Acrobat Reader DC.lnk
2020-09-14 12:33 - 2019-06-07 13:20 - 000687943 _____ C:\Users\David Jackson\Desktop\Passport scan.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-12 19:48 - 2020-01-24 00:15 - 000000000 ____D C:\FRST
2020-10-12 19:48 - 2019-01-30 23:19 - 000000000 ____D C:\ProgramData\Mozilla
2020-10-12 19:46 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-10-12 19:44 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-10-12 19:42 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Registration
2020-10-12 19:42 - 2018-10-17 11:02 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-10-12 19:42 - 2018-10-17 11:02 - 000000000 ____D C:\Users\David Jackson\AppData\LocalLow\Mozilla
2020-10-12 19:42 - 2018-10-17 11:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-10-12 19:40 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-10-12 19:39 - 2018-10-17 11:39 - 000000000 __SHD C:\Users\David Jackson\IntelGraphicsProfiles
2020-10-12 19:38 - 2019-08-25 23:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-10-12 19:37 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-10-12 19:36 - 2019-10-06 14:14 - 000000000 ____D C:\Users\David Jackson\AppData\Local\OpenShell
2020-10-12 19:29 - 2019-03-13 22:07 - 000000000 ____D C:\ProgramData\Package Cache
2020-10-12 18:53 - 2019-08-25 22:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-10-12 12:27 - 2018-12-19 10:36 - 000000000 ____D C:\Users\David Jackson\AppData\Local\CrashDumps
2020-10-12 12:09 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-10-12 12:08 - 2019-10-04 15:23 - 000000000 ____D C:\Program Files (x86)\Qualcomm
2020-10-12 11:28 - 2020-03-05 15:22 - 000735058 _____ C:\WINDOWS\system32\perfh010.dat
2020-10-12 11:28 - 2020-03-05 15:22 - 000135432 _____ C:\WINDOWS\system32\perfc010.dat
2020-10-12 11:28 - 2020-01-14 21:53 - 000745756 _____ C:\WINDOWS\system32\perfh00C.dat
2020-10-12 11:28 - 2020-01-14 21:53 - 000139160 _____ C:\WINDOWS\system32\perfc00C.dat
2020-10-12 11:28 - 2020-01-14 21:35 - 000696098 _____ C:\WINDOWS\system32\perfh007.dat
2020-10-12 11:28 - 2020-01-14 21:35 - 000139468 _____ C:\WINDOWS\system32\perfc007.dat
2020-10-12 11:28 - 2019-08-26 08:17 - 000395550 _____ C:\WINDOWS\system32\prfh0804.dat
2020-10-12 11:28 - 2019-08-26 08:17 - 000122334 _____ C:\WINDOWS\system32\prfc0804.dat
2020-10-12 11:28 - 2019-08-25 23:03 - 003916954 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-10-12 11:27 - 2019-03-13 22:08 - 000000000 ____D C:\Program Files (x86)\Intel
2020-10-12 11:27 - 2018-10-17 11:32 - 000000000 ____D C:\ProgramData\Intel
2020-10-12 11:27 - 2018-10-17 11:32 - 000000000 ____D C:\Program Files\Intel
2020-10-12 11:16 - 2018-11-01 14:56 - 000000000 ____D C:\Users\David Jackson\AppData\Local\PlaceholderTileLogoFolder
2020-10-12 10:12 - 2019-10-04 15:22 - 000000000 ____D C:\ProgramData\Dell
2020-10-11 23:22 - 2019-10-08 22:42 - 000000000 ____D C:\Program Files\Dell
2020-10-11 23:08 - 2019-04-27 12:01 - 000000000 ____D C:\Users\David Jackson\AppData\Local\Downloaded Installations
2020-10-11 22:53 - 2018-10-17 08:52 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2020-10-11 22:53 - 2018-10-17 08:52 - 000000000 ____D C:\WINDOWS\system32\RTCOM
2020-10-11 22:46 - 2019-10-04 15:22 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-10-11 13:06 - 2019-10-08 22:52 - 000000000 ____D C:\ProgramData\PCDr
2020-10-11 12:58 - 2018-10-18 10:25 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-10-11 12:54 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-10-10 20:30 - 2019-10-08 22:43 - 000000000 ____D C:\Users\David Jackson\AppData\Local\Dell Inc
2020-10-10 20:07 - 2019-10-07 12:18 - 000016560 _____ C:\VEW.txt
2020-10-10 18:13 - 2018-10-17 11:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-10-10 12:19 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-10-09 19:25 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-10-09 11:22 - 2018-10-17 11:31 - 000000000 ____D C:\Program Files\AMD
2020-10-08 18:37 - 2020-01-30 14:14 - 000003160 _____ C:\WINDOWS\system32\Tasks\StartCN
2020-10-08 18:37 - 2020-01-30 14:14 - 000003080 _____ C:\WINDOWS\system32\Tasks\StartDVR
2020-10-08 18:29 - 2020-06-10 10:38 - 000000000 ____D C:\WINDOWS\system32\AMD
2020-10-08 18:18 - 2020-02-14 10:27 - 000000000 ____D C:\AMD
2020-10-07 20:21 - 2020-05-11 12:00 - 000002424 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2020-10-07 20:21 - 2020-05-11 12:00 - 000002383 _____ C:\Users\Public\Desktop\Brave.lnk
2020-10-07 20:21 - 2020-05-11 12:00 - 000002383 _____ C:\ProgramData\Desktop\Brave.lnk
2020-10-06 21:59 - 2018-10-17 10:44 - 000000000 ____D C:\Users\David Jackson\AppData\Roaming\vlc
2020-09-27 18:23 - 2020-09-02 22:12 - 000000000 ____D C:\Users\Public\Security Sessions
2020-09-23 19:57 - 2020-04-24 13:53 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-23 19:57 - 2020-04-24 13:53 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-09-23 19:57 - 2020-04-24 13:53 - 000002262 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-09-14 13:11 - 2019-01-12 22:37 - 000000000 ____D C:\Users\David Jackson\AppData\Local\Adobe
2020-09-14 13:08 - 2019-06-11 19:34 - 000000000 ____D C:\Program Files (x86)\Adobe

==================== Files in the root of some directories ========

2019-01-27 14:38 - 2019-01-27 14:48 - 000000094 _____ () C:\Users\David Jackson\AppData\Roaming\AlamySizeCheck Preferences
2019-03-15 01:43 - 2019-03-15 01:43 - 039718141 _____ () C:\Users\David Jackson\AppData\Local\Ahiramto

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


  • 0

#219
daba

daba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 367 posts
Am hitting post but it doesn't! …On laptop for logs
  • 0

#220
daba

daba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 367 posts
Am hitting post but it doesn't! …On laptop for logs
  • 0

Advertisements


#221
daba

daba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 367 posts
Am hitting post but it doesn't! …On laptop for logs
  • 0

#222
daba

daba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 367 posts

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-10-2020
Ran by David Jackson (administrator) on DAVIDDELL2 (Dell Inc. Vostro 3478) (12-10-2020 19:47:16)
Running from C:\Users\David Jackson\Desktop
Loaded Profiles: David Jackson
Platform: Windows 10 Home Version 1909 18363.1082 (X64) Language: English (United States)
Default browser: "C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe" --single-argument %1
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPUF.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0359160.inf_amd64_77f1d6913ff60c38\B358802\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0359160.inf_amd64_77f1d6913ff60c38\B358802\atiesrxx.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\atiw.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(F.lux Software LLC -> f.lux Software LLC) C:\Users\David Jackson\AppData\Local\FluxSoftware\Flux\flux.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® pGFX 2020 -> ) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_cf129e457c51e71b\OneApp.IGCC.WinService.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0ff9f497187b8bed\igfxCUIService.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0ff9f497187b8bed\igfxEM.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_020c2c7d3ac4a7d3\IntelCpHDCPSvc.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_020c2c7d3ac4a7d3\IntelCpHeciSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2009.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2009.7-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <6>
(Open-Shell) [File not signed] C:\Program Files\Open-Shell\StartMenu.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7193.611\DSAPI.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Open-Shell Start Menu] => C:\Program Files\Open-Shell\StartMenu.exe [216576 2018-08-18] (Open-Shell) [File not signed]
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [318920 2019-05-30] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => c:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1235160 2019-09-26] (Waves Inc -> Waves Audio Ltd.)
HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\Run: [f.lux] => C:\Users\David Jackson\AppData\Local\FluxSoftware\Flux\flux.exe [1469968 2020-06-17] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe [2095272 2020-10-07] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.121\Installer\chrmstp.exe [2020-09-23] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\86.1.15.72\Installer\chrmstp.exe [2020-10-07] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {044E1B9A-370F-4F6F-BADB-0A0F0DA37B38} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-09-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {11FCF4AA-3F7D-4378-967A-F69D76B06EE6} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_pepper.exe [1497656 2020-09-08] (Adobe Inc. -> Adobe)
Task: {1628DE49-B22E-47A2-9958-9B7685BB85C5} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {1EC872FD-257A-42A2-A96F-1FE2A48525A3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1FEE1AB6-7875-4C51-8A22-DFEA95CAE2DE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {2D9B5C67-AA2D-4FE1-8F01-EEA440144BCF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {529BF201-0512-4F97-A595-3A1659566AD9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5FC8279F-34E1-4E48-96E4-05997EF10D17} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {74F7F83F-2E3D-47E4-AB60-9AD942D901C5} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {75198F92-0F54-4164-926B-3AA5947FE1E3} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {85493095-4007-4EB6-9694-D88CFAE7F7AE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {88ED97AE-1C6D-4D2A-9146-CCA89DD15351} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645240 2020-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {8A38CDAD-EF90-4699-B677-E6471EE6F8F7} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-09-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {8A408B5D-FB1B-4DEC-B6C8-7B2A2CC01B52} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-09-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {8EEC5CF0-6E3A-4C54-8E3A-812E083C98B1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {8EEF8BDB-7F61-42CC-AAB2-4D3F723DAA43} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645240 2020-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {9501F0CA-ADFF-4560-8128-A85B9067C8B7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A2E715DF-301D-4D24-868D-15650F4A0840} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645240 2020-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {BB8CD43C-4901-4FC2-AA25-E43E380B45FF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-24] (Google LLC -> Google LLC)
Task: {DCA8B5F6-E9BC-44A1-B703-96C3D0C61484} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {E38E129F-E321-4A15-B8F3-5D84AD3E8B3D} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [664784 2020-10-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {E7611AFD-1B56-4D55-AE60-0C0DE6CB3B2D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-24] (Google LLC -> Google LLC)
Task: {EC8B1B18-0FAC-4DC3-9501-10DB2041BDAC} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-08] (Adobe Inc. -> Adobe)
Task: {F3BD7406-3407-4868-B770-5B166A045ADE} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.254
Tcpip\..\Interfaces\{8c70cad8-062e-4f13-8ce5-2a31ab038f35}: [DhcpNameServer] 10.0.0.254
Tcpip\..\Interfaces\{b3d91cbd-008e-4ca0-a438-0fc4de714817}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{e74bf68f-123f-41dc-be80-cfca9c0eab71}: [DhcpNameServer] 192.168.88.1 192.168.1.1

FireFox:
========
FF DefaultProfile: 58x27176.default-1552496324060
FF ProfilePath: C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060 [2020-10-12]
FF Extension: (Clear Cache) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2019-07-10]
FF Extension: (Reverso – Translation, dictionary) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2020-07-21]
FF Extension: (Simple Translate) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2020-05-11]
FF Extension: (uBlock Origin) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2020-10-12]
FF Extension: (Startpage.com — Private Search Engine) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\{20fc2e06-e3e4-4b2b-812b-ab431220cada}.xpi [2019-10-27]
FF Extension: (Zhongwen: Chinese-English Dictionary) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\{b65c7bc6-846b-4f65-b6ed-099d7e042309}.xpi [2019-03-14] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-09-11] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default [2020-10-11]
CHR Extension: (Slides) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-24]
CHR Extension: (Docs) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-24]
CHR Extension: (Google Drive) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-04-24]
CHR Extension: (YouTube) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-24]
CHR Extension: (Avira Safe Shopping) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2020-09-10]
CHR Extension: (uBlock Origin) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-09-27]
CHR Extension: (Sheets) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-24]
CHR Extension: (Google Docs Offline) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-27]
CHR Extension: (Avast Online Security) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-09-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-24]
CHR Extension: (Gmail) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-04-24]
CHR Extension: (Chrome Media Router) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-10]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-08] (Adobe Inc. -> Adobe)
R2 AUEPLauncher; C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPLauncher.exe [61624 2020-09-10] (Advanced Micro Devices, Inc. -> AMD)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [284720 2020-08-08] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3563568 2020-08-08] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [490032 2020-08-08] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [40656 2020-04-09] (Dell Inc -> )
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7193.611\DSAPI.exe [987632 2020-10-10] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [37056 2020-07-29] (Dell Inc -> )
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31704 2020-09-01] (Dell Inc. -> Dell Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\NisSrv.exe [2372048 2020-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MsMpEng.exe [128376 2020-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 asvpndrv; C:\WINDOWS\System32\drivers\asvpndrv.sys [31744 2014-05-18] (Astrill -> Astrill)
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [42376 2020-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
U5 PROCMON24; C:\Windows\System32\Drivers\PROCMON24.sys [97176 2019-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Sysinternals - www.sysinternals.com)
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 rspWhySoSlow; C:\WINDOWS\System32\DRIVERS\rspWhy64.sys [28928 2016-12-17] (Daniel Terhell -> Resplendence Software Projects Sp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-10-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [428264 2020-10-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69864 2020-10-11] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-12 19:47 - 2020-10-12 19:49 - 000023804 _____ C:\Users\David Jackson\Desktop\FRST.txt
2020-10-12 19:42 - 2020-10-12 19:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-10-12 19:40 - 2020-10-12 19:40 - 000003132 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2020-10-12 19:40 - 2020-10-12 19:40 - 000003118 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2020-10-12 19:22 - 2020-10-12 19:42 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-10-12 19:14 - 2020-10-12 19:20 - 000014347 _____ C:\Users\David Jackson\Desktop\Fixlog.txt
2020-10-12 13:32 - 2020-10-12 13:32 - 002299392 _____ (Farbar) C:\Users\David Jackson\Desktop\FRST64 (1).exe
2020-10-12 12:21 - 2020-10-12 12:27 - 383118040 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Intel-HD-Graphics-Driver_82KT0_WIN_26.20.100.7263_A04 (1).EXE
2020-10-12 12:07 - 2020-10-12 12:07 - 000000000 ____D C:\WINDOWS\system32\ihvmanager
2020-10-12 11:54 - 2020-10-12 12:00 - 383118040 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Intel-HD-Graphics-Driver_82KT0_WIN_26.20.100.7263_A04.EXE
2020-10-12 11:51 - 2020-10-12 11:51 - 000610384 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\SupportAssistLauncher (1).exe
2020-10-12 11:40 - 2020-10-12 11:41 - 103156624 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Qualcomm-QCA61x4A-QCA9377-WiFi-and-Bluetooth-Driver_4747J_WIN_12.0.0.916_A33 (1).EXE
2020-10-11 23:21 - 2020-10-11 23:21 - 014363136 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\SupportAssist-Update-Plugin-Application_VN1DC_WIN_5.2.1.12926_A00.EXE
2020-10-11 23:10 - 2020-10-11 23:10 - 000000000 ____D C:\WINDOWS\{11A89B9C-E4A8-479A-9C38-07489C2FC153}
2020-10-11 23:09 - 2020-10-11 23:10 - 026781280 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Dell-Update-Application-for-Windows-10_26GC8_WIN_3.1.3_A00.EXE
2020-10-11 23:07 - 2020-10-11 23:07 - 010339496 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Dell-Mobile-Connect-Driver_6YDGY_WIN_3.1_A00.EXE
2020-10-11 23:04 - 2020-10-12 19:41 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2020-10-11 23:04 - 2020-10-11 23:04 - 000000000 ____D C:\Program Files (x86)\DummyDir
2020-10-11 23:00 - 2020-10-11 23:02 - 084948256 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Dell-Alienware-Digital-Delivery-Application_9MRKW_WIN_4.0.52.0_A17.EXE
2020-10-11 22:53 - 2020-10-11 22:53 - 000001077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves MaxxAudioPro.lnk
2020-10-11 22:53 - 2020-10-11 22:53 - 000000000 ____D C:\Program Files\Waves
2020-10-11 22:51 - 2020-10-11 22:52 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2020-10-11 22:47 - 2020-02-17 23:36 - 024942088 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioCapture64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 024161688 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRenderAVX64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 024063104 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRender64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 007272536 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2020-10-11 22:47 - 2020-02-17 23:36 - 003793640 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioMeters64.exe
2020-10-11 22:47 - 2020-02-17 23:36 - 003769296 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 003676960 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2020-10-11 22:47 - 2020-02-17 23:36 - 003353720 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 003159672 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 002930048 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 001353216 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 000692056 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 000575080 _____ (Intel Corporation) C:\WINDOWS\system32\tbb_waves.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 000343600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 000240024 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTHDASIO64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 000200600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RTHDASIO.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 000192872 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 000023584 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2020-10-11 22:47 - 2020-02-17 23:22 - 038528612 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2020-10-11 22:47 - 2018-01-08 04:04 - 005804772 _____ C:\WINDOWS\system32\Drivers\rtvienna.dat
2020-10-11 22:43 - 2019-12-19 15:07 - 002877104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2020-10-11 22:38 - 2020-10-11 22:54 - 000000000 ___HD C:\Program Files (x86)\Temp
2020-10-11 22:37 - 2020-10-11 22:37 - 000019632 _____ C:\WINDOWS\SysWOW64\RtkMsgs.dll
2020-10-11 22:23 - 2020-10-11 22:31 - 490330584 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Realtek-High-Definition-Audio-Driver_MM88C_WIN_6.0.8895.1_A16.EXE
2020-10-11 22:23 - 2020-10-11 22:23 - 012362680 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Intel-Chipset-Device-Software_5MPRF_WIN_10.1.18121.8164_A09.EXE
2020-10-11 22:12 - 2020-10-11 22:13 - 097367512 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Intel-Management-Engine-Interface-Driver_V0N4T_WIN_1932.12.0.1298_A03.EXE
2020-10-11 22:12 - 2020-10-11 22:12 - 006705368 _____ C:\Users\David Jackson\Downloads\Vostro_3478_3578_Inspiron_3476_3576_1.10.0.exe
2020-10-11 18:26 - 2020-10-11 18:27 - 000000000 ____D C:\Users\Public\Speedup Sessions
2020-10-11 18:24 - 2020-10-11 18:25 - 004434320 _____ (Avira Operations GmbH & Co. KG) C:\Users\David Jackson\Downloads\avira_en_sptl1_cbc6c5b27d137256__pavws-spotlight-release.exe
2020-10-11 18:13 - 2020-10-11 18:13 - 003181960 _____ (Avira Operations GmbH & Co. KG) C:\Users\David Jackson\Desktop\avira_registry_cleaner_en.exe
2020-10-11 13:12 - 2020-10-11 13:12 - 000000000 ____D C:\Users\David Jackson\Documents\TotalAV
2020-10-11 13:08 - 2020-10-11 13:08 - 000000000 ____D C:\ProgramData\SecuritySuite
2020-10-11 12:55 - 2020-10-11 12:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
2020-10-11 12:50 - 2020-10-11 12:50 - 013988288 _____ C:\Users\David Jackson\Downloads\TotalAV_Setup.exe
2020-10-11 00:07 - 2020-10-11 00:07 - 000158535 _____ C:\Users\David Jackson\Downloads\87866-795042.lies-students-hear.pdf
2020-10-10 20:32 - 2020-10-10 20:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2020-10-10 20:29 - 2020-10-10 20:29 - 000000000 _____ C:\WINDOWS\invcol.tmp
2020-10-10 20:27 - 2020-10-10 20:27 - 000000000 ____D C:\Program Files (x86)\Dell
2020-10-10 20:26 - 2020-10-10 20:26 - 000000000 ____D C:\ProgramData\SupportAssist
2020-10-10 20:25 - 2020-10-10 20:25 - 000610384 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\SupportAssistLauncher.exe
2020-10-09 11:22 - 2020-10-09 11:22 - 000003304 _____ C:\WINDOWS\system32\Tasks\StartCNBM
2020-10-08 18:38 - 2020-10-08 18:38 - 000003194 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2020-10-08 18:37 - 2020-10-08 18:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software
2020-10-08 18:36 - 2020-10-08 18:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2020-10-08 18:18 - 2020-09-28 17:28 - 001753712 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-10-08 18:18 - 2020-09-28 17:28 - 001753712 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-10-08 18:18 - 2020-09-28 17:28 - 001593456 _____ (AMD) C:\WINDOWS\system32\coinst_20.20.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 001359472 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-10-08 18:18 - 2020-09-28 17:28 - 001359472 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-10-08 18:18 - 2020-09-28 17:28 - 001047792 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 001047792 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000910248 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000910248 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000736880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000621168 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000496752 _____ C:\WINDOWS\system32\GameManager64.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000493168 _____ C:\WINDOWS\system32\dgtrayicon.exe
2020-10-08 18:18 - 2020-09-28 17:28 - 000380016 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000186992 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000166512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000156784 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000142448 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000046704 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000043632 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000019784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000019784 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 004631664 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 004156016 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 001783408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 001344624 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 001344624 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000761456 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2020-10-08 18:18 - 2020-09-28 17:27 - 000468592 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000456304 _____ C:\WINDOWS\system32\atieah64.exe
2020-10-08 18:18 - 2020-09-28 17:27 - 000351856 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2020-10-08 18:18 - 2020-09-28 17:27 - 000339568 _____ C:\WINDOWS\system32\clinfo.exe
2020-10-08 18:18 - 2020-09-28 17:27 - 000245360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000213104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000182400 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000167024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000158648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000140912 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000135792 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000125552 _____ C:\WINDOWS\system32\atidxx64.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000107632 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000070256 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2020-10-08 18:18 - 2020-09-28 17:26 - 000130232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2020-10-08 18:18 - 2020-09-28 17:26 - 000108248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2020-10-08 18:18 - 2020-09-28 16:26 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2020-10-08 18:18 - 2020-09-28 16:26 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2020-10-08 18:18 - 2020-09-28 16:26 - 000548096 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2020-10-08 18:18 - 2020-09-28 16:26 - 000548096 _____ C:\WINDOWS\system32\atiapfxx.blb
2020-10-08 18:18 - 2020-09-23 15:43 - 000510368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdfendrsr.exe
2020-10-08 18:18 - 2020-09-23 15:43 - 000088992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdfendr.sys
2020-10-08 18:18 - 2020-07-27 08:41 - 000062056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdxe.sys
2020-10-08 18:17 - 2020-09-28 17:27 - 072714352 _____ C:\WINDOWS\system32\amd_comgr.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 060127344 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 000941168 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 000768624 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 000553584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 000383600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 000134768 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 000122480 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 000120432 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 000107120 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000546800 _____ C:\WINDOWS\system32\amdmiracast.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000489584 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000380016 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000198832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000167912 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000135928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000130232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000120264 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000108248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2020-10-08 14:45 - 2020-10-08 14:45 - 002779059 _____ C:\Users\David Jackson\Downloads\i-to-i-tefl-level-5-180-hour-course-guide.pdf
2020-10-02 23:21 - 2020-10-02 23:22 - 103156624 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Qualcomm-QCA61x4A-QCA9377-WiFi-and-Bluetooth-Driver_4747J_WIN_12.0.0.916_A33.EXE
2020-10-01 11:44 - 2020-10-01 11:44 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-10-01 11:44 - 2020-09-10 18:14 - 000905528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2020-10-01 11:44 - 2020-09-10 18:14 - 000436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2020-09-28 08:40 - 2020-10-12 13:32 - 000000000 ____D C:\Users\David Jackson\Desktop\FRST-OlderVersion
2020-09-24 16:31 - 2020-09-24 16:31 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-09-24 16:31 - 2020-09-24 16:31 - 000002144 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-09-23 12:36 - 2020-10-12 19:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-09-14 13:16 - 2020-09-14 13:16 - 000000000 ____D C:\Users\David Jackson\AppData\Roaming\Macromedia
2020-09-14 13:09 - 2020-09-14 13:09 - 000002132 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2020-09-14 13:09 - 2020-09-14 13:09 - 000002132 _____ C:\ProgramData\Desktop\Acrobat Reader DC.lnk
2020-09-14 12:33 - 2019-06-07 13:20 - 000687943 _____ C:\Users\David Jackson\Desktop\Passport scan.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-12 19:48 - 2020-01-24 00:15 - 000000000 ____D C:\FRST
2020-10-12 19:48 - 2019-01-30 23:19 - 000000000 ____D C:\ProgramData\Mozilla
2020-10-12 19:46 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-10-12 19:44 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-10-12 19:42 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Registration
2020-10-12 19:42 - 2018-10-17 11:02 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-10-12 19:42 - 2018-10-17 11:02 - 000000000 ____D C:\Users\David Jackson\AppData\LocalLow\Mozilla
2020-10-12 19:42 - 2018-10-17 11:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-10-12 19:40 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-10-12 19:39 - 2018-10-17 11:39 - 000000000 __SHD C:\Users\David Jackson\IntelGraphicsProfiles
2020-10-12 19:38 - 2019-08-25 23:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-10-12 19:37 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-10-12 19:36 - 2019-10-06 14:14 - 000000000 ____D C:\Users\David Jackson\AppData\Local\OpenShell
2020-10-12 19:29 - 2019-03-13 22:07 - 000000000 ____D C:\ProgramData\Package Cache
2020-10-12 18:53 - 2019-08-25 22:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-10-12 12:27 - 2018-12-19 10:36 - 000000000 ____D C:\Users\David Jackson\AppData\Local\CrashDumps
2020-10-12 12:09 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-10-12 12:08 - 2019-10-04 15:23 - 000000000 ____D C:\Program Files (x86)\Qualcomm
2020-10-12 11:28 - 2020-03-05 15:22 - 000735058 _____ C:\WINDOWS\system32\perfh010.dat
2020-10-12 11:28 - 2020-03-05 15:22 - 000135432 _____ C:\WINDOWS\system32\perfc010.dat
2020-10-12 11:28 - 2020-01-14 21:53 - 000745756 _____ C:\WINDOWS\system32\perfh00C.dat
2020-10-12 11:28 - 2020-01-14 21:53 - 000139160 _____ C:\WINDOWS\system32\perfc00C.dat
2020-10-12 11:28 - 2020-01-14 21:35 - 000696098 _____ C:\WINDOWS\system32\perfh007.dat
2020-10-12 11:28 - 2020-01-14 21:35 - 000139468 _____ C:\WINDOWS\system32\perfc007.dat
2020-10-12 11:28 - 2019-08-26 08:17 - 000395550 _____ C:\WINDOWS\system32\prfh0804.dat
2020-10-12 11:28 - 2019-08-26 08:17 - 000122334 _____ C:\WINDOWS\system32\prfc0804.dat
2020-10-12 11:28 - 2019-08-25 23:03 - 003916954 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-10-12 11:27 - 2019-03-13 22:08 - 000000000 ____D C:\Program Files (x86)\Intel
2020-10-12 11:27 - 2018-10-17 11:32 - 000000000 ____D C:\ProgramData\Intel
2020-10-12 11:27 - 2018-10-17 11:32 - 000000000 ____D C:\Program Files\Intel
2020-10-12 11:16 - 2018-11-01 14:56 - 000000000 ____D C:\Users\David Jackson\AppData\Local\PlaceholderTileLogoFolder
2020-10-12 10:12 - 2019-10-04 15:22 - 000000000 ____D C:\ProgramData\Dell
2020-10-11 23:22 - 2019-10-08 22:42 - 000000000 ____D C:\Program Files\Dell
2020-10-11 23:08 - 2019-04-27 12:01 - 000000000 ____D C:\Users\David Jackson\AppData\Local\Downloaded Installations
2020-10-11 22:53 - 2018-10-17 08:52 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2020-10-11 22:53 - 2018-10-17 08:52 - 000000000 ____D C:\WINDOWS\system32\RTCOM
2020-10-11 22:46 - 2019-10-04 15:22 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-10-11 13:06 - 2019-10-08 22:52 - 000000000 ____D C:\ProgramData\PCDr
2020-10-11 12:58 - 2018-10-18 10:25 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-10-11 12:54 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-10-10 20:30 - 2019-10-08 22:43 - 000000000 ____D C:\Users\David Jackson\AppData\Local\Dell Inc
2020-10-10 20:07 - 2019-10-07 12:18 - 000016560 _____ C:\VEW.txt
2020-10-10 18:13 - 2018-10-17 11:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-10-10 12:19 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-10-09 19:25 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-10-09 11:22 - 2018-10-17 11:31 - 000000000 ____D C:\Program Files\AMD
2020-10-08 18:37 - 2020-01-30 14:14 - 000003160 _____ C:\WINDOWS\system32\Tasks\StartCN
2020-10-08 18:37 - 2020-01-30 14:14 - 000003080 _____ C:\WINDOWS\system32\Tasks\StartDVR
2020-10-08 18:29 - 2020-06-10 10:38 - 000000000 ____D C:\WINDOWS\system32\AMD
2020-10-08 18:18 - 2020-02-14 10:27 - 000000000 ____D C:\AMD
2020-10-07 20:21 - 2020-05-11 12:00 - 000002424 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2020-10-07 20:21 - 2020-05-11 12:00 - 000002383 _____ C:\Users\Public\Desktop\Brave.lnk
2020-10-07 20:21 - 2020-05-11 12:00 - 000002383 _____ C:\ProgramData\Desktop\Brave.lnk
2020-10-06 21:59 - 2018-10-17 10:44 - 000000000 ____D C:\Users\David Jackson\AppData\Roaming\vlc
2020-09-27 18:23 - 2020-09-02 22:12 - 000000000 ____D C:\Users\Public\Security Sessions
2020-09-23 19:57 - 2020-04-24 13:53 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-23 19:57 - 2020-04-24 13:53 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-09-23 19:57 - 2020-04-24 13:53 - 000002262 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-09-14 13:11 - 2019-01-12 22:37 - 000000000 ____D C:\Users\David Jackson\AppData\Local\Adobe
2020-09-14 13:08 - 2019-06-11 19:34 - 000000000 ____D C:\Program Files (x86)\Adobe

==================== Files in the root of some directories ========

2019-01-27 14:38 - 2019-01-27 14:48 - 000000094 _____ () C:\Users\David Jackson\AppData\Roaming\AlamySizeCheck Preferences
2019-03-15 01:43 - 2019-03-15 01:43 - 039718141 _____ () C:\Users\David Jackson\AppData\Local\Ahiramto

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


  • 0

#223
daba

daba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 367 posts
Sorry. Everything went south. Looks now like they were sent after all. Laptop won't Enter or type. I'll reboot again.
  • 0

#224
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,549 posts
  • MVP

You have to use a different method for Safe Mode with Win 10.  Search for

msconfig

hit Enter

click on Boot tab.  Click on Safe Boot then OK and Reboot.  It should automatically go into Safe Mode.  WARNING:  the PIN number system does not work in Safe Mode so make sure you know your password before you try it.  Once in Safe Mode go back into msconfig and uncheck Safe Boot then OK but don't reboot until you are done.

 

Panda should now install  anyway without Avira's program but we can  let FRST do the same task if you still need it:

Put

avira

in the FRST search Box and hit Search Registry and it will create one log.  Please post.


  • 0

#225
daba

daba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 367 posts
I installed an updated HD Graphics Card hoping it would enable me to type. It did for a while but then froze on the password screen. Rebooted. Typing BUT the Microsoft/Skype/Hotmail password for the PIN is flagging as incorrect - even though it is. Somewhat stuffed…
  • 0






Similar Topics


Also tagged with one or more of these keywords: windows 10, password login, fake login screen

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP