Thanks for the help. I guess it's a Microsoft one since I use my Microsoft password.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-01-2020 01
Ran by David Jackson (administrator) on DAVIDDELL2 (Dell Inc. Vostro 3478) (23-01-2020 23:16:24)
Running from C:\Users\David Jackson\Downloads
Loaded Profiles: David Jackson (Available Profiles: defaultuser0 & David Jackson)
Platform: Windows 10 Home Version 1903 18362.592 (X64) Language: English (United States)
Default browser: "C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe" -- "%1"
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0328911.inf_amd64_a81756cbffedb936\B328940\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0328911.inf_amd64_a81756cbffedb936\B328940\atiesrxx.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Technologies Inc. -> Dell Inc.) C:\Program Files\Dell\DellDataVault\atiw.exe
(Dell Technologies Inc. -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Technologies Inc. -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Technologies Inc. -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(F.lux Software LLC -> f.lux Software LLC) C:\Users\David Jackson\AppData\Local\FluxSoftware\Flux\flux.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f3a64c75ee4defb7\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f3a64c75ee4defb7\igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_38bfcb542ef4272e\IntelCpHDCPSvc.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_38bfcb542ef4272e\IntelCpHeciSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Open-Shell) [File not signed] C:\Program Files\Open-Shell\StartMenu.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7106.1357\DSAPI.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9246656 2018-01-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1505728 2018-01-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1210288 2017-11-14] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-09-26] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Open-Shell Start Menu] => C:\Program Files\Open-Shell\StartMenu.exe [216576 2018-08-18] (Open-Shell) [File not signed]
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [318920 2019-05-30] (Intel® Rapid Storage Technology -> Intel Corporation)
HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\Run: [f.lux] => C:\Users\David Jackson\AppData\Local\FluxSoftware\Flux\flux.exe [1385480 2019-08-30] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe [1995408 2020-01-17] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\79.1.2.43\Installer\chrmstp.exe [2020-01-18] (Brave Software, Inc.) [File not signed]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1037960E-02B9-4324-B9C4-2E5DEB40D7B0} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\David Jackson\AppData\Local\Temp\scoped_dir11584_2141621601\esetonlinescanner_enu.exe <==== ATTENTION
Task: {11FCF4AA-3F7D-4378-967A-F69D76B06EE6} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_321_pepper.exe [1453624 2020-01-21] (Adobe Inc. -> Adobe)
Task: {1628DE49-B22E-47A2-9958-9B7685BB85C5} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {1B68B9B7-0F70-42DF-AA0E-C35A890BB9A6} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1519064 2020-01-14] (Dell Inc. -> Dell Inc.)
Task: {1FEE1AB6-7875-4C51-8A22-DFEA95CAE2DE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {5FC8279F-34E1-4E48-96E4-05997EF10D17} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {74F7F83F-2E3D-47E4-AB60-9AD942D901C5} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {75198F92-0F54-4164-926B-3AA5947FE1E3} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {787C7A82-875C-4119-B898-BE13C28E1C51} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe
Task: {85493095-4007-4EB6-9694-D88CFAE7F7AE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {86E433A6-30E8-4B19-AF29-8D7F348F754E} - System32\Tasks\Opera scheduled Autoupdate 1552496500 => C:\Users\David Jackson\AppData\Local\Programs\Opera\launcher.exe [1528344 2019-12-19] (Opera Software AS -> Opera Software)
Task: {8EEC5CF0-6E3A-4C54-8E3A-812E083C98B1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {97EF5C78-76D0-46F9-A864-667E143C536B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-09-26] (AVAST Software s.r.o. -> AVAST Software)
Task: {ADEA3A59-2CA0-4892-BBFF-138A3C4CE8C3} - System32\Tasks\Uninstaller_SkipUac_David_Jackson => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {E05FA95A-69D3-4568-8011-75C97213BF71} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\David Jackson\AppData\Local\Temp\scoped_dir11584_2141621601\esetonlinescanner_enu.exe <==== ATTENTION
Task: {E671B76F-ACDD-4FFA-B336-E191D6C3CA73} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-09-26] (AVAST Software s.r.o. -> AVAST Software)
Task: {EC8B1B18-0FAC-4DC3-9501-10DB2041BDAC} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-01-21] (Adobe Inc. -> Adobe)
Task: {EDA68B3B-72C3-4723-A8AD-B927ED7D5321} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {F3BD7406-3407-4868-B770-5B166A045ADE} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.254
Tcpip\..\Interfaces\{8c70cad8-062e-4f13-8ce5-2a31ab038f35}: [DhcpNameServer] 10.0.0.254
Tcpip\..\Interfaces\{b3d91cbd-008e-4ca0-a438-0fc4de714817}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{e74bf68f-123f-41dc-be80-cfca9c0eab71}: [DhcpNameServer] 192.168.88.1 192.168.1.1
Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2490165305-1638453623-257508744-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> No File
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Open-Shell\ClassicExplorer64.dll [2018-08-18] (Open-Shell) [File not signed]
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Open-Shell\ClassicIEDLL_64.dll [2018-08-18] (Open-Shell) [File not signed]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Open-Shell\ClassicExplorer32.dll [2018-08-18] (Open-Shell) [File not signed]
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Open-Shell\ClassicIEDLL_32.dll [2018-08-18] (Open-Shell) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Open-Shell\ClassicExplorer64.dll [2018-08-18] (Open-Shell) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Open-Shell\ClassicExplorer32.dll [2018-08-18] (Open-Shell) [File not signed]
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - No File
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - No File
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - No File
Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} - No File
FireFox:
========
FF DefaultProfile: 58x27176.default-1552496324060
FF ProfilePath: C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060 [2020-01-21]
FF Extension: (Clear Cache) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\
[email protected] [2019-07-10]
FF Extension: (Reverso Translate in Context) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\
[email protected] [2019-11-23]
FF Extension: (Video Downloader professional) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\
[email protected] [2019-10-18]
FF Extension: (Simple Translate) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\
[email protected] [2019-10-27]
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\
[email protected] [2020-01-12]
FF Extension: (uBlock Origin) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\
[email protected] [2019-11-29]
FF Extension: (Avast Online Security) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\
[email protected] [2020-01-12]
FF Extension: (Startpage.com — Private Search Engine) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\{20fc2e06-e3e4-4b2b-812b-ab431220cada}.xpi [2019-10-27]
FF Extension: (Zhongwen: Chinese-English Dictionary) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\{b65c7bc6-846b-4f65-b6ed-099d7e042309}.xpi [2019-03-14] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
Opera:
=======
OPR StartupUrls: "hxxps://www.startpage.com/"
OPR Extension: (AdBlock) - C:\Users\David Jackson\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2019-03-13]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0328911.inf_amd64_a81756cbffedb936\B328940\atiesrxx.exe [481656 2018-05-22] (Advanced Micro Devices, Inc. -> AMD)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6259592 2019-12-19] (AVAST Software s.r.o. -> AVAST Software)
R2 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [386976 2019-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-09-26] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-09-26] (AVAST Software s.r.o. -> AVAST Software)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [244280 2020-01-14] (Dell Technologies Inc. -> Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3339824 2020-01-14] (Dell Technologies Inc. -> Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [271416 2020-01-14] (Dell Technologies Inc. -> Dell Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7106.1357\DSAPI.exe [964592 2020-01-22] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [36032 2019-11-08] (Dell Inc -> )
R2 esifsvc; C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe [1701480 2017-07-18] (Intel Corporation -> Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel® Management Engine Components\iCLS\SocketHeciServer.exe [870760 2019-02-13] (Intel® Trust Services -> Intel® Corporation)
S2 Intel® TPM Provisioning Service; C:\Program Files\Intel\Intel® Management Engine Components\iCLS\TPMProvisioningService.exe [783208 2019-02-13] (Intel® Trust Services -> Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [290392 2019-04-03] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [191768 2019-08-09] (Qualcomm Atheros -> Qualcomm Technologies Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324544 2018-01-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [50648 2020-01-14] (Dell Inc. -> Dell Inc.)
R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [833456 2017-11-14] (Waves Inc -> Waves Audio Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\NisSrv.exe [3004048 2019-10-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MsMpEng.exe [103384 2019-10-03] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0328911.inf_amd64_a81756cbffedb936\B328940\atikmdag.sys [44682104 2018-05-22] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0328911.inf_amd64_a81756cbffedb936\B328940\atikmpag.sys [552824 2018-05-22] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 asvpndrv; C:\WINDOWS\System32\drivers\asvpndrv.sys [31744 2014-05-18] (Astrill -> Astrill)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-09-26] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-09-26] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-09-26] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-09-26] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-09-26] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-09-26] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [276952 2019-09-26] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-09-26] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [161544 2019-11-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-09-26] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-09-26] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-09-26] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-09-26] (AVAST Software s.r.o. -> AVAST Software)
R4 DBUtil_2_3; C:\WINDOWS\TEMP\DBUtil_2_3.Sys [14840 2020-01-23] (Dell Inc. -> )
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [35704 2019-12-20] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [74168 2017-07-18] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [69560 2017-07-18] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [382392 2017-07-18] (Intel Corporation -> Intel Corporation)
R3 HidEventFilter; C:\WINDOWS\System32\drivers\HidEventFilter.sys [63512 2017-04-01] (Intel® Software -> Intel Corporation)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [1033288 2019-05-30] (Intel® Rapid Storage Technology -> Intel Corporation)
U5 PROCMON24; C:\Windows\System32\Drivers\PROCMON24.sys [97176 2019-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Sysinternals - www.sysinternals.com)
R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2436376 2019-08-09] (Qualcomm Atheros -> Qualcomm Atheros, Inc.)
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 rspWhySoSlow; C:\WINDOWS\System32\DRIVERS\rspWhy64.sys [28928 2016-12-17] (Daniel Terhell -> Resplendence Software Projects Sp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1024848 2018-01-18] (Realtek Semiconductor Corp. -> Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [443480 2019-07-05] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46688 2019-10-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [350136 2019-10-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-10-03] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-23 23:16 - 2020-01-23 23:18 - 000029339 _____ C:\Users\David Jackson\Downloads\FRST.txt
2020-01-23 23:15 - 2020-01-23 23:17 - 000000000 ____D C:\FRST
2020-01-23 23:14 - 2020-01-23 23:14 - 002580480 _____ (Farbar) C:\Users\David Jackson\Downloads\FRST64.exe
2020-01-23 11:14 - 2020-01-23 11:14 - 000000690 _____ C:\Users\David Jackson\Desktop\ESET Online Scanner.lnk
2020-01-23 11:13 - 2020-01-23 11:13 - 014562400 _____ (ESET spol. s r.o.) C:\Users\David Jackson\Downloads\esetonlinescanner_enu.exe
2020-01-22 19:15 - 2020-01-22 19:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2020-01-15 19:15 - 2020-01-15 19:15 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-15 19:15 - 2020-01-15 19:15 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-15 19:15 - 2020-01-15 19:15 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-15 19:15 - 2020-01-15 19:15 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-15 19:15 - 2020-01-15 19:15 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-15 19:15 - 2020-01-15 19:15 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-15 19:15 - 2020-01-15 19:15 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-15 19:15 - 2020-01-15 19:15 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-15 19:15 - 2020-01-15 19:15 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-15 19:15 - 2020-01-15 19:15 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-15 19:15 - 2020-01-15 19:15 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-15 19:15 - 2020-01-15 19:15 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-15 19:15 - 2020-01-15 19:15 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-15 19:15 - 2020-01-15 19:15 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-15 19:15 - 2020-01-15 19:15 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-15 19:15 - 2020-01-15 19:15 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-15 19:15 - 2020-01-15 19:15 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-15 19:15 - 2020-01-15 19:15 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-15 19:15 - 2020-01-15 19:15 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-15 18:34 - 2020-01-15 18:35 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-15 18:34 - 2020-01-15 18:35 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-01-14 20:53 - 2020-01-14 20:53 - 000745756 _____ C:\WINDOWS\system32\perfh00C.dat
2020-01-14 20:53 - 2020-01-14 20:53 - 000139160 _____ C:\WINDOWS\system32\perfc00C.dat
2020-01-14 20:53 - 2020-01-14 20:52 - 000351124 _____ C:\WINDOWS\system32\perfi00C.dat
2020-01-14 20:53 - 2020-01-14 20:52 - 000040694 _____ C:\WINDOWS\system32\perfd00C.dat
2020-01-14 20:52 - 2020-01-14 20:52 - 000000000 ____D C:\WINDOWS\SysWOW64\fr
2020-01-14 20:52 - 2020-01-14 20:52 - 000000000 ____D C:\WINDOWS\system32\fr
2020-01-14 20:35 - 2020-01-14 20:53 - 000696098 _____ C:\WINDOWS\system32\perfh007.dat
2020-01-14 20:35 - 2020-01-14 20:53 - 000139468 _____ C:\WINDOWS\system32\perfc007.dat
2020-01-14 20:35 - 2020-01-14 20:33 - 000306166 _____ C:\WINDOWS\system32\perfi007.dat
2020-01-14 20:35 - 2020-01-14 20:33 - 000040520 _____ C:\WINDOWS\system32\perfd007.dat
2020-01-14 20:34 - 2020-01-14 20:34 - 000000000 ____D C:\WINDOWS\SysWOW64\de
2020-01-14 20:34 - 2020-01-14 20:34 - 000000000 ____D C:\WINDOWS\system32\de
2020-01-14 20:18 - 2019-03-18 15:20 - 006238208 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons000c.dll
2020-01-14 20:18 - 2019-03-18 15:11 - 002355200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData000c.dll
2020-01-14 20:18 - 2019-03-18 15:03 - 002280448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData000c.dll
2020-01-14 20:16 - 2019-03-18 15:19 - 012039168 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0007.dll
2020-01-14 20:16 - 2019-03-18 15:19 - 011602432 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0007.dll
2020-01-14 20:16 - 2019-03-18 15:07 - 002088448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0007.dll
2020-01-14 20:16 - 2019-03-18 15:00 - 002011648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0007.dll
2020-01-10 21:47 - 2020-01-23 11:06 - 000471888 _____ C:\WINDOWS\system32\FNTCACHE.DAT
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-23 23:10 - 2019-12-20 10:07 - 000003630 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1552496500
2020-01-23 23:10 - 2019-11-29 09:08 - 000003276 _____ C:\WINDOWS\system32\Tasks\Dell SupportAssistAgent AutoUpdate
2020-01-23 23:10 - 2019-10-16 06:53 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-01-23 23:10 - 2019-10-11 15:41 - 000002588 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2020-01-23 23:10 - 2019-09-26 21:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-01-23 23:10 - 2019-09-24 11:47 - 000003062 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2020-01-23 23:10 - 2019-09-24 11:47 - 000002682 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2020-01-23 23:10 - 2019-08-25 22:25 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2490165305-1638453623-257508744-1001
2020-01-23 23:10 - 2019-08-25 22:13 - 000003720 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-01-23 23:10 - 2019-08-25 22:13 - 000003404 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2020-01-23 23:10 - 2019-08-25 22:13 - 000003364 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineUA
2020-01-23 23:10 - 2019-08-25 22:13 - 000003140 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineCore
2020-01-23 23:10 - 2019-08-25 22:13 - 000003042 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2020-01-23 23:10 - 2019-08-25 22:13 - 000002564 _____ C:\WINDOWS\system32\Tasks\AutoPico Daily Restart
2020-01-23 23:10 - 2019-08-25 22:13 - 000002432 _____ C:\WINDOWS\system32\Tasks\Uninstaller_SkipUac_David_Jackson
2020-01-23 23:09 - 2019-03-19 04:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-23 21:26 - 2019-08-25 21:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-23 16:54 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-01-23 12:14 - 2019-10-06 13:14 - 000000000 ____D C:\Users\David Jackson\AppData\Local\OpenShell
2020-01-23 11:12 - 2019-03-19 04:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-23 11:11 - 2019-10-08 21:52 - 000000000 ____D C:\ProgramData\PCDr
2020-01-23 11:11 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\Registration
2020-01-23 11:08 - 2018-10-17 10:39 - 000000000 __SHD C:\Users\David Jackson\IntelGraphicsProfiles
2020-01-23 11:07 - 2019-08-25 21:52 - 000000000 ____D C:\Users\David Jackson
2020-01-23 11:06 - 2019-12-17 22:32 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-01-23 11:06 - 2019-08-25 22:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-23 11:06 - 2018-10-17 10:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-23 09:44 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-22 19:19 - 2019-03-19 04:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-22 19:11 - 2019-10-08 21:42 - 000000000 ____D C:\ProgramData\SupportAssist
2020-01-21 21:26 - 2018-10-17 10:02 - 000000000 ____D C:\Users\David Jackson\AppData\LocalLow\Mozilla
2020-01-21 21:23 - 2018-10-17 10:02 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-01-21 21:19 - 2018-12-19 09:36 - 000000000 ____D C:\Users\David Jackson\AppData\Local\CrashDumps
2020-01-21 20:48 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-01-21 20:48 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-01-21 17:03 - 2018-10-17 10:39 - 000000000 ____D C:\Users\David Jackson\AppData\Local\Packages
2020-01-20 21:07 - 2018-10-17 09:44 - 000000000 ____D C:\Users\David Jackson\AppData\Roaming\vlc
2020-01-19 23:04 - 2019-09-26 21:08 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-01-18 10:16 - 2019-08-23 11:22 - 000002418 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2020-01-16 00:02 - 2019-03-19 04:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-01-16 00:00 - 2019-03-19 04:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-16 00:00 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-16 00:00 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-16 00:00 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-15 19:28 - 2018-10-18 09:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-15 19:24 - 2019-03-19 04:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-15 19:24 - 2018-10-18 09:25 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-14 22:58 - 2018-11-01 13:56 - 000000000 ____D C:\Users\David Jackson\AppData\Local\PlaceholderTileLogoFolder
2020-01-14 20:53 - 2019-08-26 07:17 - 000395550 _____ C:\WINDOWS\system32\prfh0804.dat
2020-01-14 20:53 - 2019-08-26 07:17 - 000122334 _____ C:\WINDOWS\system32\prfc0804.dat
2020-01-14 20:52 - 2019-03-19 06:20 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-01-14 20:52 - 2019-03-19 06:20 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-01-14 20:52 - 2019-03-19 06:18 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2020-01-14 20:52 - 2019-03-19 06:18 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2020-01-14 20:52 - 2019-03-19 06:18 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2020-01-14 20:52 - 2019-03-19 06:18 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2020-01-14 20:52 - 2019-03-19 06:18 - 000000000 ____D C:\WINDOWS\system32\winrm
2020-01-14 20:52 - 2019-03-19 06:18 - 000000000 ____D C:\WINDOWS\system32\WCN
2020-01-14 20:52 - 2019-03-19 06:18 - 000000000 ____D C:\WINDOWS\system32\slmgr
2020-01-14 20:52 - 2019-03-19 06:18 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2020-01-14 20:52 - 2019-03-19 04:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2020-01-14 20:52 - 2019-03-19 04:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2020-01-14 20:52 - 2019-03-19 04:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2020-01-14 20:52 - 2019-03-19 04:52 - 000000000 ___SD C:\WINDOWS\system32\dsc
2020-01-14 20:52 - 2019-03-19 04:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-01-14 20:52 - 2019-03-19 04:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-01-14 20:52 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-01-14 20:52 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-01-14 20:52 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2020-01-14 20:52 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-01-14 20:52 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-01-14 20:52 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2020-01-14 20:52 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-01-14 20:52 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-01-14 20:52 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-01-14 20:52 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-01-14 20:52 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\Com
2020-01-14 20:52 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-01-14 20:52 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\IME
2020-01-14 20:52 - 2019-03-19 04:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-01-14 20:52 - 2019-03-19 04:52 - 000000000 ____D C:\Program Files\Common Files\System
2020-01-14 20:52 - 2019-03-19 04:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-01-14 20:52 - 2019-03-19 04:37 - 000000000 ____D C:\WINDOWS\servicing
2020-01-14 20:18 - 2019-03-19 06:19 - 000000000 ____D C:\WINDOWS\OCR
2020-01-10 21:17 - 2019-06-08 10:19 - 000000000 ____D C:\Users\David Jackson\AppData\Roaming\Anki2
2020-01-10 13:41 - 2018-12-07 12:00 - 000000000 ____D C:\ProgramData\AVAST Software
==================== Files in the root of some directories ========
2019-01-27 13:38 - 2019-01-27 13:48 - 000000094 _____ () C:\Users\David Jackson\AppData\Roaming\AlamySizeCheck Preferences
2019-03-15 00:43 - 2019-03-15 00:43 - 039718141 _____ () C:\Users\David Jackson\AppData\Local\Ahiramto
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-01-2020 01
Ran by David Jackson (23-01-2020 23:19:11)
Running from C:\Users\David Jackson\Downloads
Windows 10 Home Version 1903 18362.592 (X64) (2019-08-25 22:15:07)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2490165305-1638453623-257508744-500 - Administrator - Disabled)
David Jackson (S-1-5-21-2490165305-1638453623-257508744-1001 - Administrator - Enabled) => C:\Users\David Jackson
DefaultAccount (S-1-5-21-2490165305-1638453623-257508744-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2490165305-1638453623-257508744-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-2490165305-1638453623-257508744-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2490165305-1638453623-257508744-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.02 alpha (x64) (HKLM\...\7-Zip) (Version: 19.02 alpha - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.321 - Adobe)
Anki (HKLM-x32\...\Anki) (Version: 2.1.13 - )
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 79.1.2.43 - Brave Software Inc)
Dell SupportAssist (HKLM\...\{B7682259-63F5-42FA-933B-ACD343CF7049}) (Version: 3.4.1.49 - Dell Inc.)
Dell Update for Windows 10 (HKLM\...\{70E9F8CC-A23E-4C25-B292-C86C1821587C}) (Version: 3.1.0 - Dell, Inc.)
f.lux (HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\Flux) (Version: - f.lux Software LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{4551f75f-3c54-4f09-8221-8c8a061bad00}) (Version: 10.1.18019.8144 - Intel® Corporation)
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10205.4743 - Intel Corporation)
Intel® Graphics Driver Software (HKLM-x32\...\{34b71f5b-fd06-4029-966e-c1d187ea90a7}) (Version: 3.11.1.0 - Intel) Hidden
Intel® Graphics Driver Software (HKLM-x32\...\{d7a872bf-e69e-4300-8537-086dc6abbf23}) (Version: 3.11.1.0 - Intel) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1914.12.0.1255 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7212 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.5.0.1017 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{c6de84fd-ece7-4c2a-9f06-8cabe7ab79a0}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{7D4998B3-AC68-4815-AC47-5A1969D91E30}) (Version: 17.5.0.1017 - Intel Corporation)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.9326.0 - Waves Audio Ltd.) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\OneDriveSetup.exe) (Version: 19.152.0801.0008 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Mozilla Firefox 72.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 72.0.1 (x64 en-US)) (Version: 72.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0.2 - Mozilla)
Open-Shell (HKLM\...\{FD722BB1-4960-455F-89C6-EFAEB79527EF}) (Version: 4.4.131 - The Open-Shell Team)
Opera Stable 65.0.3467.78 (HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\Opera 65.0.3467.78) (Version: 65.0.3467.78 - Opera Software)
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Qualcomm 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{E7086B15-806E-4519-A876-DBA9FDDE9A13}) (Version: 11.0.0.10505 - Qualcomm)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.18362.31252 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8339 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.)
Skype version 8.54 (HKLM-x32\...\Skype_is1) (Version: 8.54 - Skype Technologies S.A.)
Update for Skype for Business 2016 (KB3127939) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{0E31A60F-4066-4FD8-AB36-4119E0FED3D9}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3127939) 64-Bit Edition (HKLM\...\{90160000-012B-0409-1000-0000000FF1CE}_Office16.PROPLUS_{0E31A60F-4066-4FD8-AB36-4119E0FED3D9}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VSDC Free Video Editor version 6.3.1.939 (HKLM\...\VSDC Free Video Editor_is1) (Version: 6.3.1.939 - Flash-Integro LLC)
Vulkan Run Time Libraries 1.0.68.0 (HKLM\...\VulkanRT1.0.68.0) (Version: 1.0.68.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.68.0 (HKLM\...\VulkanRT1.0.68.0-2) (Version: 1.0.68.0 - LunarG, Inc.) Hidden
YTD Video Downloader 5.9.13 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 5.9.13 - GreenTree Applications SRL) <==== ATTENTION
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-07] (Autodesk Inc.)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.4.8.0_x64__htrsf667h5kn2 [2020-01-22] (Dell Inc)
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_3.1.54.0_x64__htrsf667h5kn2 [2019-12-17] (Dell Inc)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.1725.0_x64__8j3eq9eme6ctt [2019-08-30] (INTEL CORP) [Startup Task]
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.2.0.0_x64__8j3eq9eme6ctt [2019-06-19] (INTEL CORP)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-29] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-14] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.14.105.0_x64__8wekyb3d8bbwe [2019-12-20] (Microsoft Studios)
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-20] (Microsoft Corporation) [MS Ad]
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-03-15] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-24] (Microsoft Corporation)
PhotoScape X -> C:\Program Files\WindowsApps\MooiiTech.PhotoScapeX_4.0.2.0_x64__f5eddttrpssna [2019-12-31] (Mooii Tech)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2490165305-1638453623-257508744-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-05-09] (Intel® Rapid Storage Technology -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-26] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2018-08-18] (Open-Shell) [File not signed]
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2018-08-18] (Open-Shell) [File not signed]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-26] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-26] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-05-09] (Intel® Rapid Storage Technology -> )
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-26] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\system32\StartMenuHelper64.dll [2018-08-18] (Open-Shell) [File not signed]
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [msacm.voxacm160] => C:\WINDOWS\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.scg726] => C:\WINDOWS\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\WINDOWS\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lame] => C:\WINDOWS\system32\lame.ax [245760 2005-08-01] () [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\WINDOWS\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [File not signed]
HKLM\...\Drivers32: [vidc.mpg4] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp42] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\WINDOWS\system32\xvidvfw.dll [139264 2004-07-03] () [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\WINDOWS\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP62] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.LAGS] => C:\WINDOWS\system32\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\David Jackson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brave Apps\Secure, Fast & Private Web Browser with Adblocker _ Brave Browser.lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\chrome_proxy.exe (Brave Software, Inc.) -> --profile-directory=Default --app-id=dnglpbpmfhoikjfpaeipmeobcbnoikhg
ShortcutWithArgument: C:\Users\David Jackson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Secure, Fast & Private Web Browser with Adblocker _ Brave Browser.lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\chrome_proxy.exe (Brave Software, Inc.) -> --profile-directory=Default --app-id=dnglpbpmfhoikjfpaeipmeobcbnoikhg
ShortcutWithArgument: C:\Users\David Jackson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\e2f3576b7abb043d\Brave.lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2018-08-18 21:57 - 2018-08-18 21:57 - 003447808 _____ (Open-Shell) [File not signed] C:\Program Files\Open-Shell\StartMenuDLL.dll
2020-01-13 07:04 - 2020-01-13 07:04 - 001899008 _____ (SQLite Development Team) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\sqlite3.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MB3Service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WmsSelfHealing => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\hvsifltr => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MB3Service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WmsSelfHealing => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 11:47 - 2019-10-11 15:40 - 000000855 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2019-09-29 19:13 - 2019-09-29 19:13 - 000000440 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2490165305-1638453623-257508744-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 10.0.0.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\StartupApproved\Run: => "utweb"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{5322391E-FE48-473B-B9B0-1BB87ED159E8}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{7262E687-30AF-4516-A3EB-BDD73F01D92D}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{F1762C98-A62E-4070-A945-31953984BF5B}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{9EE2A854-72C4-40ED-A0C1-CF71E6B31BA5}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{1040F48C-620B-4841-9962-D6E65EDFD6D3}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{E018D2E6-79C3-4A09-8762-20F7057D8463}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [UDP Query User{FCA55D5D-7C11-43D9-BE5C-AF42F4705963}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{FA87A6B8-3905-474D-8007-7A444EAD1613}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2B068F4C-AD4C-4CAD-A478-02D7224AB2ED}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C94A512A-482D-4332-843B-29B804F22DBB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3EBE2972-F1C6-4B63-9055-16A9896B355F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9B577813-145A-4B2A-974A-581F724B04CF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1E20A7E5-59B2-42F2-BED9-FB04D19643AE}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3DA20463-FDCA-456A-8F99-4A7721540B47}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{194FEEA0-9365-4201-9F22-1C18DED52A83}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{21A82943-4743-4655-9964-877F56AFD9E9}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{55B3B24A-67EB-46AD-972D-1168E06F34C8}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B946DDAB-82FB-4D52-B02A-A8559CC431B1}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A6F31F19-1411-42D1-9FDF-09F874C457B1}] => (Allow) C:\Users\David Jackson\AppData\Local\Programs\Opera\65.0.3467.72\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{75DD9DBE-1C47-4B3B-B857-3BEA789DC230}] => (Allow) C:\Users\David Jackson\AppData\Local\Programs\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{7112E123-2B31-4BF0-8A5B-9ABF8212B2BF}] => (Allow) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
==================== Restore Points =========================
23-01-2020 09:58:54 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/23/2020 10:56:26 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: The required buffer size is greater than the buffer size passed to the Collect function of the "C:\Windows\System32\perfts.dll" Extensible Counter DLL for the "LSM" service. The given buffer size was 27544 and the required size was 30832.
Error: (01/23/2020 12:13:32 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid.
.
Operation:
Executing Asynchronous Operation
Context:
Current State: DoSnapshotSet
Error: (01/23/2020 12:12:04 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {269c3ea3-abb2-4456-a6a1-07ebb7874b24}
Error: (01/23/2020 09:46:56 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/22/2020 08:32:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program RemindersServer.exe version 10.0.18362.418 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 1f18
Start Time: 01d5d1092ff550c4
Termination Time: 4294967295
Application Path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
Report Id: 36694e13-feec-4b71-9ac7-9a7bc203ca00
Faulting package full name: Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
Hang type: Quiesce
Error: (01/22/2020 10:17:54 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: The required buffer size is greater than the buffer size passed to the Collect function of the "C:\Windows\System32\perfts.dll" Extensible Counter DLL for the "LSM" service. The given buffer size was 26568 and the required size was 29544.
Error: (01/22/2020 09:51:29 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/21/2020 09:18:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 10.0.18362.1, time stamp: 0x533f8404
Faulting module name: twinapi.appcore.dll, version: 10.0.18362.592, time stamp: 0x125d2980
Exception code: 0xc000027b
Fault offset: 0x00000000000d5cb8
Faulting process id: 0x2cf4
Faulting application start time: 0x01d5d0a0566c474c
Faulting application path: C:\WINDOWS\system32\backgroundTaskHost.exe
Faulting module path: C:\Windows\System32\twinapi.appcore.dll
Report Id: 73c2bb4f-e80c-48c6-9c41-a039fbe40293
Faulting package full name: Microsoft.MicrosoftOfficeHub_18.1910.1283.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: Microsoft.MicrosoftOfficeHub
System errors:
=============
Error: (01/23/2020 11:19:39 PM) (Source: DCOM) (EventID: 10029) (User: DAVIDDELL2)
Description: The activation of the CLSID {D18705BE-FC2F-44C8-AEFF-1CD49AEA8FC1} timed out waiting for the service WpnUserService_7cc9d to stop.
Error: (01/23/2020 11:15:38 PM) (Source: DCOM) (EventID: 10029) (User: DAVIDDELL2)
Description: The activation of the CLSID {D18705BE-FC2F-44C8-AEFF-1CD49AEA8FC1} timed out waiting for the service WpnUserService_7cc9d to stop.
Error: (01/23/2020 11:11:37 PM) (Source: DCOM) (EventID: 10029) (User: DAVIDDELL2)
Description: The activation of the CLSID {D18705BE-FC2F-44C8-AEFF-1CD49AEA8FC1} timed out waiting for the service WpnUserService_7cc9d to stop.
Error: (01/23/2020 11:07:37 PM) (Source: DCOM) (EventID: 10029) (User: DAVIDDELL2)
Description: The activation of the CLSID {1FFE4FFD-25B1-40B1-A1EA-EF633353BB4E} timed out waiting for the service WpnUserService_7cc9d to stop.
Error: (01/23/2020 11:03:37 PM) (Source: DCOM) (EventID: 10029) (User: DAVIDDELL2)
Description: The activation of the CLSID {D18705BE-FC2F-44C8-AEFF-1CD49AEA8FC1} timed out waiting for the service WpnUserService_7cc9d to stop.
Error: (01/23/2020 10:59:36 PM) (Source: DCOM) (EventID: 10029) (User: DAVIDDELL2)
Description: The activation of the CLSID {D18705BE-FC2F-44C8-AEFF-1CD49AEA8FC1} timed out waiting for the service WpnUserService_7cc9d to stop.
Error: (01/23/2020 10:55:36 PM) (Source: DCOM) (EventID: 10029) (User: DAVIDDELL2)
Description: The activation of the CLSID {D18705BE-FC2F-44C8-AEFF-1CD49AEA8FC1} timed out waiting for the service WpnUserService_7cc9d to stop.
Error: (01/23/2020 10:51:36 PM) (Source: DCOM) (EventID: 10029) (User: DAVIDDELL2)
Description: The activation of the CLSID {D18705BE-FC2F-44C8-AEFF-1CD49AEA8FC1} timed out waiting for the service WpnUserService_7cc9d to stop.
CodeIntegrity:
===================================
Date: 2020-01-23 23:14:15.036
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-23 23:14:06.139
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-23 23:14:05.823
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-23 23:14:03.896
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-23 23:12:54.655
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-23 23:12:52.465
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-23 23:12:45.133
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-23 23:12:39.625
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. 1.9.0 07/04/2019
Motherboard: Dell Inc. 0RKTGR
Processor: Intel® Core i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 83%
Total physical RAM: 3961.07 MB
Available physical RAM: 657.59 MB
Total Virtual: 11410.04 MB
Available Virtual: 6183.58 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:100 GB) (Free:31.28 GB) NTFS
Drive d: () (Fixed) (Total:272 GB) (Free:235.56 GB) NTFS
Drive e: () (Fixed) (Total:272 GB) (Free:249.86 GB) NTFS
Drive f: () (Fixed) (Total:272.88 GB) (Free:265.96 GB) NTFS
\\?\Volume{3f430384-b413-4fd9-8d5a-36680837eb73}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.53 GB) NTFS
\\?\Volume{e34ef38a-3c5e-4b5c-8b7d-6e369a09d72f}\ (Image) (Fixed) (Total:11.76 GB) (Free:0.15 GB) NTFS
\\?\Volume{14ad7310-6585-44c2-acde-6de083ea88c1}\ (DELLSUPPORT) (Fixed) (Total:1.13 GB) (Free:0.07 GB) NTFS
\\?\Volume{7bd86504-d9e3-4a41-a225-36b9f05f67dd}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.6 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1AFE04F0)
Partition: GPT.
==================== End of Addition.txt =======================