Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Weird login screen behavior from Windows 10

windows 10 password login fake login screen

  • Please log in to reply

#196
daba

daba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 367 posts

Thank you. We don't have wifi here. I'm on a cable connection. At this precise moment, everything appears to be going smoothly. That's part of what's so annoying about it: the randomness. I'm typing fine now; whereas, the previous message took me forever to type out due to all the skipping and missed strikes. I'll watch it for a while and consider your older driver idea. Thank you.


  • 0

Advertisements


#197
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,700 posts
  • MVP

If you are on a cable then go into Device Manager and disable the Wireless adapter.  Perhaps that's all we need to do to stop the WHEA errors.


  • 0

#198
daba

daba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 367 posts

Thank you. Okay, I've disabled it. I'll observe for a while and let you know how it's performing in the next couple of days. 


  • 0

#199
daba

daba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 367 posts

Hello. Trust you're well. Well, today I was going to write to let you know that all is well and that disabling the wireless adapter sorted everything out and - until today - that was the case. But when I began typing in my password at start-up, whadyaknow if it didn't have some lag and skip. So I don't know, it's weird. No need to suggest anything further for the present: let me see how it goes over the weekend. I need things to be alright because I'm thinking of doing a Tefl course and it will be online so will need to be able to type umimpeded. See, and right this minute, all is well. Sporadic. Thank you.


  • 0

#200
daba

daba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 367 posts

Well, it's gotten much worse as the afternoon progressed. Turned off Touchpad and tried Mouse, didn't change anything. Going to try this:  even though I think it's something else. The touchpad beeping thing. Managed it without breaking it. Perfectly aligned so not that. But now it's typing fine - for the moment. Intermittent mayhem. There are only two touch interfaces, right? Maybe I should try and see how the touchpad is connecting - but I don't trust myself to take it to bits. (Could it be some whacky Windows 10 touchpad thing? Would changing the sensitivity help: it's on medium I think at the moment). I also searched on YouTube for Dell Beeps and there was something but it was about a 5 beep burst on start-up. That's not my issue. Thank you. 


  • 0

#201
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,700 posts
  • MVP

Does VEW show any errors?


  • 0

#202
daba

daba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 367 posts

THank you. Really bad skipping now.

Vino's Event Viewer v01c run on Windows 7 in English
Report run at 10/10/2020 8:05:02 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 10/10/2020 6:48:13 PM
Type: Error Category: 0
Event: 8193 Source: VSS
Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress. . 
 
Log: 'Application' Date/Time: 10/10/2020 6:48:13 PM
Type: Error Category: 0
Event: 13 Source: VSS
Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] 
 
Log: 'Application' Date/Time: 10/10/2020 6:48:12 PM
Type: Error Category: 0
Event: 8193 Source: VSS
Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress. . 
 
Log: 'Application' Date/Time: 10/10/2020 6:48:12 PM
Type: Error Category: 0
Event: 13 Source: VSS
Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] 
 
Log: 'Application' Date/Time: 10/10/2020 11:56:10 AM
Type: Error Category: 0
Event: 1023 Source: Microsoft-Windows-Perflib
Windows cannot load the extensible counter DLL "C:\WINDOWS\system32\sysmain.dll" (Win32 error code The specified module could not be found.).
 
Log: 'Application' Date/Time: 10/10/2020 10:52:53 AM
Type: Error Category: 0
Event: 1020 Source: Microsoft-Windows-Perflib
The required buffer size is greater than the buffer size passed to the Collect function of the "C:\Windows\System32\perfts.dll" Extensible Counter DLL for the "LSM" service. The given buffer size was 19760 and the required size was 28440.
 
Log: 'Application' Date/Time: 10/10/2020 9:36:04 AM
Type: Error Category: 0
Event: 0 Source: Office 2016 Licensing Service
The event description cannot be found.
 
Log: 'Application' Date/Time: 09/10/2020 10:22:57 AM
Type: Error Category: 0
Event: 1020 Source: Microsoft-Windows-Perflib
The required buffer size is greater than the buffer size passed to the Collect function of the "C:\Windows\System32\perfts.dll" Extensible Counter DLL for the "LSM" service. The given buffer size was 20672 and the required size was 30464.
 
Log: 'Application' Date/Time: 08/10/2020 11:41:28 PM
Type: Error Category: 0
Event: 8193 Source: VSS
Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress. . 
 
Log: 'Application' Date/Time: 08/10/2020 11:41:28 PM
Type: Error Category: 0
Event: 13 Source: VSS
Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] 
 
Log: 'Application' Date/Time: 08/10/2020 11:41:27 PM
Type: Error Category: 0
Event: 8193 Source: VSS
Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress. . 
 
Log: 'Application' Date/Time: 08/10/2020 11:41:27 PM
Type: Error Category: 0
Event: 13 Source: VSS
Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] 
 
Log: 'Application' Date/Time: 08/10/2020 9:42:48 PM
Type: Error Category: 0
Event: 1023 Source: Microsoft-Windows-Perflib
Windows cannot load the extensible counter DLL "C:\WINDOWS\system32\sysmain.dll" (Win32 error code The specified module could not be found.).
 
Log: 'Application' Date/Time: 08/10/2020 10:06:37 AM
Type: Error Category: 0
Event: 0 Source: Office 2016 Licensing Service
The event description cannot be found.
 
Log: 'Application' Date/Time: 07/10/2020 8:32:29 AM
Type: Error Category: 0
Event: 0 Source: Office 2016 Licensing Service
The event description cannot be found.
 
Log: 'Application' Date/Time: 06/10/2020 7:39:27 AM
Type: Error Category: 0
Event: 0 Source: Office 2016 Licensing Service
The event description cannot be found.
 
Log: 'Application' Date/Time: 05/10/2020 10:22:28 PM
Type: Error Category: 17
Event: 4622 Source: Microsoft-Windows-EventSystem
The COM+ Event System could not marshal the subscriber for subscription {290AF5B8-6515-4A18-ABB9-F5C3B6368AD4}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}.  The HRESULT was 8007071a.
 
Log: 'Application' Date/Time: 05/10/2020 8:43:08 AM
Type: Error Category: 0
Event: 0 Source: Office 2016 Licensing Service
The event description cannot be found.
 
Log: 'Application' Date/Time: 04/10/2020 12:59:19 PM
Type: Error Category: 0
Event: 1023 Source: Microsoft-Windows-Perflib
Windows cannot load the extensible counter DLL "C:\WINDOWS\system32\sysmain.dll" (Win32 error code The specified module could not be found.).
 
Log: 'Application' Date/Time: 04/10/2020 9:56:52 AM
Type: Error Category: 0
Event: 0 Source: Office 2016 Licensing Service
The event description cannot be found.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 10/10/2020 6:56:48 PM
Type: Warning Category: 0
Event: 8233 Source: Microsoft-Windows-Security-SPP
The rules engine reported a failed VL activation attempt. Reason:0xC004F074 AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=UserLogon(1)
 
Log: 'Application' Date/Time: 10/10/2020 5:10:32 PM
Type: Warning Category: 0
Event: 8233 Source: Microsoft-Windows-Security-SPP
The rules engine reported a failed VL activation attempt. Reason:0xC004F074 AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=NetworkAvailable
 
Log: 'Application' Date/Time: 10/10/2020 5:10:25 PM
Type: Warning Category: 0
Event: 8233 Source: Microsoft-Windows-Security-SPP
The rules engine reported a failed VL activation attempt. Reason:0xC004F074 AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=TimerEvent
 
Log: 'Application' Date/Time: 10/10/2020 11:57:23 AM
Type: Warning Category: 0
Event: 8233 Source: Microsoft-Windows-Security-SPP
The rules engine reported a failed VL activation attempt. Reason:0xC004F074 AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=UserLogon(1)
 
Log: 'Application' Date/Time: 10/10/2020 11:56:08 AM
Type: Warning Category: 0
Event: 1008 Source: Microsoft-Windows-Perflib
The Open procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed with error code The system cannot find the file specified.. Performance data for this service will not be available.
 
Log: 'Application' Date/Time: 10/10/2020 11:33:50 AM
Type: Warning Category: 0
Event: 8233 Source: Microsoft-Windows-Security-SPP
The rules engine reported a failed VL activation attempt. Reason:0xC004F074 AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=TimerEvent
 
Log: 'Application' Date/Time: 10/10/2020 11:19:51 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe' (pid 10576) cannot be restarted - Application SID does not match Conductor SID..
 
Log: 'Application' Date/Time: 10/10/2020 9:33:35 AM
Type: Warning Category: 0
Event: 8233 Source: Microsoft-Windows-Security-SPP
The rules engine reported a failed VL activation attempt. Reason:0xC004F074 AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=NetworkAvailable
 
Log: 'Application' Date/Time: 10/10/2020 9:24:55 AM
Type: Warning Category: 0
Event: 8233 Source: Microsoft-Windows-Security-SPP
The rules engine reported a failed VL activation attempt. Reason:0xC004F074 AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=UserLogon(3)
 
Log: 'Application' Date/Time: 10/10/2020 9:24:49 AM
Type: Warning Category: 0
Event: 8233 Source: Microsoft-Windows-Security-SPP
The rules engine reported a failed VL activation attempt. Reason:0xC004F074 AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=TimerEvent
 
Log: 'Application' Date/Time: 09/10/2020 10:19:10 PM
Type: Warning Category: 0
Event: 8233 Source: Microsoft-Windows-Security-SPP
The rules engine reported a failed VL activation attempt. Reason:0xC004F074 AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=TimerEvent
 
Log: 'Application' Date/Time: 09/10/2020 8:19:10 PM
Type: Warning Category: 0
Event: 8233 Source: Microsoft-Windows-Security-SPP
The rules engine reported a failed VL activation attempt. Reason:0xC004F074 AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=TimerEvent
 
Log: 'Application' Date/Time: 09/10/2020 6:19:10 PM
Type: Warning Category: 0
Event: 8233 Source: Microsoft-Windows-Security-SPP
The rules engine reported a failed VL activation attempt. Reason:0xC004F074 AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=TimerEvent
 
Log: 'Application' Date/Time: 09/10/2020 4:19:10 PM
Type: Warning Category: 0
Event: 8233 Source: Microsoft-Windows-Security-SPP
The rules engine reported a failed VL activation attempt. Reason:0xC004F074 AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=TimerEvent
 
Log: 'Application' Date/Time: 09/10/2020 2:19:10 PM
Type: Warning Category: 0
Event: 8233 Source: Microsoft-Windows-Security-SPP
The rules engine reported a failed VL activation attempt. Reason:0xC004F074 AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=TimerEvent
 
Log: 'Application' Date/Time: 09/10/2020 12:19:12 PM
Type: Warning Category: 0
Event: 8233 Source: Microsoft-Windows-Security-SPP
The rules engine reported a failed VL activation attempt. Reason:0xC004F074 AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=TimerEvent
 
Log: 'Application' Date/Time: 09/10/2020 10:19:10 AM
Type: Warning Category: 0
Event: 8233 Source: Microsoft-Windows-Security-SPP
The rules engine reported a failed VL activation attempt. Reason:0xC004F074 AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=UserLogon(2)
 
Log: 'Application' Date/Time: 09/10/2020 10:18:18 AM
Type: Warning Category: 0
Event: 8233 Source: Microsoft-Windows-Security-SPP
The rules engine reported a failed VL activation attempt. Reason:0xC004F074 AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=NetworkAvailable
 
Log: 'Application' Date/Time: 09/10/2020 10:17:54 AM
Type: Warning Category: 0
Event: 8233 Source: Microsoft-Windows-Security-SPP
The rules engine reported a failed VL activation attempt. Reason:0xC004F074 AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=TimerEvent
 
Log: 'Application' Date/Time: 08/10/2020 11:45:06 PM
Type: Warning Category: 0
Event: 8233 Source: Microsoft-Windows-Security-SPP
The rules engine reported a failed VL activation attempt. Reason:0xC004F074 AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=NetworkAvailable
 
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 10/10/2020 8:07:10 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 15/08/2020 8:17:28 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 04/08/2020 9:02:29 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 26/07/2020 1:48:10 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 03/07/2020 1:43:50 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 09/10/2020 10:22:36 AM
Type: Error Category: 0
Event: 7030 Source: Service Control Manager
The AMD User Experience Program Launcher service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Log: 'System' Date/Time: 08/10/2020 11:42:07 PM
Type: Error Category: 0
Event: 7024 Source: Service Control Manager
The Avira Scheduler service terminated with the following service-specific error:  Incorrect function.
 
Log: 'System' Date/Time: 08/10/2020 5:32:01 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 08/10/2020 5:29:58 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 08/10/2020 5:27:58 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 06/10/2020 10:27:48 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server microsoft.windowscommunicationsapps_16005.12624.20368.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 04/10/2020 12:50:23 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server microsoft.windowscommunicationsapps_16005.12624.20368.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 02/10/2020 10:34:10 PM
Type: Error Category: 0
Event: 5 Source: BTHUSB
The Bluetooth driver expected an HCI event with a certain size but did not receive it.
 
Log: 'System' Date/Time: 02/10/2020 10:31:21 PM
Type: Error Category: 0
Event: 5 Source: BTHUSB
The Bluetooth driver expected an HCI event with a certain size but did not receive it.
 
Log: 'System' Date/Time: 02/10/2020 10:30:49 PM
Type: Error Category: 0
Event: 5 Source: BTHUSB
The Bluetooth driver expected an HCI event with a certain size but did not receive it.
 
Log: 'System' Date/Time: 27/09/2020 8:34:52 PM
Type: Error Category: 0
Event: 7024 Source: Service Control Manager
The Avira Scheduler service terminated with the following service-specific error:  Incorrect function.
 
Log: 'System' Date/Time: 27/09/2020 8:33:57 PM
Type: Error Category: 0
Event: 7043 Source: Service Control Manager
The Windows Update service did not shut down properly after receiving a preshutdown control.
 
Log: 'System' Date/Time: 16/09/2020 1:38:45 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server microsoft.windowscommunicationsapps_16005.12624.20368.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 09/09/2020 8:30:01 PM
Type: Error Category: 0
Event: 7024 Source: Service Control Manager
The Avira Scheduler service terminated with the following service-specific error:  Incorrect function.
 
Log: 'System' Date/Time: 02/09/2020 9:33:01 PM
Type: Error Category: 0
Event: 7024 Source: Service Control Manager
The Avira Scheduler service terminated with the following service-specific error:  Incorrect function.
 
Log: 'System' Date/Time: 02/09/2020 8:56:16 PM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x8024001E: Security Intelligence Update for Microsoft Defender Antivirus - KB2267602 (Version 1.323.392.0).
 
Log: 'System' Date/Time: 02/09/2020 5:32:41 PM
Type: Error Category: 0
Event: 7022 Source: Service Control Manager
The Update Orchestrator Service service hung on starting.
 
Log: 'System' Date/Time: 02/09/2020 4:43:03 PM
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1084" attempting to start the service RmSvc with arguments "Unavailable" in order to run the server: {581333F6-28DB-41BE-BC7A-FF201F12F3F6}
 
Log: 'System' Date/Time: 02/09/2020 4:43:03 PM
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1084" attempting to start the service RmSvc with arguments "Unavailable" in order to run the server: {581333F6-28DB-41BE-BC7A-FF201F12F3F6}
 
Log: 'System' Date/Time: 02/09/2020 4:42:19 PM
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1084" attempting to start the service DispBrokerDesktopSvc with arguments "Unavailable" in order to run the server: DispBrokerDesktop.GlobalBrokerInstance
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 10/10/2020 7:04:10 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}  and APPID  {15C20B67-12E7-4BB6-92BB-7AFF07997402}  to the user DAVIDDELL2\David Jackson SID (S-1-5-21-2490165305-1638453623-257508744-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 10/10/2020 7:03:36 PM
Type: Warning Category: 0
Event: 17 Source: Microsoft-Windows-WHEA-Logger
A corrected hardware error has occurred.  Component: PCI Express Root Port Error Source: Advanced Error Reporting (PCI Express)  Primary Bus:Device:Function: 0x0:0x1C:0x5 Secondary Bus:Device:Function: 0x0:0x0:0x0 Primary Device Name:PCI\VEN_8086&DEV_9D15&SUBSYS_08411028&REV_F1 Secondary Device Name:
 
Log: 'System' Date/Time: 10/10/2020 6:58:35 PM
Type: Warning Category: 0
Event: 17 Source: Microsoft-Windows-WHEA-Logger
A corrected hardware error has occurred.  Component: PCI Express Root Port Error Source: Advanced Error Reporting (PCI Express)  Primary Bus:Device:Function: 0x0:0x1C:0x5 Secondary Bus:Device:Function: 0x0:0x0:0x0 Primary Device Name:PCI\VEN_8086&DEV_9D15&SUBSYS_08411028&REV_F1 Secondary Device Name:
 
Log: 'System' Date/Time: 10/10/2020 6:50:43 PM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 7 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.
 
Log: 'System' Date/Time: 10/10/2020 6:49:35 PM
Type: Warning Category: 0
Event: 1 Source: rt640x64
Realtek PCIe GBE Family Controller is disconnected from network.
 
Log: 'System' Date/Time: 10/10/2020 6:49:32 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device ACPI\INT3400\2&daba3ff&1.
 
Log: 'System' Date/Time: 10/10/2020 5:17:59 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user DAVIDDELL2\David Jackson SID (S-1-5-21-2490165305-1638453623-257508744-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ShellExperienceHost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 10/10/2020 5:17:53 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user DAVIDDELL2\David Jackson SID (S-1-5-21-2490165305-1638453623-257508744-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ShellExperienceHost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 10/10/2020 5:15:10 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user DAVIDDELL2\David Jackson SID (S-1-5-21-2490165305-1638453623-257508744-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ShellExperienceHost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 10/10/2020 5:14:19 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user DAVIDDELL2\David Jackson SID (S-1-5-21-2490165305-1638453623-257508744-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ShellExperienceHost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 10/10/2020 5:13:51 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}  and APPID  {15C20B67-12E7-4BB6-92BB-7AFF07997402}  to the user DAVIDDELL2\David Jackson SID (S-1-5-21-2490165305-1638453623-257508744-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 10/10/2020 5:11:07 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}  and APPID  {15C20B67-12E7-4BB6-92BB-7AFF07997402}  to the user DAVIDDELL2\David Jackson SID (S-1-5-21-2490165305-1638453623-257508744-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 10/10/2020 5:09:52 PM
Type: Warning Category: 0
Event: 17 Source: Microsoft-Windows-WHEA-Logger
A corrected hardware error has occurred.  Component: PCI Express Root Port Error Source: Advanced Error Reporting (PCI Express)  Primary Bus:Device:Function: 0x0:0x1C:0x5 Secondary Bus:Device:Function: 0x0:0x0:0x0 Primary Device Name:PCI\VEN_8086&DEV_9D15&SUBSYS_08411028&REV_F1 Secondary Device Name:
 
Log: 'System' Date/Time: 10/10/2020 5:09:52 PM
Type: Warning Category: 0
Event: 17 Source: Microsoft-Windows-WHEA-Logger
A corrected hardware error has occurred.  Component: PCI Express Root Port Error Source: Advanced Error Reporting (PCI Express)  Primary Bus:Device:Function: 0x0:0x1C:0x5 Secondary Bus:Device:Function: 0x0:0x0:0x0 Primary Device Name:PCI\VEN_8086&DEV_9D15&SUBSYS_08411028&REV_F1 Secondary Device Name:
 
Log: 'System' Date/Time: 10/10/2020 5:09:50 PM
Type: Warning Category: 0
Event: 1 Source: rt640x64
Realtek PCIe GBE Family Controller is disconnected from network.
 
Log: 'System' Date/Time: 10/10/2020 12:01:39 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}  and APPID  {15C20B67-12E7-4BB6-92BB-7AFF07997402}  to the user DAVIDDELL2\David Jackson SID (S-1-5-21-2490165305-1638453623-257508744-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 10/10/2020 11:59:23 AM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  Windows.SecurityCenter.WscBrokerManager  and APPID  Unavailable  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 10/10/2020 11:59:23 AM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  Windows.SecurityCenter.SecurityAppBroker  and APPID  Unavailable  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 10/10/2020 11:55:58 AM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 7 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.
 
Log: 'System' Date/Time: 10/10/2020 11:54:50 AM
Type: Warning Category: 0
Event: 1 Source: rt640x64
Realtek PCIe GBE Family Controller is disconnected from network.
 

  • 0

#203
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,700 posts
  • MVP

It is still showing the same error:

 

Log: 'System' Date/Time: 10/10/2020 6:58:35 PM
Type: Warning Category: 0
Event: 17 Source: Microsoft-Windows-WHEA-Logger
A corrected hardware error has occurred.  Component: PCI Express Root Port Error Source: Advanced Error Reporting (PCI Express)  Primary Bus:Device:Function: 0x0:0x1C:0x5 Secondary Bus:Device:Function: 0x0:0x0:0x0 Primary Device Name:PCI\VEN_8086&DEV_9D15&SUBSYS_08411028&REV_F1 Secondary Device Name:

 

Did the WiFi get turned on again somehow?  Normally this is a separate little circuit board so if you do decide to open up the back you might try removing it.

 

Avira is having some problems so you might try a repair or reinstall of Avira.


  • 0

#204
daba

daba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 367 posts

Hello and thank you. I daren't open the laptop. Once I've sorted out the antivirus I'll check the wireless adapter isn't turned back on. I think I may have inadvertently stumbled on the core issue: residual avira components interfering. I've always used Revo but it didn't fully uninstall everything this time because the default avira uninstaller wouldn't complete the initial uninstall (screenshot). The interwebs are full of disgruntled users who now cannot update Windows 10 at all, due to this. Mine is up to date, I did it yesterday. So I would be very grateful to you if you could assist me in somehow cleaning things up with Avira. I had planned to get rid of it and re-install Panda - or possiby AVG. But since it's still showing the launcher icon in the tray have to now work through this fix: https://support.avir...e-installation-

 

I can't make much sense out of it. There's an immediate problem with those instructions, well several actually. First of all, if I try and follow Start - Control Panel - Folder Options, there is no Folder Options.Second, point 4, delete the Avira Folders: how are you supposed to find them/see them/ know if you have them? Point 8: activate the avira antivirus control box.

 

I also tried updating my Dell drivers. It said they'd found 5 including an urgent BIOS one. I've read that beeps indicates a BIOS issue, could they be connected? Either way, the download just kept downloading for hours with no resolution so I wasn't able to proceed. Help, I think I'm drowning!


  • 0

#205
daba

daba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 367 posts

Forgot the screenshot. Apologies.

Attached Thumbnails

  • Screenshot (36).png

  • 0

Advertisements


#206
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,700 posts
  • MVP

Their instructions are for Win 7.  To see Win 10 hidden files:

 

http://www.howtogeek...-windows-vista/

 

If you still can't get it then post a new FRST scan and we will see if FRST can remove it.

 

For the Dell drivers it is best to just download one at a time rather than using their bulk downloader.


  • 0

#207
daba

daba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 367 posts

Thanks very much for that. I'll do the drivers tonight and tomorrow try  the avira process. If I can't get it to work I'll post a FRST. Much obliged.


  • 0

#208
daba

daba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 367 posts

Morning (here at least). Thank you for your ongoing support. I appreciate it. So just now there was a Dell notification telling me that Dell Digital Delivery app was not on my system, to download it from Microsoft. It says error at 3% download. Stuck. So that's one thing.

 

Another is that the drivers, some of them, that I installed last night (the installs were confirmed) are today still showing on the drivers to be installed list. I ran the install again and despite saying 'install successful' or however it's worded, they're still on the list. Screenshot attached. So I haven't gotten to the Avira thing yet. But on that subject, a dell notication said neither Defender nor Avira antivirus were running; yet when I click the icon Windows AV IS running. To top it all, the skipping is back with a vengeance. Thank you. Any ideas?


  • 0

#209
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,700 posts
  • MVP

Let's check your speed:

 

https://www.speedtest.net/

 

Is that about what you pay for?

 

The Dell Digital Delivery app is the bulk downloader.  I prefer not to use it.  If it shows up in your uninstall list try and uninstall it.

 

Perhaps it is time for another FRST scan.


  • 0

#210
daba

daba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 367 posts

Thank you. Pease excuse the typng. Best I can do. Ping 27, D 9.13Mbps U0.55

Dell's OWN driver suggestions for intel hd grapic cardd says incompatible! Beeping lots when I move cursor. When I bought the laptop it came with a pirated  English windows from China (the authentic version is Chinese only so for expats that's what they do), can we check that it's 64 bit? Maybe the system is 32-bit but most normal Dell 3478 Vostros are 64? I don't know.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-10-2020
Ran by David Jackson (administrator) on DAVIDDELL2 (Dell Inc. Vostro 3478) (12-10-2020 13:32:47)
Running from C:\Users\David Jackson\Desktop
Loaded Profiles: David Jackson
Platform: Windows 10 Home Version 1909 18363.1082 (X64) Language: English (United States)
Default browser: "C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe" --single-argument %1
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPUF.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0359160.inf_amd64_77f1d6913ff60c38\B358802\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0359160.inf_amd64_77f1d6913ff60c38\B358802\atiesrxx.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe <16>
(Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\atiw.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(F.lux Software LLC -> f.lux Software LLC) C:\Users\David Jackson\AppData\Local\FluxSoftware\Flux\flux.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® pGFX 2020 -> ) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_cf129e457c51e71b\OneApp.IGCC.WinService.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0ff9f497187b8bed\igfxCUIService.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0ff9f497187b8bed\igfxEM.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_020c2c7d3ac4a7d3\IntelCpHDCPSvc.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_020c2c7d3ac4a7d3\IntelCpHeciSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2009.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2009.7-0\NisSrv.exe
(Open-Shell) [File not signed] C:\Program Files\Open-Shell\StartMenu.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7193.611\DSAPI.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(VS Revo Group Ltd. -> VS Revo Group) C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Open-Shell Start Menu] => C:\Program Files\Open-Shell\StartMenu.exe [216576 2018-08-18] (Open-Shell) [File not signed]
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [318920 2019-05-30] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => c:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1235160 2019-09-26] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [704720 2020-09-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\Run: [f.lux] => C:\Users\David Jackson\AppData\Local\FluxSoftware\Flux\flux.exe [1469968 2020-06-17] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe [2095272 2020-10-07] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.121\Installer\chrmstp.exe [2020-09-23] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\86.1.15.72\Installer\chrmstp.exe [2020-10-07] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {044E1B9A-370F-4F6F-BADB-0A0F0DA37B38} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-09-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {07206806-A807-414D-921E-5C3716C28B53} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [660688 2020-09-14] (Mozilla Corporation -> Mozilla Foundation)
Task: {11FCF4AA-3F7D-4378-967A-F69D76B06EE6} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_pepper.exe [1497656 2020-09-08] (Adobe Inc. -> Adobe)
Task: {1628DE49-B22E-47A2-9958-9B7685BB85C5} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {1EC872FD-257A-42A2-A96F-1FE2A48525A3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1FEE1AB6-7875-4C51-8A22-DFEA95CAE2DE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {21502A61-3EEA-4DD4-BEB9-730C9B04E2CE} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [30106496 2020-10-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {2D9B5C67-AA2D-4FE1-8F01-EEA440144BCF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {529BF201-0512-4F97-A595-3A1659566AD9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5FC8279F-34E1-4E48-96E4-05997EF10D17} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {74F7F83F-2E3D-47E4-AB60-9AD942D901C5} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {75198F92-0F54-4164-926B-3AA5947FE1E3} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {85493095-4007-4EB6-9694-D88CFAE7F7AE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {8A38CDAD-EF90-4699-B677-E6471EE6F8F7} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-09-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {8A408B5D-FB1B-4DEC-B6C8-7B2A2CC01B52} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-09-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {8BBD9E48-D1AD-4C50-9E18-A1023B11A20C} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1045976 2020-09-01] (Dell Inc. -> Dell Inc.)
Task: {8E9545BB-8354-41B5-B7EB-2FBE21D68677} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe
Task: {8EEC5CF0-6E3A-4C54-8E3A-812E083C98B1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {9501F0CA-ADFF-4560-8128-A85B9067C8B7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A2E715DF-301D-4D24-868D-15650F4A0840} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645240 2020-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {BB8CD43C-4901-4FC2-AA25-E43E380B45FF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-24] (Google LLC -> Google LLC)
Task: {DCA8B5F6-E9BC-44A1-B703-96C3D0C61484} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {E2784EE5-9C34-4A29-B50A-7D4BC89E782E} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645240 2020-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {E7611AFD-1B56-4D55-AE60-0C0DE6CB3B2D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-24] (Google LLC -> Google LLC)
Task: {EC8B1B18-0FAC-4DC3-9501-10DB2041BDAC} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-08] (Adobe Inc. -> Adobe)
Task: {F3BD7406-3407-4868-B770-5B166A045ADE} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {F8288A4A-A5E8-414C-9179-FF7E716E29AB} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645240 2020-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 10.0.0.254
Tcpip\..\Interfaces\{8c70cad8-062e-4f13-8ce5-2a31ab038f35}: [DhcpNameServer] 10.0.0.254
Tcpip\..\Interfaces\{b3d91cbd-008e-4ca0-a438-0fc4de714817}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{e74bf68f-123f-41dc-be80-cfca9c0eab71}: [DhcpNameServer] 192.168.88.1 192.168.1.1
 
FireFox:
========
FF DefaultProfile: 58x27176.default-1552496324060
FF ProfilePath: C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060 [2020-10-04]
FF Extension: (Clear Cache) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2019-07-10]
FF Extension: (Reverso – Translation, dictionary) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2020-07-21]
FF Extension: (Simple Translate) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2020-05-11]
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2020-07-21]
FF Extension: (uBlock Origin) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2020-09-02]
FF Extension: (Avast Online Security) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2020-04-10] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/aos/update.json]
FF Extension: (Startpage.com — Private Search Engine) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\{20fc2e06-e3e4-4b2b-812b-ab431220cada}.xpi [2019-10-27]
FF Extension: (Zhongwen: Chinese-English Dictionary) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\{b65c7bc6-846b-4f65-b6ed-099d7e042309}.xpi [2019-03-14] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-09-11] (Adobe Inc. -> Adobe Systems Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default [2020-10-11]
CHR Extension: (Slides) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-24]
CHR Extension: (Docs) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-24]
CHR Extension: (Google Drive) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-04-24]
CHR Extension: (YouTube) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-24]
CHR Extension: (Avira Safe Shopping) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2020-09-10]
CHR Extension: (uBlock Origin) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-09-27]
CHR Extension: (Sheets) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-24]
CHR Extension: (Google Docs Offline) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-27]
CHR Extension: (Avast Online Security) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-09-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-24]
CHR Extension: (Gmail) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-04-24]
CHR Extension: (Chrome Media Router) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-10]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-08] (Adobe Inc. -> Adobe)
R2 AUEPLauncher; C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPLauncher.exe [61624 2020-09-10] (Advanced Micro Devices, Inc. -> AMD)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2988544 2020-06-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [384544 2020-10-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [284720 2020-08-08] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3563568 2020-08-08] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [490032 2020-08-08] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [40656 2020-04-09] (Dell Inc -> )
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7193.611\DSAPI.exe [987632 2020-10-10] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [37056 2020-07-29] (Dell Inc -> )
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31704 2020-09-01] (Dell Inc. -> Dell Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\NisSrv.exe [2372048 2020-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MsMpEng.exe [128376 2020-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 AviraSecurity; "C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe" [X]
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 asvpndrv; C:\WINDOWS\System32\drivers\asvpndrv.sys [31744 2014-05-18] (Astrill -> Astrill)
R4 DBUtil_2_3; C:\WINDOWS\TEMP\DBUtil_2_3.Sys [14840 2020-10-12] (Dell Inc. -> )
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [42376 2020-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
U5 PROCMON24; C:\Windows\System32\Drivers\PROCMON24.sys [97176 2019-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Sysinternals - www.sysinternals.com)
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 rspWhySoSlow; C:\WINDOWS\System32\DRIVERS\rspWhy64.sys [28928 2016-12-17] (Daniel Terhell -> Resplendence Software Projects Sp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-10-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [428264 2020-10-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69864 2020-10-11] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-10-12 13:32 - 2020-10-12 13:35 - 000026747 _____ C:\Users\David Jackson\Desktop\FRST.txt
2020-10-12 13:32 - 2020-10-12 13:32 - 002299392 _____ (Farbar) C:\Users\David Jackson\Desktop\FRST64 (1).exe
2020-10-12 12:38 - 2020-10-12 12:38 - 000003132 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2020-10-12 12:38 - 2020-10-12 12:38 - 000003118 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2020-10-12 12:21 - 2020-10-12 12:27 - 383118040 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Intel-HD-Graphics-Driver_82KT0_WIN_26.20.100.7263_A04 (1).EXE
2020-10-12 12:07 - 2020-10-12 12:07 - 000000000 ____D C:\WINDOWS\system32\ihvmanager
2020-10-12 11:54 - 2020-10-12 12:00 - 383118040 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Intel-HD-Graphics-Driver_82KT0_WIN_26.20.100.7263_A04.EXE
2020-10-12 11:51 - 2020-10-12 11:51 - 000610384 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\SupportAssistLauncher (1).exe
2020-10-12 11:40 - 2020-10-12 11:41 - 103156624 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Qualcomm-QCA61x4A-QCA9377-WiFi-and-Bluetooth-Driver_4747J_WIN_12.0.0.916_A33 (1).EXE
2020-10-11 23:21 - 2020-10-11 23:21 - 014363136 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\SupportAssist-Update-Plugin-Application_VN1DC_WIN_5.2.1.12926_A00.EXE
2020-10-11 23:10 - 2020-10-11 23:10 - 000000000 ____D C:\WINDOWS\{11A89B9C-E4A8-479A-9C38-07489C2FC153}
2020-10-11 23:09 - 2020-10-11 23:10 - 026781280 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Dell-Update-Application-for-Windows-10_26GC8_WIN_3.1.3_A00.EXE
2020-10-11 23:07 - 2020-10-11 23:07 - 010339496 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Dell-Mobile-Connect-Driver_6YDGY_WIN_3.1_A00.EXE
2020-10-11 23:04 - 2020-10-12 12:54 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2020-10-11 23:04 - 2020-10-11 23:04 - 000000000 ____D C:\Program Files (x86)\DummyDir
2020-10-11 23:00 - 2020-10-11 23:02 - 084948256 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Dell-Alienware-Digital-Delivery-Application_9MRKW_WIN_4.0.52.0_A17.EXE
2020-10-11 22:53 - 2020-10-11 22:53 - 000001077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves MaxxAudioPro.lnk
2020-10-11 22:53 - 2020-10-11 22:53 - 000000000 ____D C:\Program Files\Waves
2020-10-11 22:51 - 2020-10-11 22:52 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2020-10-11 22:47 - 2020-02-17 23:36 - 024942088 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioCapture64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 024161688 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRenderAVX64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 024063104 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRender64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 007272536 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2020-10-11 22:47 - 2020-02-17 23:36 - 003793640 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioMeters64.exe
2020-10-11 22:47 - 2020-02-17 23:36 - 003769296 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 003676960 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2020-10-11 22:47 - 2020-02-17 23:36 - 003353720 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 003159672 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 002930048 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 001353216 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 000692056 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 000575080 _____ (Intel Corporation) C:\WINDOWS\system32\tbb_waves.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 000343600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 000240024 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTHDASIO64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 000200600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RTHDASIO.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 000192872 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2020-10-11 22:47 - 2020-02-17 23:36 - 000023584 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2020-10-11 22:47 - 2020-02-17 23:22 - 038528612 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2020-10-11 22:47 - 2018-01-08 04:04 - 005804772 _____ C:\WINDOWS\system32\Drivers\rtvienna.dat
2020-10-11 22:43 - 2019-12-19 15:07 - 002877104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2020-10-11 22:38 - 2020-10-11 22:54 - 000000000 ___HD C:\Program Files (x86)\Temp
2020-10-11 22:37 - 2020-10-11 22:37 - 000019632 _____ C:\WINDOWS\SysWOW64\RtkMsgs.dll
2020-10-11 22:23 - 2020-10-11 22:31 - 490330584 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Realtek-High-Definition-Audio-Driver_MM88C_WIN_6.0.8895.1_A16.EXE
2020-10-11 22:23 - 2020-10-11 22:23 - 012362680 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Intel-Chipset-Device-Software_5MPRF_WIN_10.1.18121.8164_A09.EXE
2020-10-11 22:12 - 2020-10-11 22:13 - 097367512 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Intel-Management-Engine-Interface-Driver_V0N4T_WIN_1932.12.0.1298_A03.EXE
2020-10-11 22:12 - 2020-10-11 22:12 - 006705368 _____ C:\Users\David Jackson\Downloads\Vostro_3478_3578_Inspiron_3476_3576_1.10.0.exe
2020-10-11 18:26 - 2020-10-11 18:27 - 000000000 ____D C:\Users\Public\Speedup Sessions
2020-10-11 18:26 - 2020-10-11 18:26 - 000003782 _____ C:\WINDOWS\system32\Tasks\AviraSystemSpeedupUpdate
2020-10-11 18:24 - 2020-10-11 18:25 - 004434320 _____ (Avira Operations GmbH & Co. KG) C:\Users\David Jackson\Downloads\avira_en_sptl1_cbc6c5b27d137256__pavws-spotlight-release.exe
2020-10-11 18:13 - 2020-10-11 18:13 - 003181960 _____ (Avira Operations GmbH & Co. KG) C:\Users\David Jackson\Desktop\avira_registry_cleaner_en.exe
2020-10-11 13:12 - 2020-10-11 13:12 - 000000000 ____D C:\Users\David Jackson\Documents\TotalAV
2020-10-11 13:08 - 2020-10-11 13:08 - 000000000 ____D C:\ProgramData\SecuritySuite
2020-10-11 12:55 - 2020-10-11 12:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
2020-10-11 12:50 - 2020-10-11 12:50 - 013988288 _____ C:\Users\David Jackson\Downloads\TotalAV_Setup.exe
2020-10-11 00:07 - 2020-10-11 00:07 - 000158535 _____ C:\Users\David Jackson\Downloads\87866-795042.lies-students-hear.pdf
2020-10-10 20:32 - 2020-10-10 20:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2020-10-10 20:29 - 2020-10-10 20:29 - 000000000 _____ C:\WINDOWS\invcol.tmp
2020-10-10 20:28 - 2020-10-10 20:28 - 000003914 _____ C:\WINDOWS\system32\Tasks\Dell SupportAssistAgent AutoUpdate
2020-10-10 20:27 - 2020-10-10 20:27 - 000000000 ____D C:\Program Files (x86)\Dell
2020-10-10 20:26 - 2020-10-10 20:26 - 000000000 ____D C:\ProgramData\SupportAssist
2020-10-10 20:25 - 2020-10-10 20:25 - 000610384 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\SupportAssistLauncher.exe
2020-10-09 11:22 - 2020-10-09 11:22 - 000003304 _____ C:\WINDOWS\system32\Tasks\StartCNBM
2020-10-08 18:38 - 2020-10-08 18:38 - 000003194 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2020-10-08 18:37 - 2020-10-08 18:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software
2020-10-08 18:36 - 2020-10-08 18:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2020-10-08 18:18 - 2020-09-28 17:28 - 001753712 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-10-08 18:18 - 2020-09-28 17:28 - 001753712 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-10-08 18:18 - 2020-09-28 17:28 - 001593456 _____ (AMD) C:\WINDOWS\system32\coinst_20.20.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 001359472 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-10-08 18:18 - 2020-09-28 17:28 - 001359472 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-10-08 18:18 - 2020-09-28 17:28 - 001047792 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 001047792 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000910248 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000910248 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000736880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000621168 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000496752 _____ C:\WINDOWS\system32\GameManager64.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000493168 _____ C:\WINDOWS\system32\dgtrayicon.exe
2020-10-08 18:18 - 2020-09-28 17:28 - 000380016 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000186992 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000166512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000156784 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000142448 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000046704 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000043632 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000019784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2020-10-08 18:18 - 2020-09-28 17:28 - 000019784 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 004631664 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 004156016 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 001783408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 001344624 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 001344624 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000761456 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2020-10-08 18:18 - 2020-09-28 17:27 - 000468592 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000456304 _____ C:\WINDOWS\system32\atieah64.exe
2020-10-08 18:18 - 2020-09-28 17:27 - 000351856 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2020-10-08 18:18 - 2020-09-28 17:27 - 000339568 _____ C:\WINDOWS\system32\clinfo.exe
2020-10-08 18:18 - 2020-09-28 17:27 - 000245360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000213104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000182400 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000167024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000158648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000140912 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000135792 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000125552 _____ C:\WINDOWS\system32\atidxx64.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000107632 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2020-10-08 18:18 - 2020-09-28 17:27 - 000070256 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2020-10-08 18:18 - 2020-09-28 17:26 - 000130232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2020-10-08 18:18 - 2020-09-28 17:26 - 000108248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2020-10-08 18:18 - 2020-09-28 16:26 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2020-10-08 18:18 - 2020-09-28 16:26 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2020-10-08 18:18 - 2020-09-28 16:26 - 000548096 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2020-10-08 18:18 - 2020-09-28 16:26 - 000548096 _____ C:\WINDOWS\system32\atiapfxx.blb
2020-10-08 18:18 - 2020-09-23 15:43 - 000510368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdfendrsr.exe
2020-10-08 18:18 - 2020-09-23 15:43 - 000088992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdfendr.sys
2020-10-08 18:18 - 2020-07-27 08:41 - 000062056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdxe.sys
2020-10-08 18:17 - 2020-09-28 17:27 - 072714352 _____ C:\WINDOWS\system32\amd_comgr.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 060127344 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 000941168 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 000768624 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 000553584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 000383600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 000134768 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 000122480 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 000120432 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-10-08 18:17 - 2020-09-28 17:27 - 000107120 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000546800 _____ C:\WINDOWS\system32\amdmiracast.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000489584 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000380016 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000198832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000167912 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000135928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000130232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000120264 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2020-10-08 18:17 - 2020-09-28 17:26 - 000108248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2020-10-08 14:45 - 2020-10-08 14:45 - 002779059 _____ C:\Users\David Jackson\Downloads\i-to-i-tefl-level-5-180-hour-course-guide.pdf
2020-10-02 23:21 - 2020-10-02 23:22 - 103156624 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Qualcomm-QCA61x4A-QCA9377-WiFi-and-Bluetooth-Driver_4747J_WIN_12.0.0.916_A33.EXE
2020-10-01 11:44 - 2020-10-01 11:44 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-10-01 11:44 - 2020-09-10 18:14 - 000905528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2020-10-01 11:44 - 2020-09-10 18:14 - 000436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2020-09-30 20:17 - 2020-09-30 20:17 - 000473751 _____ C:\Users\David Jackson\Desktop\SpeccyNew.txt
2020-09-30 20:15 - 2020-09-30 20:15 - 000473780 _____ C:\Users\David Jackson\Desktop\DAVIDDELL2.txt
2020-09-28 08:40 - 2020-10-12 13:32 - 000000000 ____D C:\Users\David Jackson\Desktop\FRST-OlderVersion
2020-09-27 21:44 - 2020-09-27 21:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-09-24 16:31 - 2020-09-24 16:31 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-09-24 16:31 - 2020-09-24 16:31 - 000002144 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-09-23 12:36 - 2020-10-11 18:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-09-23 12:36 - 2020-09-23 12:36 - 000001193 _____ C:\Users\Public\Desktop\Avira.lnk
2020-09-23 12:36 - 2020-09-23 12:36 - 000001193 _____ C:\ProgramData\Desktop\Avira.lnk
2020-09-14 13:16 - 2020-09-14 13:16 - 000000000 ____D C:\Users\David Jackson\AppData\Roaming\Macromedia
2020-09-14 13:09 - 2020-09-14 13:09 - 000002132 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2020-09-14 13:09 - 2020-09-14 13:09 - 000002132 _____ C:\ProgramData\Desktop\Acrobat Reader DC.lnk
2020-09-14 12:44 - 2020-10-02 23:34 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-09-14 12:33 - 2019-06-07 13:20 - 000687943 _____ C:\Users\David Jackson\Desktop\Passport scan.pdf
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-10-12 13:35 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-10-12 13:34 - 2020-01-24 00:15 - 000000000 ____D C:\FRST
2020-10-12 13:09 - 2019-08-25 22:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-10-12 12:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-10-12 12:40 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-10-12 12:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Registration
2020-10-12 12:37 - 2018-10-17 11:39 - 000000000 __SHD C:\Users\David Jackson\IntelGraphicsProfiles
2020-10-12 12:35 - 2019-08-25 23:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-10-12 12:34 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-10-12 12:33 - 2019-10-06 14:14 - 000000000 ____D C:\Users\David Jackson\AppData\Local\OpenShell
2020-10-12 12:27 - 2018-12-19 10:36 - 000000000 ____D C:\Users\David Jackson\AppData\Local\CrashDumps
2020-10-12 12:09 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-10-12 12:08 - 2019-10-04 15:23 - 000000000 ____D C:\Program Files (x86)\Qualcomm
2020-10-12 11:28 - 2020-03-05 15:22 - 000735058 _____ C:\WINDOWS\system32\perfh010.dat
2020-10-12 11:28 - 2020-03-05 15:22 - 000135432 _____ C:\WINDOWS\system32\perfc010.dat
2020-10-12 11:28 - 2020-01-14 21:53 - 000745756 _____ C:\WINDOWS\system32\perfh00C.dat
2020-10-12 11:28 - 2020-01-14 21:53 - 000139160 _____ C:\WINDOWS\system32\perfc00C.dat
2020-10-12 11:28 - 2020-01-14 21:35 - 000696098 _____ C:\WINDOWS\system32\perfh007.dat
2020-10-12 11:28 - 2020-01-14 21:35 - 000139468 _____ C:\WINDOWS\system32\perfc007.dat
2020-10-12 11:28 - 2019-08-26 08:17 - 000395550 _____ C:\WINDOWS\system32\prfh0804.dat
2020-10-12 11:28 - 2019-08-26 08:17 - 000122334 _____ C:\WINDOWS\system32\prfc0804.dat
2020-10-12 11:28 - 2019-08-25 23:03 - 003916954 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-10-12 11:27 - 2019-03-13 22:08 - 000000000 ____D C:\Program Files (x86)\Intel
2020-10-12 11:27 - 2019-03-13 22:07 - 000000000 ____D C:\ProgramData\Package Cache
2020-10-12 11:27 - 2018-10-17 11:32 - 000000000 ____D C:\ProgramData\Intel
2020-10-12 11:27 - 2018-10-17 11:32 - 000000000 ____D C:\Program Files\Intel
2020-10-12 11:16 - 2018-11-01 14:56 - 000000000 ____D C:\Users\David Jackson\AppData\Local\PlaceholderTileLogoFolder
2020-10-12 10:12 - 2019-10-04 15:22 - 000000000 ____D C:\ProgramData\Dell
2020-10-11 23:22 - 2019-10-08 22:42 - 000000000 ____D C:\Program Files\Dell
2020-10-11 23:08 - 2019-04-27 12:01 - 000000000 ____D C:\Users\David Jackson\AppData\Local\Downloaded Installations
2020-10-11 22:53 - 2018-10-17 08:52 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2020-10-11 22:53 - 2018-10-17 08:52 - 000000000 ____D C:\WINDOWS\system32\RTCOM
2020-10-11 22:46 - 2019-10-04 15:22 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-10-11 18:28 - 2020-09-02 22:02 - 000000000 ____D C:\ProgramData\Avira
2020-10-11 18:27 - 2020-09-02 22:02 - 000000000 ____D C:\Program Files (x86)\Avira
2020-10-11 13:06 - 2019-10-08 22:52 - 000000000 ____D C:\ProgramData\PCDr
2020-10-11 12:58 - 2018-10-18 10:25 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-10-11 12:54 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-10-10 20:30 - 2019-10-08 22:43 - 000000000 ____D C:\Users\David Jackson\AppData\Local\Dell Inc
2020-10-10 20:07 - 2019-10-07 12:18 - 000016560 _____ C:\VEW.txt
2020-10-10 18:13 - 2018-10-17 11:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-10-10 12:19 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-10-09 19:25 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-10-09 11:22 - 2018-10-17 11:31 - 000000000 ____D C:\Program Files\AMD
2020-10-08 22:42 - 2020-09-02 22:11 - 000003708 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2020-10-08 18:37 - 2020-01-30 14:14 - 000003160 _____ C:\WINDOWS\system32\Tasks\StartCN
2020-10-08 18:37 - 2020-01-30 14:14 - 000003080 _____ C:\WINDOWS\system32\Tasks\StartDVR
2020-10-08 18:29 - 2020-06-10 10:38 - 000000000 ____D C:\WINDOWS\system32\AMD
2020-10-08 18:18 - 2020-02-14 10:27 - 000000000 ____D C:\AMD
2020-10-07 20:21 - 2020-05-11 12:00 - 000002424 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2020-10-07 20:21 - 2020-05-11 12:00 - 000002383 _____ C:\Users\Public\Desktop\Brave.lnk
2020-10-07 20:21 - 2020-05-11 12:00 - 000002383 _____ C:\ProgramData\Desktop\Brave.lnk
2020-10-06 21:59 - 2018-10-17 10:44 - 000000000 ____D C:\Users\David Jackson\AppData\Roaming\vlc
2020-10-04 14:19 - 2018-10-17 11:02 - 000000000 ____D C:\Users\David Jackson\AppData\LocalLow\Mozilla
2020-10-02 23:34 - 2018-10-17 11:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-09-27 21:43 - 2018-10-17 11:02 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-09-27 18:23 - 2020-09-02 22:12 - 000000000 ____D C:\Users\Public\Security Sessions
2020-09-23 19:57 - 2020-04-24 13:53 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-23 19:57 - 2020-04-24 13:53 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-09-23 19:57 - 2020-04-24 13:53 - 000002262 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-09-14 13:11 - 2019-01-12 22:37 - 000000000 ____D C:\Users\David Jackson\AppData\Local\Adobe
2020-09-14 13:08 - 2019-06-11 19:34 - 000000000 ____D C:\Program Files (x86)\Adobe
 
==================== Files in the root of some directories ========
 
2019-01-27 14:38 - 2019-01-27 14:48 - 000000094 _____ () C:\Users\David Jackson\AppData\Roaming\AlamySizeCheck Preferences
2019-03-15 01:43 - 2019-03-15 01:43 - 039718141 _____ () C:\Users\David Jackson\AppData\Local\Ahiramto
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-10-2020
Ran by David Jackson (12-10-2020 13:37:13)
Running from C:\Users\David Jackson\Desktop
Windows 10 Home Version 1909 18363.1082 (X64) (2019-08-25 22:15:07)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2490165305-1638453623-257508744-500 - Administrator - Disabled)
David Jackson (S-1-5-21-2490165305-1638453623-257508744-1001 - Administrator - Enabled) => C:\Users\David Jackson
DefaultAccount (S-1-5-21-2490165305-1638453623-257508744-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2490165305-1638453623-257508744-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-2490165305-1638453623-257508744-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2490165305-1638453623-257508744-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 19.02 alpha (x64) (HKLM\...\7-Zip) (Version: 19.02 alpha - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.012.20048 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.433 - Adobe)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.9.1 - Advanced Micro Devices, Inc.)
Anki (HKLM-x32\...\Anki) (Version: 2.1.13 - )
Avira (HKLM-x32\...\{47430B15-7CE6-46CF-903E-B85CD2D29A7D}) (Version: 1.2.151.3852 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{f24507a8-a438-4e46-9563-6d53c727bd7e}) (Version: 1.2.151.3852 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.36.1.29260 - Avira Operations GmbH & Co. KG)
Avira Software Updater (HKLM-x32\...\{073825B9-FF06-4690-8CE4-3C0B72036122}) (Version: 2.0.6.37231 - Avira Operations GmbH & Co. KG) Hidden
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.7.0.11017 - Avira Operations GmbH & Co. KG)
Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 86.1.15.72 - Brave Software Inc)
Dell Digital Delivery Services (HKLM-x32\...\{CC5730C7-C867-43BD-94DA-00BB3836906F}) (Version: 4.0.52.0 - Dell Inc.)
Dell Mobile Connect Drivers (HKLM\...\{2D27B76E-8FB1-495B-A61D-FB76349E7E36}) (Version: 3.1.9518 - Screenovate Technologies Ltd.)
Dell SupportAssist (HKLM\...\{CC611DE8-38C7-4650-968E-B973B254E98C}) (Version: 3.7.0.148 - Dell Inc.)
Dell Update - SupportAssist Update Plugin (HKLM\...\{3C4F6923-3BE1-4E6C-8DEE-9EEF1E433795}) (Version: 5.2.1.12926 - Dell Inc.) Hidden
Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{8d32f870-d6fd-4420-b5cb-c29ac65f628d}) (Version: 5.2.1.12926 - Dell Inc.)
f.lux (HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\Flux) (Version:  - f.lux Software LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.121 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{c4a581e8-a702-448c-80c7-4b6192985db2}) (Version: 10.1.18228.8176 - Intel® Corporation)
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10209.6897 - Intel Corporation)
Intel® Graphics Driver Software (HKLM-x32\...\{34b71f5b-fd06-4029-966e-c1d187ea90a7}) (Version: 3.11.1.0 - Intel) Hidden
Intel® Graphics Driver Software (HKLM-x32\...\{d7a872bf-e69e-4300-8537-086dc6abbf23}) (Version: 3.11.1.0 - Intel) Hidden
Intel® HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 2.2.1.375 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1932.12.0.1298 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7212 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.5.0.1017 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.56.87.0 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{05817e4d-5f15-49b4-afec-7edb31fc7dd6}) (Version: 1.56.87.0 - Intel Corporation) Hidden
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{7D4998B3-AC68-4815-AC47-5A1969D91E30}) (Version: 17.5.0.1017 - Intel Corporation)
Luminar 3 (HKLM\...\Luminar 3) (Version: 3.2.0.5246 - Skylum)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.12253.1 - Waves Audio Ltd.) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\OneDriveSetup.exe) (Version: 19.152.0801.0008 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{97238E8A-4919-4A1E-965A-C6C36938F4CE}) (Version: 2.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Mozilla Firefox 80.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 80.0.1 (x64 en-US)) (Version: 80.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0.2 - Mozilla)
OEM Application Profile (HKLM-x32\...\{12C2AEB0-ED60-4CCF-DD83-C65BC7CCFB50}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Open-Shell (HKLM\...\{FD722BB1-4960-455F-89C6-EFAEB79527EF}) (Version: 4.4.131 - The Open-Shell Team)
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Qualcomm 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{E7086B15-806E-4519-A876-DBA9FDDE9A13}) (Version: 11.0.0.10505 - Qualcomm)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8895.1 - Realtek Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.18362.31252 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.1.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.5 - VS Revo Group, Ltd.)
Skype version 8.65 (HKLM-x32\...\Skype_is1) (Version: 8.65 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Update for Skype for Business 2016 (KB3127939) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{0E31A60F-4066-4FD8-AB36-4119E0FED3D9}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB3127939) 64-Bit Edition (HKLM\...\{90160000-012B-0409-1000-0000000FF1CE}_Office16.PROPLUS_{0E31A60F-4066-4FD8-AB36-4119E0FED3D9}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Vulkan Run Time Libraries 1.0.68.0 (HKLM\...\VulkanRT1.0.68.0) (Version: 1.0.68.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.68.0 (HKLM\...\VulkanRT1.0.68.0-2) (Version: 1.0.68.0 - LunarG, Inc.) Hidden
Zoom (HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\ZoomUMX) (Version: 5.1 - Zoom Video Communications, Inc.)
 
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-08] (Autodesk Inc.)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2727.0_x64__8j3eq9eme6ctt [2020-03-13] (INTEL CORP) [Startup Task]
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-19] (INTEL CORP)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-29] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.4030.0_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.14.6005.0_x64__8wekyb3d8bbwe [2020-04-16] (Microsoft Studios)
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-03-15] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-24] (Microsoft Corporation)
PhotoScape X -> C:\Program Files\WindowsApps\MooiiTech.PhotoScapeX_4.0.2.0_x64__f5eddttrpssna [2019-12-31] (Mooii Tech)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c [2020-02-07] (Skype)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2490165305-1638453623-257508744-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-05-09] (Intel® Rapid Storage Technology -> )
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2018-08-18] (Open-Shell) [File not signed]
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2018-08-18] (Open-Shell) [File not signed]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-09-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-05-09] (Intel® Rapid Storage Technology -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-09-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-09-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-09-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\system32\StartMenuHelper64.dll [2018-08-18] (Open-Shell) [File not signed]
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [msacm.voxacm160] => C:\WINDOWS\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.scg726] => C:\WINDOWS\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\WINDOWS\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lame] => C:\WINDOWS\system32\lame.ax [245760 2005-08-01] () [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\WINDOWS\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [File not signed]
HKLM\...\Drivers32: [vidc.mpg4] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp42] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\WINDOWS\system32\xvidvfw.dll [139264 2004-07-03] () [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\WINDOWS\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP62] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.LAGS] => C:\WINDOWS\system32\lagarith.dll [216064 2011-12-07] () [File not signed]
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\David Jackson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brave Apps\Secure, Fast & Private Web Browser with Adblocker _ Brave Browser.lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\chrome_proxy.exe (Brave Software, Inc.) ->  --profile-directory=Default --app-id=dnglpbpmfhoikjfpaeipmeobcbnoikhg
ShortcutWithArgument: C:\Users\David Jackson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\e2f3576b7abb043d\Brave.lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.) -> --profile-directory=Default
 
==================== Loaded Modules (Whitelisted) =============
 
2020-04-09 20:11 - 2020-04-09 20:11 - 000019456 _____ () [File not signed] C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.HSA.Server.dll
2020-07-27 14:57 - 2020-07-27 14:57 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2020-07-27 14:57 - 2020-07-27 14:57 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2018-03-13 04:47 - 2018-03-13 04:47 - 000912896 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-core.dll
2018-03-13 04:47 - 2018-03-13 04:47 - 003109888 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-s3.dll
2015-02-19 01:13 - 2015-02-19 01:13 - 000817152 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Device.dll
2015-02-19 01:13 - 2015-02-19 01:13 - 003650560 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Platform.dll
2019-10-18 16:48 - 2019-09-05 20:00 - 000076800 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2018-08-18 22:57 - 2018-08-18 22:57 - 000880128 _____ (Open-Shell) [File not signed] C:\Program Files\Open-Shell\ClassicExplorer64.dll
2018-08-18 22:57 - 2018-08-18 22:57 - 003447808 _____ (Open-Shell) [File not signed] C:\Program Files\Open-Shell\StartMenuDLL.dll
2018-08-18 22:57 - 2018-08-18 22:57 - 000301568 _____ (Open-Shell) [File not signed] C:\WINDOWS\system32\StartMenuHelper64.dll
2020-09-01 22:43 - 2020-09-01 22:43 - 001899008 _____ (SQLite Development Team) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\sqlite3.dll
2020-10-10 20:36 - 2020-10-10 20:36 - 001680384 _____ (SQLite Development Team) [File not signed] C:\WINDOWS\TEMP\Costura\1D16C6BEE7EBD5DA54AEC8A9AD8A178A\64\sqlite3.dll
2020-07-27 14:57 - 2020-07-27 14:57 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2020-07-27 14:57 - 2020-07-27 14:57 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2020-07-27 14:57 - 2020-07-27 14:57 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2020-07-27 14:57 - 2020-07-27 14:57 - 000413696 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2020-07-27 14:57 - 2020-07-27 14:57 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2020-07-27 14:57 - 2020-07-27 14:57 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2020-07-27 14:57 - 2020-07-27 14:57 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2020-07-27 14:57 - 2020-07-27 14:57 - 000519168 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2020-07-27 14:57 - 2020-07-27 14:57 - 001431040 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2020-07-27 14:57 - 2020-07-27 14:57 - 001180672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2020-07-27 14:57 - 2020-07-27 14:57 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2020-09-09 20:57 - 2020-09-09 20:57 - 006010880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2020-07-27 14:57 - 2020-07-27 14:57 - 006345216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2020-07-27 14:57 - 2020-07-27 14:57 - 001078272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2020-07-27 14:57 - 2020-07-27 14:57 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2020-07-27 14:57 - 2020-07-27 14:57 - 004000256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2020-07-27 14:57 - 2020-07-27 14:57 - 003802624 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2020-07-27 14:57 - 2020-07-27 14:57 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2020-07-27 14:57 - 2020-07-27 14:57 - 001083904 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2020-07-27 14:57 - 2020-07-27 14:57 - 000205312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2020-07-27 14:57 - 2020-07-27 14:57 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2020-07-27 14:57 - 2020-07-27 14:57 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2020-07-27 14:57 - 2020-07-27 14:57 - 000376320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2020-07-27 14:57 - 2020-07-27 14:57 - 092323328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2020-07-27 14:57 - 2020-07-27 14:57 - 005560832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2020-07-27 14:57 - 2020-07-27 14:57 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2020-07-27 14:57 - 2020-07-27 14:57 - 000188416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2020-07-27 14:57 - 2020-07-27 14:57 - 002888704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2020-07-27 14:57 - 2020-07-27 14:57 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2020-07-27 14:57 - 2020-07-27 14:57 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2020-07-27 14:57 - 2020-07-27 14:57 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2020-07-27 14:57 - 2020-07-27 14:57 - 000287232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2020-07-27 14:57 - 2020-07-27 14:57 - 000329216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2020-07-27 14:57 - 2020-07-27 14:57 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2020-07-27 14:57 - 2020-07-27 14:57 - 000089088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2020-07-27 14:57 - 2020-07-27 14:57 - 000312320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2020-07-27 14:57 - 2020-07-27 14:57 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-09-09 20:57 - 2020-09-09 20:57 - 000085504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LanmanServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LanmanWorkstation => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MB3Service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NfsClnt => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MB3Service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NfsClnt => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\simptcp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2490165305-1638453623-257508744-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Open-Shell\ClassicExplorer64.dll [2018-08-18] (Open-Shell) [File not signed]
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Open-Shell\ClassicIEDLL_64.dll [2018-08-18] (Open-Shell) [File not signed]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Open-Shell\ClassicExplorer32.dll [2018-08-18] (Open-Shell) [File not signed]
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Open-Shell\ClassicIEDLL_32.dll [2018-08-18] (Open-Shell) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Open-Shell\ClassicExplorer64.dll [2018-08-18] (Open-Shell) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Open-Shell\ClassicExplorer32.dll [2018-08-18] (Open-Shell) [File not signed]
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\localhost -> localhost
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2016-07-16 12:47 - 2019-10-11 16:40 - 000000855 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost
 
2019-09-29 20:13 - 2019-09-29 20:13 - 000000440 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2490165305-1638453623-257508744-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 10.0.0.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
MSCONFIG\Services: AUEPLauncher => 2
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\StartupApproved\Run: => "OneDrive"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [UDP Query User{FCA55D5D-7C11-43D9-BE5C-AF42F4705963}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{FA87A6B8-3905-474D-8007-7A444EAD1613}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2B068F4C-AD4C-4CAD-A478-02D7224AB2ED}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C94A512A-482D-4332-843B-29B804F22DBB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3EBE2972-F1C6-4B63-9055-16A9896B355F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9B577813-145A-4B2A-974A-581F724B04CF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1E20A7E5-59B2-42F2-BED9-FB04D19643AE}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3DA20463-FDCA-456A-8F99-4A7721540B47}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{194FEEA0-9365-4201-9F22-1C18DED52A83}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{21A82943-4743-4655-9964-877F56AFD9E9}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{066146B5-2CFD-4617-984F-22B7E8118678}] => (Allow) C:\Users\David Jackson\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{C965D675-CDE4-4266-B9DA-A61A2E4A4F42}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{35945756-CD93-45B2-A6A1-049CEE154AA7}] => (Allow) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{A725234F-4FD1-4DB7-BE07-94450D19B0EC}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5077584C-12EC-4C37-B218-57E1B3C68DAC}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6A8A7E34-5E25-4311-8DC5-984F064772DD}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{20A72F54-35A3-4FCA-AF11-82BDB8D7D0B1}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{6693D3E3-2768-4BBC-A6D6-2E0E27B38073}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
 
==================== Restore Points =========================
 
08-10-2020 18:00:28 Scheduled Checkpoint
11-10-2020 23:11:30 Installed Dell Update for Windows 10.
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (10/12/2020 12:27:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: brave.exe, version: 86.1.15.72, time stamp: 0x5f7b649c
Faulting module name: SHELL32.dll_unloaded, version: 10.0.18362.1049, time stamp: 0x37e737cc
Exception code: 0xc0000005
Fault offset: 0x000000000027be0a
Faulting process id: 0x25e4
Faulting application start time: 0x01d6a08aa8129fc2
Faulting application path: C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
Faulting module path: SHELL32.dll
Report Id: 413f0fb4-0b98-4803-af34-90f4603e82b1
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (10/12/2020 12:00:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: brave.exe, version: 86.1.15.72, time stamp: 0x5f7b649c
Faulting module name: ole32.dll, version: 10.0.18362.1082, time stamp: 0x3340c819
Exception code: 0xc0000005
Fault offset: 0x00000000000a2e22
Faulting process id: 0x2aa8
Faulting application start time: 0x01d6a086f1505db9
Faulting application path: C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
Faulting module path: C:\WINDOWS\System32\ole32.dll
Report Id: a9332845-743a-4846-bc90-a0e08f308e0e
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (10/12/2020 11:52:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: brave.exe, version: 86.1.15.72, time stamp: 0x5f7b649c
Faulting module name: SHELL32.dll_unloaded, version: 10.0.18362.1049, time stamp: 0x37e737cc
Exception code: 0xc0000005
Fault offset: 0x000000000027be0a
Faulting process id: 0x1a58
Faulting application start time: 0x01d6a085b5055efd
Faulting application path: C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
Faulting module path: SHELL32.dll
Report Id: 9ec83d0d-c5fd-45b8-9f88-948e49f31e62
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (10/12/2020 11:41:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: brave.exe, version: 86.1.15.72, time stamp: 0x5f7b649c
Faulting module name: SHELL32.dll_unloaded, version: 10.0.18362.1049, time stamp: 0x37e737cc
Exception code: 0xc0000005
Fault offset: 0x000000000027be0a
Faulting process id: 0x20b4
Faulting application start time: 0x01d6a0844f8f7f84
Faulting application path: C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
Faulting module path: SHELL32.dll
Report Id: 941e2aee-214f-4193-9980-946214db61aa
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (10/12/2020 11:27:00 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: DAVIDDELL2)
Description: Application or service 'Intel® Dynamic Application Loader Host Interface Service' could not be restarted.
 
Error: (10/12/2020 11:27:00 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: DAVIDDELL2)
Description: Application or service 'Intel® Management and Security Application Local Management Service' could not be restarted.
 
Error: (10/12/2020 10:44:40 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SkypeApp.exe version 8.56.0.102 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 26a4
 
Start Time: 01d6a0780d579265
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeApp.exe
 
Report Id: 38fa6b73-c85d-4962-aeeb-143a7a427a89
 
Faulting package full name: Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c
 
Faulting package-relative application ID: App
 
Hang type: Quiesce
 
Error: (10/12/2020 10:13:12 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
 
System errors:
=============
Error: (10/12/2020 12:35:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AviraSecurity service failed to start due to the following error: 
The system cannot find the file specified.
 
Error: (10/12/2020 12:11:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AviraSecurity service failed to start due to the following error: 
The system cannot find the file specified.
 
Error: (10/12/2020 11:48:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AviraSecurity service failed to start due to the following error: 
The system cannot find the file specified.
 
Error: (10/12/2020 10:09:10 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AviraSecurity service failed to start due to the following error: 
The system cannot find the file specified.
 
Error: (10/12/2020 10:09:02 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 11:28:39 PM on ‎10/‎11/‎2020 was unexpected.
 
Error: (10/12/2020 10:08:22 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684A fatal error occurred processing the restoration data.
 
Error: (10/11/2020 10:57:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AviraSecurity service failed to start due to the following error: 
The system cannot find the file specified.
 
Error: (10/11/2020 10:50:33 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Downloaded Maps Manager service hung on starting.
 
 
Windows Defender:
===================================
Date: 2020-10-11 13:17:44.423
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.317.1232.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17400.5
Error code: 0x80070102
Error description: The wait operation timed out. 
 
Date: 2020-09-02 22:21:17.313
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.323.389.0
Previous security intelligence Version: 1.317.1232.0
Update Source: User
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version: 1.1.17400.5
Previous Engine Version: 1.1.17400.5
Error code: 0x80509004
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support. 
 
Date: 2020-09-02 22:21:17.313
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.323.389.0
Previous security intelligence Version: 1.317.1232.0
Update Source: User
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 1.1.17400.5
Previous Engine Version: 1.1.17400.5
Error code: 0x80509004
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support. 
 
Date: 2020-09-02 22:08:36.628
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.317.1232.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17400.5
Error code: 0x80070102
Error description: The wait operation timed out. 
 
Date: 2020-09-02 21:56:20.179
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.317.1232.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17400.5
Error code: 0x80072f8f
Error description: A security error occurred 
 
CodeIntegrity:
===================================
 
Date: 2020-10-11 12:53:22.178
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-09-30 18:30:03.769
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-09-08 19:37:46.524
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
==================== Memory info =========================== 
 
BIOS: Dell Inc. 1.10.0 01/09/2020
Motherboard: Dell Inc. 0RKTGR
Processor: Intel® Core™ i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 87%
Total physical RAM: 3960.65 MB
Available physical RAM: 491.85 MB
Total Virtual: 8373.12 MB
Available Virtual: 2631.56 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:100 GB) (Free:19 GB) NTFS
Drive d: () (Fixed) (Total:272 GB) (Free:244.84 GB) NTFS
Drive e: () (Fixed) (Total:272 GB) (Free:240.99 GB) NTFS
Drive f: () (Fixed) (Total:272.88 GB) (Free:265.95 GB) NTFS
 
\\?\Volume{3f430384-b413-4fd9-8d5a-36680837eb73}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.53 GB) NTFS
\\?\Volume{e34ef38a-3c5e-4b5c-8b7d-6e369a09d72f}\ (Image) (Fixed) (Total:11.76 GB) (Free:0.13 GB) NTFS
\\?\Volume{14ad7310-6585-44c2-acde-6de083ea88c1}\ (DELLSUPPORT) (Fixed) (Total:1.13 GB) (Free:0.05 GB) NTFS
\\?\Volume{7bd86504-d9e3-4a41-a225-36b9f05f67dd}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.6 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1AFE04F0)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

 

Attached Thumbnails

  • Screenshot (37).png
  • Screenshot (38).png

  • 0






Similar Topics


Also tagged with one or more of these keywords: windows 10, password login, fake login screen

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP