This topic is locked
Good afternoon,
My laptop recently started to really lag, sometimes taking minutes to complete open a file. I have tried malwarebytes and am running avast. I am not sure if this is malware, spyware or a virus. Am looking for some insights. Thanks in advance!
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-03-2022
Ran by c-lon (administrator) on DESKTOP-DB4P197 (Dell Inc. Inspiron 5575) (13-03-2022 17:46:42)
Running from C:\Users\c-lon\Desktop
Loaded Profiles: c-lon & Cyn Cyn
Platform: Microsoft Windows 10 Home Version 21H1 19043.1586 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amddvr.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\atiw.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe ->) (Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RAPS.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <15>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0334730.inf_amd64_8c38871372c5f622\B334632\atiesrxx.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(services.exe ->) (Dell Inc -> Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (Intuit, Inc. -> Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks, LLC.) C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(sihost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\Win32\mcafee-security-ft.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Rivet Networks LLC -> DELL) C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269088 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506144 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [DellMobileConnectWelcome] => C:\Program Files\Dell\DellMobileConnectDrivers\DellMobileConnectWStartup.exe [340480 2018-08-26] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1220416 2018-03-06] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [157464 2022-02-21] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [3158704 2021-08-18] (Corel Corporation -> Corel Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [WinZip FAH] => C:\Program Files\WinZip\FAHConsole.exe [436704 2021-08-26] (Corel Corporation -> WinZip Computing, S.L.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [10585376 2022-02-26] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-910738987-1615835283-943984240-1001\...\Run: [Amazon Music Helper] => C:\Users\c-lon\AppData\Local\Amazon Music\Amazon Music Helper.exe [2356312 2021-10-25] (Amazon.com Services LLC -> Amazon.com Services LLC)
HKU\S-1-5-21-910738987-1615835283-943984240-1001\...\Run: [Amazon Music] => C:\Users\c-lon\AppData\Local\Amazon Music\Amazon Music.exe [21073496 2021-10-25] (Amazon.com Services LLC -> Amazon.com Services LLC)
HKU\S-1-5-21-910738987-1615835283-943984240-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-10-26] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-910738987-1615835283-943984240-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [68408 2019-10-26] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-910738987-1615835283-943984240-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2019-10-26] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-910738987-1615835283-943984240-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2019-10-26] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-910738987-1615835283-943984240-1001\...\Run: [AvastBrowserAutoLaunch_0F27AC765C4098D4FBB1F4992268E694] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2740968 2022-02-23] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-910738987-1615835283-943984240-1001\...\Run: [Adobe Reader Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe" (No File)
HKU\S-1-5-21-910738987-1615835283-943984240-1007\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Cyn Cyn\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-910738987-1615835283-943984240-1007\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Cyn Cyn\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKLM\...\Windows x64\Print Processors\Canon MG3600 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCT.DLL [30208 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3600 series: C:\WINDOWS\system32\CNMLMCT.DLL [406528 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [375296 2015-03-17] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\99.0.4844.51\Installer\chrmstp.exe [2022-03-08] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\98.1.14514.103\Installer\chrmstp.exe [2022-03-10] (Avast Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2022-02-02]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (Corel Corporation -> WinZip Computing)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {3783F500-588D-4A01-8085-2CE4454F173E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {43B02258-0EE4-4FA2-8A9C-F9A02F3F560A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {44CAABAA-4609-4A19-A40B-AA780E1A843F} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [96520 2021-08-13] (Rivet Networks LLC -> DELL)
Task: {451FDECC-98B9-4BA6-9590-E6F580D375E3} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2740968 2022-02-23] (Avast Software s.r.o. -> AVAST Software)
Task: {4733483F-EE61-4C24-B3B4-782C95EDE04D} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-26] (Avast Software s.r.o. -> AVAST Software)
Task: {4770FF4D-E9AF-4087-AA06-512BE42AC068} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {478B7010-B4E7-4BCA-9728-DDB492AB0002} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe [63880 2018-10-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {53B15E23-4003-4D3F-9EED-D9DFC9275E2F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2296088 2022-03-07] (Avast Software s.r.o. -> Avast Software)
Task: {5B6EADEA-01C9-4BE6-9106-BEB3E5DE2308} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {5D769CCB-06CC-4DE2-B7AF-BEA1B3DC0D3D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-24] (Google Inc -> Google LLC)
Task: {62624DA8-A6ED-4B20-98D3-C508EED424F1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {70225F4D-7933-4A43-B346-1693F0759DD3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-24] (Google Inc -> Google LLC)
Task: {802B5DBE-CE0D-4773-A002-A6FF6C10A92E} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4992792 2022-02-21] (Avast Software s.r.o. -> AVAST Software)
Task: {838D2BCB-BE57-41ED-950C-4123EA0431B1} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [49032 2018-10-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {854391D5-F98B-4CCE-B6A9-EE3E12829663} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-26] (Avast Software s.r.o. -> AVAST Software)
Task: {B53C9168-4196-4C49-85C5-8C1C0FF82D76} - System32\Tasks\WinZip Update Notifier 1 => C:\Program Files\WinZip\WZUpdateNotifier.exe [3158704 2021-08-18] (Corel Corporation -> Corel Corporation)
Task: {C346CEE8-EC24-459B-BEDB-71DFF56FE153} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {D1185B6D-D880-4D48-B71E-2B92DE4505C1} - System32\Tasks\WinZip Update Notifier 3 => C:\Program Files\WinZip\WZUpdateNotifier.exe [3158704 2021-08-18] (Corel Corporation -> Corel Corporation)
Task: {DACF56A5-0F29-41D6-8799-3CF64E6DA73E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {E3C918FA-27B3-441F-BF06-EB94921FFA7A} - System32\Tasks\WinZip Update Notifier 2 => C:\Program Files\WinZip\WZUpdateNotifier.exe [3158704 2021-08-18] (Corel Corporation -> Corel Corporation)
Task: {E7466F4E-097B-4952-94E1-4887E1F5DD25} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1060384 2021-11-15] (Dell Inc -> Dell Inc.)
Task: {F709AAB1-A6E0-41B1-A234-BB8CA798846B} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2740968 2022-02-23] (Avast Software s.r.o. -> AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{251de530-82c8-4504-8a58-49daeede40df}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c6ffba44-8532-4ef4-b6c1-fbc6b7d38f1c}: [DhcpNameServer] 192.168.1.1
Edge:
=======
DownloadDir: C:\Users\c-lon\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\c-lon\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-30]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\c-lon\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-01-30]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-03-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-10-17] (CANON INC.) [File not signed]
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-01-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-01-26] (Avast Software s.r.o. -> AVAST Software)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Default [2022-03-13]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://goodluckfrog.com; hxxps://mp3download.to; hxxps://www.allfreesewing.com; hxxps://www.couponing101.com; hxxps://www.eventbrite.com; hxxps://www.evernote.com; hxxps://www.facebook.com; hxxps://www.instacart.com; hxxps://www.netflix.com; hxxps://www.skinnytaste.com; hxxps://www.wholesomeyum.com; hxxps://www.wish.com
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Slides) - C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-24]
CHR Extension: (File Converter) - C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Default\Extensions\alblmaecejifbilchdofkdanifpmnmfk [2019-05-17]
CHR Extension: (Docs) - C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-24]
CHR Extension: (Google Drive) - C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-23]
CHR Extension: (YouTube) - C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-24]
CHR Extension: (HelloFax) - C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Default\Extensions\bocmleclimfnadgmcdgecijlblfcmfnm [2019-04-24]
CHR Extension: (Twitter Media Assist) - C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Default\Extensions\cledppeceojodgghbbkaciochldmpdfk [2021-07-21]
CHR Extension: (Steam Inventory Helper) - C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2022-03-06]
CHR Extension: (Search by Image (by Google)) - C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2019-04-24]
CHR Extension: (Gom VPN - App to bypass blocked sites) - C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Default\Extensions\eelphgpfmjhndihoopgadghfonahifel [2019-04-24]
CHR Extension: (TastyPlug) - C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Default\Extensions\faccgibalfdoihmenknhpfhldkmgaang [2019-04-24]
CHR Extension: (Sheets) - C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-24]
CHR Extension: (Notepad) - C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp [2021-05-28]
CHR Extension: (Google Docs Offline) - C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-09]
CHR Extension: (Hola Free VPN Proxy Unblocker - Best VPN) - C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2021-07-21]
CHR Extension: (Save to Google Drive) - C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2021-09-16]
CHR Extension: (Pinterest Save Button) - C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2022-03-03]
CHR Extension: (Piggy - Automatic Coupons & Cash Back) - C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfapbcheiepjppjbnkphkmegjlipojba [2021-11-04]
CHR Extension: (Enable right click) - C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhojmcideegachlhfgfdhailpfhgknjm [2019-04-24]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-03-03]
CHR Extension: (Tumblr Optimiser) - C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilaebdchnmobmcalandfmfmlneeghoag [2019-04-24]
CHR Extension: (Dropbox) - C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2019-04-24]
CHR Extension: (Cisco Webex Extension) - C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2021-12-03]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2022-02-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (ColorPick Eyedropper) - C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohcpnigalekghcmgcdcenkpelffpdolg [2020-12-21]
CHR Extension: (Evernote Web Clipper) - C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2022-03-09]
CHR Extension: (Gmail) - C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Profile: C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-03-13]
CHR Profile: C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-02-21]
CHR Extension: (Slides) - C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-11-16]
CHR Extension: (Docs) - C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-11-16]
CHR Extension: (Google Drive) - C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-11-16]
CHR Extension: (YouTube) - C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-11-16]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-02-21]
CHR Extension: (Sheets) - C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-11-16]
CHR Extension: (Google Docs Offline) - C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-02-21]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-02-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-16]
CHR Extension: (Gmail) - C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-11-16]
CHR Profile: C:\Users\c-lon\AppData\Local\Google\Chrome\User Data\System Profile [2022-03-13]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8482384 2022-02-21] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [563992 2022-02-21] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [563992 2022-02-21] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-26] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\98.1.14514.103\elevation_service.exe [1893872 2022-02-23] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-06-04] (Avast Software s.r.o. -> AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44328 2022-02-26] (Dropbox, Inc -> Dropbox, Inc.)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [312864 2017-07-20] (Dell Inc -> Dell Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [436256 2021-09-29] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3847712 2021-09-29] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [462880 2021-09-29] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe [1024680 2021-09-02] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [19128 2021-07-08] (Dell Inc -> Dell INC.)
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{2BFE57AC-AAA8-4C39-9C9E-C151B95F670E} [21312 2020-11-02] (Microsoft Windows -> Microsoft Corporation)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38600 2021-11-12] (Dell Inc -> )
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [398792 2019-02-28] (Canon Inc. -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7997112 2022-02-22] (Malwarebytes Inc -> Malwarebytes)
R2 RAPSService; C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe [66296 2021-08-13] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [66296 2021-08-13] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 SmartByte Analytics Service; C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe [1633040 2021-08-13] (Rivet Networks LLC -> Rivet Networks)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2390800 2021-08-13] (Rivet Networks LLC -> Rivet Networks)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39968 2021-11-15] (Dell Inc -> Dell Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\NisSrv.exe [2876152 2022-01-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MsMpEng.exe [128360 2022-01-13] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35720 2022-02-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [226328 2022-02-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [368664 2022-02-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [251928 2022-02-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99352 2022-02-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-10-03] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41352 2022-02-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [267904 2022-02-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [545784 2022-02-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108888 2022-02-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82912 2022-02-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [854272 2022-02-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [550376 2022-03-03] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215920 2022-02-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [317696 2022-02-21] (Avast Software s.r.o. -> AVAST Software)
R3 DBUtilDrv2; C:\WINDOWS\System32\drivers\DBUtilDrv2.sys [24968 2022-03-11] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [43400 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [22848 2017-10-13] (WDKTestCert Andy_Chen6,131219483243550933 -> OSR Open Systems Resources, Inc.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2021-08-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [226984 2018-05-02] (McAfee, Inc. -> McAfee, Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [221096 2022-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-01-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [194480 2022-03-12] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69040 2022-03-12] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-11-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [156792 2022-03-13] (Malwarebytes Inc -> Malwarebytes)
R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [166032 2021-08-13] (Intel Corporation -> Rivet Networks, LLC.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2022-01-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [435432 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2022-01-13] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-03-13 17:46 - 2022-03-13 17:49 - 000034946 _____ C:\Users\c-lon\Desktop\FRST.txt
2022-03-13 17:46 - 2022-03-13 17:46 - 000000000 ____D C:\Users\c-lon\Desktop\FRST-OlderVersion
2022-03-13 17:45 - 2022-03-13 17:48 - 000000000 ____D C:\FRST
2022-03-13 17:43 - 2022-03-13 17:46 - 002364928 _____ (Farbar) C:\Users\c-lon\Desktop\FRST64.exe
2022-03-13 17:43 - 2022-03-13 17:44 - 000000000 ____D C:\Users\c-lon\Desktop\COMPUTER FIX
2022-03-13 17:34 - 2022-03-13 17:34 - 000156792 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2022-03-12 13:11 - 2022-03-12 13:11 - 000194480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2022-03-12 13:11 - 2022-03-12 13:11 - 000069040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2022-03-11 18:44 - 2022-03-11 18:45 - 000024968 _____ (Dell) C:\WINDOWS\system32\Drivers\DBUtilDrv2.sys
2022-03-10 15:25 - 2022-03-10 15:25 - 001056206 _____ C:\Users\c-lon\Documents\IMG_20220310_0001.pdf
2022-03-10 12:36 - 2022-03-10 12:36 - 000000000 ____D C:\Users\c-lon\AppData\Local\SolidDocuments
2022-03-09 12:39 - 2022-03-09 12:39 - 000011911 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-03-09 12:37 - 2022-03-09 12:37 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-03-09 12:36 - 2022-03-09 12:36 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-03-09 12:33 - 2022-03-09 12:33 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-03-09 12:32 - 2022-03-09 12:32 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-03-09 10:52 - 2022-03-09 10:52 - 000000000 ___HD C:\$WinREAgent
2022-03-08 21:24 - 2022-03-08 21:27 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-03-08 21:24 - 2022-03-08 21:27 - 000002063 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2022-03-08 21:22 - 2022-03-08 21:22 - 000000000 ____D C:\Program Files\Adobe
2022-03-08 21:21 - 2022-03-08 21:22 - 000000000 ____D C:\Program Files\Common Files\Adobe
2022-03-08 20:52 - 2022-03-08 20:52 - 000423728 _____ C:\Users\c-lon\Documents\IMG_20220308_0002.pdf
2022-03-08 20:50 - 2022-03-08 20:50 - 000423000 _____ C:\Users\c-lon\Documents\IMG_20220308_0001.pdf
2022-03-03 09:00 - 2022-03-03 09:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2022-03-02 14:05 - 2022-03-02 14:05 - 001431046 _____ C:\Users\c-lon\Documents\Londini - Request for Eligiility Review.pdf
2022-02-28 20:57 - 2022-03-10 15:29 - 000000000 ____D C:\Users\c-lon\Documents\COURT
2022-02-26 10:59 - 2022-02-26 10:59 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2022-02-26 10:59 - 2022-02-26 10:59 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2022-02-26 10:59 - 2022-02-26 10:59 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2022-02-26 10:59 - 2022-02-26 10:59 - 000044328 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2022-02-22 14:25 - 2022-02-22 14:25 - 000221096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-02-21 13:47 - 2022-02-21 13:46 - 000340760 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-02-21 13:47 - 2022-02-21 13:46 - 000215920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-03-13 17:52 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-03-13 17:41 - 2019-04-25 07:39 - 000000000 ____D C:\Users\c-lon\AppData\Local\D3DSCache
2022-03-13 17:36 - 2019-04-24 20:47 - 000000000 ____D C:\Program Files (x86)\Google
2022-03-13 17:29 - 2020-11-02 02:48 - 000840602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-03-13 17:29 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2022-03-13 17:25 - 2020-11-02 02:32 - 000000000 ____D C:\Users\c-lon
2022-03-13 17:23 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-03-13 17:22 - 2020-11-02 03:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-03-13 17:21 - 2020-11-02 02:22 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-03-13 17:21 - 2020-11-02 02:21 - 000008192 ___SH C:\DumpStack.log.tmp
2022-03-13 17:21 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-03-13 17:04 - 2021-07-31 13:25 - 000000000 ____D C:\Users\c-lon\AppData\LocalLow\IGDump
2022-03-13 16:58 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-03-13 16:58 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-03-13 16:47 - 2020-11-02 03:27 - 000004164 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{4001689B-1D3C-43F0-98CE-6AF9DD4DCD2E}
2022-03-12 13:12 - 2020-11-02 03:27 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-03-12 13:11 - 2020-06-21 16:46 - 000000000 ____D C:\ProgramData\Avast Software
2022-03-12 13:09 - 2021-04-21 17:17 - 000000938 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2022-03-12 13:09 - 2021-04-21 17:17 - 000000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2022-03-12 13:06 - 2019-12-07 05:03 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2022-03-12 12:47 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-03-12 12:13 - 2020-07-10 22:43 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-03-12 12:13 - 2020-07-10 22:43 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-03-11 16:14 - 2021-12-12 15:29 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-910738987-1615835283-943984240-1001
2022-03-11 16:14 - 2020-11-02 03:27 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-910738987-1615835283-943984240-1001
2022-03-11 16:14 - 2020-11-02 02:32 - 000002381 _____ C:\Users\c-lon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-03-11 08:48 - 2021-04-21 17:17 - 000003896 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2022-03-11 08:48 - 2021-04-21 17:17 - 000003664 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2022-03-10 17:25 - 2020-06-21 16:56 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2022-03-10 15:25 - 2019-06-22 21:59 - 000000000 ____D C:\ProgramData\CanonIJPLM
2022-03-10 12:36 - 2019-04-24 20:24 - 000000000 ____D C:\Users\c-lon\AppData\Roaming\Adobe
2022-03-10 12:16 - 2022-02-02 18:49 - 000267704 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-03-10 12:08 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-03-10 12:08 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-03-10 12:08 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-03-10 12:08 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-03-10 12:07 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-03-10 12:07 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-03-10 12:07 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-03-10 12:07 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\servicing
2022-03-10 01:32 - 2021-07-31 16:32 - 000000000 ____D C:\Users\Cyn Cyn
2022-03-09 17:44 - 2020-09-30 17:11 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-03-09 12:32 - 2020-11-02 02:27 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-03-09 10:51 - 2019-04-25 07:46 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-03-09 10:46 - 2019-04-25 07:45 - 145666720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-03-09 08:34 - 2020-11-27 23:17 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b0e3fa71ab02
2022-03-09 08:34 - 2020-11-02 03:27 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-03-08 21:27 - 2020-11-02 03:27 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-03-08 21:21 - 2019-09-13 20:25 - 000000000 ____D C:\ProgramData\Adobe
2022-03-08 09:44 - 2019-04-24 20:49 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-03-08 09:44 - 2019-04-24 20:49 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-03-07 16:03 - 2019-09-07 14:46 - 000000000 ____D C:\Users\c-lon\AppData\Local\ElevatedDiagnostics
2022-03-06 22:48 - 2021-11-20 13:38 - 000002694 _____ C:\WINDOWS\system32\Tasks\WinZip Update Notifier 2
2022-03-06 22:48 - 2021-11-20 13:38 - 000002692 _____ C:\WINDOWS\system32\Tasks\WinZip Update Notifier 3
2022-03-06 22:48 - 2021-11-20 13:38 - 000002692 _____ C:\WINDOWS\system32\Tasks\WinZip Update Notifier 1
2022-03-06 22:48 - 2021-11-11 18:54 - 000002258 _____ C:\WINDOWS\system32\Tasks\SmartByte Telemetry
2022-03-06 22:48 - 2021-07-31 17:32 - 000002854 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-910738987-1615835283-943984240-1007
2022-03-06 22:48 - 2020-11-02 03:27 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-03-06 22:48 - 2020-11-02 03:27 - 000003270 _____ C:\WINDOWS\system32\Tasks\Dell SupportAssistAgent AutoUpdate
2022-03-06 22:48 - 2020-11-02 03:27 - 000003184 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-03-06 22:48 - 2020-11-02 03:27 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-03-06 22:48 - 2020-11-02 03:27 - 000002202 _____ C:\WINDOWS\system32\Tasks\StartCN
2022-03-06 22:48 - 2020-11-02 03:27 - 000002116 _____ C:\WINDOWS\system32\Tasks\StartDVR
2022-03-06 22:48 - 2020-11-02 03:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-03-03 10:04 - 2021-03-24 10:43 - 000015067 _____ C:\Users\c-lon\Documents\P Secrets (version 1) (version 1).xlsb.xlsx
2022-03-03 09:01 - 2021-04-21 17:17 - 000000000 ____D C:\Program Files (x86)\Dropbox
2022-03-03 08:35 - 2020-06-21 16:51 - 000550376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-02-24 14:26 - 2019-06-18 19:08 - 000000000 ____D C:\Program Files\UNP
2022-02-22 14:25 - 2021-01-19 19:51 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-02-22 14:25 - 2021-01-19 19:51 - 000002023 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-02-22 14:23 - 2021-01-19 19:50 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-02-22 14:23 - 2021-01-19 19:50 - 000000000 ____D C:\Program Files\Malwarebytes
2022-02-21 13:50 - 2020-06-21 16:51 - 000368664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-02-21 13:50 - 2020-06-21 16:51 - 000317696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-02-21 13:47 - 2019-12-07 05:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-02-21 13:46 - 2020-10-25 19:20 - 000267904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-02-21 13:46 - 2020-08-26 07:37 - 000035720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2022-02-21 13:46 - 2020-06-21 16:51 - 000854272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-02-21 13:46 - 2020-06-21 16:51 - 000545784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-02-21 13:46 - 2020-06-21 16:51 - 000251928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-02-21 13:46 - 2020-06-21 16:51 - 000226328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-02-21 13:46 - 2020-06-21 16:51 - 000108888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-02-21 13:46 - 2020-06-21 16:51 - 000099352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-02-21 13:46 - 2020-06-21 16:51 - 000082912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-02-21 13:46 - 2020-06-21 16:51 - 000041352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-02-14 22:06 - 2020-09-30 17:11 - 000600944 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2022-02-14 22:06 - 2020-09-30 17:11 - 000482120 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
==================== Files in the root of some directories ========
2021-05-28 22:39 - 2021-05-28 22:39 - 000000000 _____ () C:\Users\c-lon\AppData\Local\{4D053284-DF06-4976-AB31-901950E18CC9}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2022
Ran by c-lon (13-03-2022 17:57:35)
Running from C:\Users\c-lon\Desktop
Microsoft Windows 10 Home Version 21H1 19043.1586 (X64) (2020-11-02 07:31:32)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-910738987-1615835283-943984240-500 - Administrator - Disabled)
c-lon (S-1-5-21-910738987-1615835283-943984240-1001 - Administrator - Enabled) => C:\Users\c-lon
Cyn Cyn (S-1-5-21-910738987-1615835283-943984240-1007 - Administrator - Enabled) => C:\Users\Cyn Cyn
DefaultAccount (S-1-5-21-910738987-1615835283-943984240-503 - Limited - Disabled)
Guest (S-1-5-21-910738987-1615835283-943984240-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-910738987-1615835283-943984240-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: McAfee VirusScan (Enabled - Up to date) {4DE344F8-6897-65B4-CED0-82B3AF2591B4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
4K YouTube to MP3 (HKLM\...\{1B17CC62-28CB-4CF0-BA35-ED928F1E5AE8}) (Version: 4.4.4.4720 - Open Media LLC) Hidden
4K YouTube to MP3 (HKLM-x32\...\{9665561d-38a9-4ad1-ac28-9f58f04ad4c0}) (Version: 4.3.1.4540 - Open Media LLC)
Acoustica Mixcraft 8 Home Studio (HKLM-x32\...\Mixcraft 8 Home Studio-32) (Version: 8.0.1.418 - Acoustica)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 22.001.20085 - Adobe)
Amazon Kindle (HKU\S-1-5-21-910738987-1615835283-943984240-1001\...\Amazon Kindle) (Version: 1.26.0.55076 - Amazon)
Amazon Music (HKU\S-1-5-21-910738987-1615835283-943984240-1001\...\Amazon Amazon Music) (Version: 8.8.1.2303 - Amazon.com Services LLC)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2018.1011.0214.4026 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 17.7 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{BED24701-751B-41C5-8888-A8EABAB9FE8C}) (Version: 8.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{88F21C94-88AF-4665-AF4F-FECB1FA059B9}) (Version: 8.1 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Audacity 3.0.0 (HKLM-x32\...\Audacity_is1) (Version: 3.0.0 - Audacity Team)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 22.1.2504 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 98.1.14514.103 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.4.4 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.7.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.0.2 - Canon Inc.)
Canon MG3600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3600_series) (Version: - Canon Inc.)
Canon MG3600 series On-screen Manual (HKLM-x32\...\Canon MG3600 series On-screen Manual) (Version: 7.8.0 - Canon Inc.)
Canon MG3600 series User Registration (HKLM-x32\...\Canon MG3600 series User Registration) (Version: - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Chord Pickout 3.0 (HKLM-x32\...\Chord Pickout) (Version: 3.0 - ChordPickout.com)
Dell Digital Delivery Service (HKLM-x32\...\{66E2407E-9001-483E-B2AA-7AEF97567143}) (Version: 3.6.1005.0 - Dell Products, LP)
Dell Mobile Connect Drivers (HKLM\...\{98962E99-9DC0-4B16-9D48-2EED1F5D117E}) (Version: 1.2.6577 - Screenovate Technologies Ltd.)
Dell Power Manager Service (HKLM\...\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}) (Version: 3.0.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\{E0659C89-D276-4B77-A5EC-A8F2F042E78F}) (Version: 3.10.4.18 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{900D0BCD-0B86-4DAA-B639-89BE70449569}) (Version: 5.4.1.14954 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{ec40a028-983b-4213-af2c-77ed6f6fe1d5}) (Version: 5.4.1.14954 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{795931D8-2EBF-4969-A678-4219B161F676}) (Version: 5.4.3.15135 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{555298fa-14a9-48f2-a7a0-9602f31785da}) (Version: 5.4.3.15135 - Dell Inc.)
Dell Update for Windows Universal (HKLM\...\{41D2D254-D869-4CD8-B440-5DF49083C4BA}) (Version: 4.4.0 - Dell Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 143.4.4161 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.583.1 - Dropbox, Inc.) Hidden
Fire Toolbox V25.0 version (HKU\S-1-5-21-910738987-1615835283-943984240-1001\...\{BDBE8E23-DD1B-4AC8-B5C3-D3AB4FEDAFF9}_is1) (Version: - Datastream33)
Goodix Fingerprint Driver (HKLM\...\{60FAB781-18F2-4D2B-A8E7-B3AADD327955}_is1) (Version: 1.0.33.600 - Goodix, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 99.0.4844.51 - Google LLC)
iCloud (HKLM\...\{576BC8FA-1891-47C8-8A23-F3DDB78C06DE}) (Version: 7.15.0.10 - Apple Inc.)
Malwarebytes version 4.5.4.168 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.4.168 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.9434.5 - Waves Audio Ltd.) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 99.0.1150.39 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-910738987-1615835283-943984240-1001\...\OneDriveSetup.exe) (Version: 22.033.0213.0002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-910738987-1615835283-943984240-1007\...\OneDriveSetup.exe) (Version: 21.129.0627.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{5016990D-7F61-4A20-9451-A915D6616DD9}) (Version: 3.66.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{12C2AEB0-ED60-4CCF-DD83-C65BC7CCFB50}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Qualcomm 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{E7086B15-806E-4519-A876-DBA9FDDE9A13}) (Version: 11.0.0.10480 - Qualcomm)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8555 - Realtek Semiconductor Corp.)
SmartByte Drivers and Services (HKLM\...\{A0CDAD3D-0329-4E3E-8DC1-30E333D6564D}) (Version: 3.1.995 - Rivet Networks)
TurboTax 2019 (HKLM-x32\...\TurboTax 2019) (Version: 2019.0 - Intuit, Inc)
TurboTax 2020 (HKLM-x32\...\TurboTax 2020) (Version: 2020.0 - Intuit, Inc)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 - Microsoft Corporation)
VSDC Free Audio Converter version 1.6.5.353 (HKLM-x32\...\VSDC Free Audio Converter_is1) (Version: 1.6.5.353 - Flash-Integro LLC)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 10.38 - NCH Software)
Windows PC Health Check (HKLM\...\{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 - Microsoft Corporation)
WinZip 26.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2413B}) (Version: 26.0.14610 - Corel Corporation)
WinZip 26.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2413D}) (Version: 26.0.14611 - Corel Corporation)
Zoom (HKU\S-1-5-21-910738987-1615835283-943984240-1001\...\ZoomUMX) (Version: 5.4.9 (59931.0110) - Zoom Video Communications, Inc.)
Packages:
=========
Adobe Photoshop Express: Image Editor, Adjustments, Filters, Effects, Borders -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobePhotoshopExpress_3.5.381.0_x64__ynb6jyjzte8ga [2022-02-11] (Adobe Inc.)
Bible -> C:\Program Files\WindowsApps\LifeChurch.tv.Bible_2.0.4.37_neutral__d1phjsdba8cbj [2019-07-27] (LifeChurch.tv)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.75.1.0_x64__kgqvnymyfvs32 [2022-03-01] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2220.2.0_x64__kgqvnymyfvs32 [2022-03-06] (king.com)
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.3.5.0_x64__htrsf667h5kn2 [2022-02-11] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0.92.0_x64__htrsf667h5kn2 [2022-02-11] (Dell Inc)
Dell Mobile Connect 3.3 -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0 [2022-02-11] (Screenovate Technologies) [Startup Task]
Dell Power Manager -> C:\Program Files\WindowsApps\DellInc.DellPowerManager_3.10.10.0_x64__htrsf667h5kn2 [2021-11-04] (Dell Inc)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.10.7.0_x64__htrsf667h5kn2 [2022-03-10] (Dell Inc)
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_4.4.18.0_x86__htrsf667h5kn2 [2021-11-14] (Dell Inc)
HD Movie Maker - PRO -> C:\Program Files\WindowsApps\21336V3TApps.MovieMaker-PRO_3.4.6.0_x64__bzg06mxvgh4fa [2022-02-09] (V3TApps)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12123.5.56009.0_x64__nzyj5cx40ttqa [2022-03-10] (Apple Inc.) [Startup Task]
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-04-25] (LinkedIn)
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy [2022-02-14] (McAfee LLC.)
Media Suite Essentials for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.MediaSuiteEssentialsforDell_2.6.4028.0_x86__mcezb6ze687jp [2020-03-28] (CYBERLINK CORPORATION.)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.14827.20198.0_x86__8wekyb3d8bbwe [2022-02-26] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-04-24] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-04-24] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.14827.20198.0_x86__8wekyb3d8bbwe [2022-02-26] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.14827.20198.0_x86__8wekyb3d8bbwe [2022-02-26] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.14827.20198.0_x86__8wekyb3d8bbwe [2022-02-26] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.14827.20198.0_x86__8wekyb3d8bbwe [2022-02-26] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.14827.20198.0_x86__8wekyb3d8bbwe [2022-02-26] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.2180.0_x64__8wekyb3d8bbwe [2022-02-24] (Microsoft Studios) [MS Ad]
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.14827.20198.0_x86__8wekyb3d8bbwe [2022-02-26] (Microsoft Corporation)
Movie Maker - Video Editor -> C:\Program Files\WindowsApps\21336V3TApps.MovieMaker-FREE_3.4.6.0_x64__bzg06mxvgh4fa [2022-02-11] (V3TApps)
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-18] (Microsoft Corporation)
My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_1.92.17.0_x64__htrsf667h5kn2 [2022-02-11] (Dell Inc)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-16] (Netflix, Inc.)
PDF Reader - View, Edit, Share -> C:\Program Files\WindowsApps\0D9A1B2D.PDFReaderUWP_1.17.1.0_x64__jhretta7p24aw [2022-02-14] (Kdan Mobile Software Ltd.)
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-24] (Microsoft Corporation)
Power Media Player for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerMediaPlayerforDell_14.2.3708.0_x86__mcezb6ze687jp [2021-07-15] (CYBERLINK CORPORATION.)
Power2Go for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.Power2GoforDell_11.0.3920.0_x86__mcezb6ze687jp [2020-08-13] (CYBERLINK CORPORATION.) [Startup Task]
PowerDirector for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerDirectorforDell_15.0.4409.0_x64__mcezb6ze687jp [2019-04-25] (CYBERLINK CORPORATION.)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2021-01-26] (Adobe Systems Incorporated)
SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_3.1.1001.0_x64__rh07ty8m5nkag [2021-10-31] (Rivet Networks LLC)
Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.15.163.0_x64__43tkc6nmykmb6 [2022-02-11] (Ookla)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0 [2022-03-03] (Spotify AB) [Startup Task]
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2022-03-13] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-910738987-1615835283-943984240-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-910738987-1615835283-943984240-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-910738987-1615835283-943984240-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-910738987-1615835283-943984240-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-910738987-1615835283-943984240-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-910738987-1615835283-943984240-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-910738987-1615835283-943984240-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
CustomCLSID: HKU\S-1-5-21-910738987-1615835283-943984240-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.WinZipExpressForOffice.dll (Corel Corporation -> )
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-02-21] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-02-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-02-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-01] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-10-26] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2021-08-18] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-02-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-01] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2021-08-18] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-10-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-02-01] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-02-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2021-08-18] (Corel Corporation -> WinZip Computing)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\c-lon\Desktop\Cindy - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\c-lon\Desktop\Pinterest.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ajinkohnfhbdebdnggdbjkgjflfhcnkk
ShortcutWithArgument: C:\Users\c-lon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gom VPN - App to bypass blocked sites.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=eelphgpfmjhndihoopgadghfonahifel
ShortcutWithArgument: C:\Users\c-lon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Pinterest.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ajinkohnfhbdebdnggdbjkgjflfhcnkk
==================== Loaded Modules (Whitelisted) =============
2018-09-13 16:36 - 2018-09-13 16:36 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2018-09-13 16:36 - 2018-09-13 16:36 - 002552832 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2019-12-07 05:53 - 2019-12-07 05:53 - 001165824 _____ () [File not signed] C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\e_sqlite3.dll
2019-06-22 22:15 - 2015-03-17 08:51 - 000375296 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2022-02-10 04:34 - 2022-02-10 04:34 - 000223744 _____ (Intuit Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Intuit.Spc.618c5f21#\79d242da75837bceeff2b57fb4798dcf\Intuit.Spc.Esd.Client.DataAccess.ni.dll
2022-02-10 04:34 - 2022-02-10 04:34 - 000252416 _____ (Intuit Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Intuit.Spc.820cb8f8#\b4e79e627981462fd20dd6b424b32be4\Intuit.Spc.Esd.Client.Common.ni.dll
2022-02-10 04:34 - 2022-02-10 04:34 - 001133568 _____ (Intuit Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Intuit.Spc.8e5e058c#\8035471dad2a0de52755a9272e990964\Intuit.Spc.Esd.WinClient.Api.Net.ni.dll
2022-02-10 04:34 - 2022-02-10 04:34 - 000749568 _____ (Intuit Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Intuit.Spc.e37652b5#\1a75b86e7afb5e9057b77388d6ea36d2\Intuit.Spc.Map.Reporter.ni.dll
2022-02-10 04:34 - 2022-02-10 04:34 - 000867328 _____ (Intuit Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Intuit.Spc.Esd.Core\31227a14bee1b914abfb4ae7531851e7\Intuit.Spc.Esd.Core.ni.dll
2021-11-12 19:59 - 2021-11-12 19:59 - 016742912 _____ (McAfee LLC) [File not signed] C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.dll
2020-12-01 01:14 - 2020-12-01 01:14 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Interop.dll
2018-09-13 16:36 - 2018-09-13 16:36 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2018-09-13 16:36 - 2018-09-13 16:36 - 000040960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2018-09-13 16:36 - 2018-09-13 16:36 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2018-09-13 16:36 - 2018-09-13 16:36 - 000345600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2018-09-13 16:36 - 2018-09-13 16:36 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2018-09-13 16:36 - 2018-09-13 16:36 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2018-09-13 16:36 - 2018-09-13 16:36 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2018-09-13 16:36 - 2018-09-13 16:36 - 000502272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2018-09-13 16:36 - 2018-09-13 16:36 - 001413120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2018-10-11 03:12 - 2018-10-11 03:12 - 005785088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2018-09-13 16:36 - 2018-09-13 16:36 - 006304256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2018-09-13 16:36 - 2018-09-13 16:36 - 001077248 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2018-09-13 16:36 - 2018-09-13 16:36 - 000323584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2018-09-13 16:36 - 2018-09-13 16:36 - 003556352 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2018-09-13 16:36 - 2018-09-13 16:36 - 003699712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2018-09-13 16:36 - 2018-09-13 16:36 - 000331264 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2018-09-13 16:36 - 2018-09-13 16:36 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2018-09-13 16:36 - 2018-09-13 16:36 - 000355328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2018-09-13 16:36 - 2018-09-13 16:36 - 076168704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2018-09-13 16:36 - 2018-09-13 16:36 - 005591552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2018-09-13 16:36 - 2018-09-13 16:36 - 000461312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2018-09-13 16:36 - 2018-09-13 16:36 - 000187904 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2018-09-13 16:36 - 2018-09-13 16:36 - 002821632 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2018-09-13 16:36 - 2018-09-13 16:36 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2018-09-13 16:36 - 2018-09-13 16:36 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2018-09-13 16:36 - 2018-09-13 16:36 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2018-09-13 16:36 - 2018-09-13 16:36 - 000327680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2018-09-13 16:36 - 2018-09-13 16:36 - 000089600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2018-09-13 16:36 - 2018-09-13 16:36 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2018-09-13 16:36 - 2018-09-13 16:36 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\styles\qwindowsvistastyle.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-910738987-1615835283-943984240-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-910738987-1615835283-943984240-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-910738987-1615835283-943984240-1001 -> DefaultScope {3D43CF28-E16F-412F-B74A-408AF9CF42CF} URL =
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-11 19:38 - 2020-06-21 16:41 - 000000836 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-910738987-1615835283-943984240-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
HKU\S-1-5-21-910738987-1615835283-943984240-1007\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "DellMobileConnectWelcome"
HKLM\...\StartupApproved\Run: => "RtHDVBg_PushButton"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "WavesSvc"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "WinZip UN"
HKLM\...\StartupApproved\Run: => "WinZip FAH"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKLM\...\StartupApproved\Run32: => "ConnectionCenter"
HKLM\...\StartupApproved\Run32: => "Redirector"
HKLM\...\StartupApproved\Run32: => "InstallHelper"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-910738987-1615835283-943984240-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-910738987-1615835283-943984240-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-910738987-1615835283-943984240-1001\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-910738987-1615835283-943984240-1001\...\StartupApproved\Run: => "Amazon Music Helper"
HKU\S-1-5-21-910738987-1615835283-943984240-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-910738987-1615835283-943984240-1001\...\StartupApproved\Run: => "AppleIEDAV"
HKU\S-1-5-21-910738987-1615835283-943984240-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-910738987-1615835283-943984240-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-910738987-1615835283-943984240-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_0F27AC765C4098D4FBB1F4992268E694"
HKU\S-1-5-21-910738987-1615835283-943984240-1001\...\StartupApproved\Run: => "Adobe Reader Synchronizer"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{04DA7F4E-A148-44EB-A540-A84DD7587478}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{FEF4B8E0-7ACC-4090-895C-99AB606BBF91}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{2432AD01-00BA-45A7-BDBF-9D30C3A9946F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{E62D22F4-8C59-403D-B584-D6AFEA59CF05}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{B3A76838-F656-4ED3-A20E-711824D954A1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6805275C-9E33-4721-BDA7-7867DCE4D778}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7E511A86-8CAE-4072-B050-BD1FAFCD3E2A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BAED4CA8-D1DD-4B84-AFF9-4A9BD07BC3A2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{542C1937-64ED-4975-9CD9-B00A4755F346}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8C242C28-D30B-452A-AECF-66E3FEA4E966}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{AA7DD2D0-B516-4F9B-8794-83922BDF800F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{B1205DC3-049D-4A97-BC2A-ED22BC12663B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{EE5DF952-6BFE-43CF-95D3-1D5172AE7400}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{4B0DDC24-7F4D-40FC-9366-AB96EC2A03D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life is Strange 2\LIS2\Binaries\Win64\LIS2-Win64-Shipping.exe => No File
FirewallRules: [{EC3B9ECC-6AFE-43C6-B936-F4D64EF5D692}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life is Strange 2\LIS2\Binaries\Win64\LIS2-Win64-Shipping.exe => No File
FirewallRules: [{0C1E26ED-DC62-4D18-8328-B8B42C878FC4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{7D5EEB75-68B8-41D0-B91E-778105799D4E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{C7869DC3-DFA6-43DA-9B2C-644444DD10AE}C:\users\c-lon\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\c-lon\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{928F4309-8D56-44E9-8594-74CC07AB9ED2}C:\users\c-lon\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\c-lon\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{027671B1-563E-46D8-96A6-BA09DC8E63DF}] => (Allow) C:\Program Files (x86)\FlashIntegro\AudioConverter\AudioConverter.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{5043B9F9-C2F2-4481-9312-C182C9168F14}] => (Allow) C:\Program Files (x86)\FlashIntegro\AudioConverter\AudioConverter.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{D0F00482-EF33-4953-B82F-ACFE01E4C47A}] => (Allow) C:\Program Files (x86)\FlashIntegro\AudioConverter\Updater.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{5AF1601B-4D19-4E9D-B023-7E6E4E21B7D6}] => (Allow) C:\Program Files (x86)\FlashIntegro\AudioConverter\Updater.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{347B0A05-C538-49EC-8251-9E27E8B83AB2}] => (Allow) C:\Program Files (x86)\Nox\bin\Nox.exe => No File
FirewallRules: [{A517E7C1-7CDB-4863-AA75-6A7A8033C0E4}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe => No File
FirewallRules: [{E08AC6CE-0055-470A-B0D5-50C0D6047771}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.14228.20226.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe => No File
FirewallRules: [{90513879-9B06-43B8-95BE-FB05C720049E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.14228.20250.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe => No File
FirewallRules: [{E777C6E8-489F-4519-8D41-7B009116F5E1}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E9BCD568-591C-4FB1-933C-EC8950C8291A}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{70EDF7DD-359F-495E-90F4-E7993E4873A2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.14326.20348.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe => No File
FirewallRules: [{2D12FBAE-585C-420D-BD85-43F41F0DD2E2}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.) [File not signed]
FirewallRules: [{94F9C25F-5F84-40B1-A3D9-3D01A0CCA572}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.) [File not signed]
FirewallRules: [{17E60711-F956-428D-A273-FD4F3070BA05}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.14430.20234.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe => No File
FirewallRules: [{94C0B1EA-8226-4109-952B-FC1FF607991D}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{C680692B-CD5A-4FAC-8395-5C0E1ADC65CC}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{4EA8B33F-613F-4F3F-A19B-A437255FF20C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.14527.20234.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe => No File
FirewallRules: [{4EC05A0F-0448-41A2-ABEB-A0A73A1696AA}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{AE725D88-5E00-4209-A4D6-EA530A02E05C}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{36B49FEF-5C2B-4E83-A15C-3A22F1C8D212}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{C3250DDE-EDFE-4DE2-9F83-86EF321E5C23}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{1DFCDF62-6A8D-47E1-9057-D1A5FBD4D28D}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{92A2B299-E6E7-46D2-8C7F-952F967663E0}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{C943F601-08E4-4662-A5AD-A5915C1DDBC2}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{861ABEEF-294E-401F-AF99-AEABBC13FB58}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{C2BC3D35-1F02-4410-96D5-C803C178CA7E}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{ECCE180A-D708-450D-AEA7-E38A8D4F6FC4}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{D1274A41-D9E4-4849-88C3-9B6025CE4035}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.14701.20248.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe => No File
FirewallRules: [{90928954-A631-408D-8C4F-02690689692F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.14701.20262.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe => No File
FirewallRules: [{E8D7C90C-A8FB-4286-B0B1-8FB7F137481E}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{0565A8B8-8E30-4A6F-9DC6-830148199AFD}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{07C39D0C-364F-44E0-AD63-9563E243D3C0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.14729.20260.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe => No File
FirewallRules: [{199CC5F0-68A7-4F10-B788-ACCF733D8200}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.14827.20192.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{290C715C-151B-4177-B8CB-4BFA72DEFC1E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BC8A3945-BC5B-4104-ADAC-1C03CD635D78}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9C906F32-28EA-4B8F-8BD3-932A3AA97EEE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F6DBBCF9-BB48-441C-B2B0-5DDDFE620461}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D1FC8B9A-6372-4CCF-B59D-ED024934D2F4}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{1749930C-1261-491E-A034-4A9257D1DE62}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{03124DC3-77C0-41DF-8BE6-3FC0776677C0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.14827.20198.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AC071BE4-A9CF-46F4-B2B3-EF9B49CE7D77}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{7581F596-CF0D-4C98-BA42-87FDA81336C7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0F78BE8C-B541-4F77-90F6-0EE2A7F50EEF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6BC0BF0F-03B0-4F3C-A28F-3AEF54DCE773}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DC4FB692-CC67-4D1E-ABAC-438B9997EFC0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9A9CEDF7-8BD5-4888-9163-F60A8D5E6BDC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{24D0BD5C-1EC9-4DC9-A7E2-3445AC4D43AB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{82F8DEE7-E7DA-461C-AA2D-8AFE1BE0A366}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3CAD3893-2F32-4868-B627-1BBC5B1D35C8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{38CC5888-7B3A-4EE5-A155-A23C3A026464}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{3F115690-FA30-45C9-B124-E5615BD366DE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12123.5.56009.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4500C722-4BFF-42D7-99DE-05027EB314F9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12123.5.56009.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7117FB56-0C5D-4DDA-8F79-781B54E66E51}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12123.5.56009.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{47F3C6AB-BCA4-4A3E-94FC-B6B00BACD521}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12123.5.56009.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3BE86E47-57D4-4BB0-8450-A20ECD718DD3}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12123.5.56009.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3D27E5B5-E4E0-4F58-8F9C-4634207D252D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12123.5.56009.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CAA89870-D60C-4458-AF34-8AF0FFB94049}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12123.5.56009.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6A6EDE8E-5237-4931-8FE4-F56BD173C0E0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12123.5.56009.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B8FCD956-4CCC-4950-B5C2-9E845DE12E41}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
==================== Restore Points =========================
01-03-2022 15:16:19 Scheduled Checkpoint
09-03-2022 10:52:47 Windows Modules Installer
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/13/2022 05:39:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Cortana.exe version 3.2202.10603.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 2928
Start Time: 01d8372170c011ac
Termination Time: 4294967295
Application Path: C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2202.10603.0_x64__8wekyb3d8bbwe\Cortana.exe
Report Id: 9a160362-0017-43ea-a283-b2e7d98bfb7e
Faulting package full name: Microsoft.549981C3F5F10_3.2202.10603.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: App
Hang type: Quiesce
Error: (03/12/2022 01:03:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_DiagTrack, version: 10.0.19041.1566, time stamp: 0x1f37eb46
Faulting module name: ntdll.dll, version: 10.0.19041.1566, time stamp: 0x1be73aa8
Exception code: 0xcfffffff
Fault offset: 0x000000000009d8c4
Faulting process id: 0x1274
Faulting application start time: 0x01d8349a291d7cfb
Faulting application path: C:\WINDOWS\System32\svchost.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 0de5fecf-817a-4c25-a027-abb26ca4446c
Faulting package full name:
Faulting package-relative application ID:
Error: (03/12/2022 01:03:49 PM) (Source: EventSystem) (EventID: 4622) (User: )
Description: The COM+ Event System could not marshal the subscriber for subscription {4AE254B7-6694-4880-9F16-497B1D51AF40}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. The HRESULT was 8007071a.
Error: (03/12/2022 12:14:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname DESKTOP-DB4P197.local already in use; will try DESKTOP-DB4P197-2.local instead
Error: (03/12/2022 12:14:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 DESKTOP-DB4P197.local. Addr 192.168.1.104
Error: (03/12/2022 12:14:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.104:5353 16 DESKTOP-DB4P197.local. AAAA 2603:9001:6D03:84B5:F8C8:0D05:60E6:0745
Error: (03/12/2022 12:14:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 DESKTOP-DB4P197.local. AAAA FE80:0000:0000:0000:D972:701F:9602:771A
Error: (03/12/2022 12:14:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.104:5353 16 DESKTOP-DB4P197.local. AAAA 2603:9001:6D03:84B5:F8C8:0D05:60E6:0745
System errors:
=============
Error: (03/13/2022 05:31:37 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Dell Data Vault Processor service hung on starting.
Error: (03/13/2022 05:27:57 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server Windows.Internal.StateRepository.FileTypeAssociation did not register with DCOM within the required timeout.
Error: (03/13/2022 05:27:40 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The AppX Deployment Service (AppXSVC) service depends on the State Repository Service service which failed to start because of the following error:
After starting, the service hung in a start-pending state.
Error: (03/13/2022 05:27:38 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The State Repository Service service hung on starting.
Error: (03/13/2022 05:24:30 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server Windows.Internal.StateRepository.ApplicationExtension did not register with DCOM within the required timeout.
Error: (03/13/2022 05:22:34 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The NcbService service terminated with the following error:
A device attached to the system is not functioning.
Error: (03/13/2022 05:22:16 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 4:46:36 PM on 3/13/2022 was unexpected.
Error: (03/12/2022 01:11:36 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server Windows.Internal.StateRepository.ApplicationExtension did not register with DCOM within the required timeout.
Windows Defender:
================
Date: 2022-01-14 09:52:10
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-01-13 22:25:10
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-01-13 22:03:59
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-01-13 20:58:13
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-01-11 22:29:14
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:
Date: 2021-10-14 01:00:02
Description:
Microsoft Defender Antivirus has encountered an error trying to load security intelligence and will attempt reverting back to a known-good version.
Security intelligence Attempted: Backup
Error Code: 0x80070013
Error description: The media is write protected.
Security intelligence version: 1.327.190.0;1.327.190.0
Engine version: 1.1.17600.5
Date: 2021-10-14 00:59:52
Description:
Microsoft Defender Antivirus has encountered an error trying to load security intelligence and will attempt reverting back to a known-good version.
Security intelligence Attempted: Current
Error Code: 0x80004004
Error description: Operation aborted
Security intelligence version: 1.349.875.0;1.349.875.0
Engine version: 1.1.18500.10
Date: 2021-09-16 21:24:16
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.327.190.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17600.5
Error code: 0x80070102
Error description: The wait operation timed out.
CodeIntegrity:
===============
Date: 2022-03-13 17:36:47
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2022-03-13 17:25:42
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. 1.1.6 07/26/2018
Motherboard: Dell Inc. 0DRVH0
Processor: AMD Ryzen 5 2500U with Radeon Vega Mobile Gfx
Percentage of memory in use: 36%
Total physical RAM: 16020.37 MB
Available physical RAM: 10184.33 MB
Total Virtual: 18452.37 MB
Available Virtual: 11303.86 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:916.69 GB) (Free:658.68 GB) NTFS
\\?\Volume{371a8eec-e156-4964-b81d-bca58ccc78f2}\ () (Fixed) (Total:0.97 GB) (Free:0.48 GB) NTFS
\\?\Volume{077e87b1-3f8f-4b31-a085-3ecdd3ea5ac8}\ (Image) (Fixed) (Total:12.03 GB) (Free:0.21 GB) NTFS
\\?\Volume{89e7f858-0cb3-4527-9aed-ee2ecc41edcb}\ (DELLSUPPORT) (Fixed) (Total:1.07 GB) (Free:0.22 GB) NTFS
\\?\Volume{4de0cf94-ca0e-48d5-a5cc-70711c8281cc}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.56 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: ED7FFDE6)
Partition: GPT.
==================== End of Addition.txt =======================
Sign In
Create Account
