[daba]

Thank you. We don't have wifi here. I'm on a cable connection. At this precise moment, everything appears to be going smoothly. That's part of what's so annoying about it: the randomness. I'm typing fine now; whereas, the previous message took me forever to type out due to all the skipping and missed strikes. I'll watch it for a while and consider your older driver idea. Thank you.

[Advertisements]

If you are on a cable then go into Device Manager and disable the Wireless adapter.  Perhaps that's all we need to do to stop the WHEA errors.

[RKinner]

If you are on a cable then go into Device Manager and disable the Wireless adapter.  Perhaps that's all we need to do to stop the WHEA errors.

[daba]

Thank you. Okay, I've disabled it. I'll observe for a while and let you know how it's performing in the next couple of days. 

[daba]

Hello. Trust you're well. Well, today I was going to write to let you know that all is well and that disabling the wireless adapter sorted everything out and - until today - that was the case. But when I began typing in my password at start-up, whadyaknow if it didn't have some lag and skip. So I don't know, it's weird. No need to suggest anything further for the present: let me see how it goes over the weekend. I need things to be alright because I'm thinking of doing a Tefl course and it will be online so will need to be able to type umimpeded. See, and right this minute, all is well. Sporadic. Thank you.

[daba]

Well, it's gotten much worse as the afternoon progressed. Turned off Touchpad and tried Mouse, didn't change anything. Going to try this:  even though I think it's something else. The touchpad beeping thing. Managed it without breaking it. Perfectly aligned so not that. But now it's typing fine - for the moment. Intermittent mayhem. There are only two touch interfaces, right? Maybe I should try and see how the touchpad is connecting - but I don't trust myself to take it to bits. (Could it be some whacky Windows 10 touchpad thing? Would changing the sensitivity help: it's on medium I think at the moment). I also searched on YouTube for Dell Beeps and there was something but it was about a 5 beep burst on start-up. That's not my issue. Thank you. 

[RKinner]

Does VEW show any errors?

[daba]

THank you. Really bad skipping now.

Vino's Event Viewer v01c run on Windows 7 in English

Report run at 10/10/2020 8:05:02 PM

 

Note: All dates below are in the format dd/mm/yyyy

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'Application' Log - Critical Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'Application' Log - Error Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log: 'Application' Date/Time: 10/10/2020 6:48:13 PM

Type: Error Category: 0

Event: 8193 Source: VSS

Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress. . 

 

Log: 'Application' Date/Time: 10/10/2020 6:48:13 PM

Type: Error Category: 0

Event: 13 Source: VSS

Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] 

 

Log: 'Application' Date/Time: 10/10/2020 6:48:12 PM

Type: Error Category: 0

Event: 8193 Source: VSS

Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress. . 

 

Log: 'Application' Date/Time: 10/10/2020 6:48:12 PM

Type: Error Category: 0

Event: 13 Source: VSS

Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] 

 

Log: 'Application' Date/Time: 10/10/2020 11:56:10 AM

Type: Error Category: 0

Event: 1023 Source: Microsoft-Windows-Perflib

Windows cannot load the extensible counter DLL "C:\WINDOWS\system32\sysmain.dll" (Win32 error code The specified module could not be found.).

 

Log: 'Application' Date/Time: 10/10/2020 10:52:53 AM

Type: Error Category: 0

Event: 1020 Source: Microsoft-Windows-Perflib

The required buffer size is greater than the buffer size passed to the Collect function of the "C:\Windows\System32\perfts.dll" Extensible Counter DLL for the "LSM" service. The given buffer size was 19760 and the required size was 28440.

 

Log: 'Application' Date/Time: 10/10/2020 9:36:04 AM

Type: Error Category: 0

Event: 0 Source: Office 2016 Licensing Service

The event description cannot be found.

 

Log: 'Application' Date/Time: 09/10/2020 10:22:57 AM

Type: Error Category: 0

Event: 1020 Source: Microsoft-Windows-Perflib

The required buffer size is greater than the buffer size passed to the Collect function of the "C:\Windows\System32\perfts.dll" Extensible Counter DLL for the "LSM" service. The given buffer size was 20672 and the required size was 30464.

 

Log: 'Application' Date/Time: 08/10/2020 11:41:28 PM

Type: Error Category: 0

Event: 8193 Source: VSS

Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress. . 

 

Log: 'Application' Date/Time: 08/10/2020 11:41:28 PM

Type: Error Category: 0

Event: 13 Source: VSS

Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] 

 

Log: 'Application' Date/Time: 08/10/2020 11:41:27 PM

Type: Error Category: 0

Event: 8193 Source: VSS

Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress. . 

 

Log: 'Application' Date/Time: 08/10/2020 11:41:27 PM

Type: Error Category: 0

Event: 13 Source: VSS

Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] 

 

Log: 'Application' Date/Time: 08/10/2020 9:42:48 PM

Type: Error Category: 0

Event: 1023 Source: Microsoft-Windows-Perflib

Windows cannot load the extensible counter DLL "C:\WINDOWS\system32\sysmain.dll" (Win32 error code The specified module could not be found.).

 

Log: 'Application' Date/Time: 08/10/2020 10:06:37 AM

Type: Error Category: 0

Event: 0 Source: Office 2016 Licensing Service

The event description cannot be found.

 

Log: 'Application' Date/Time: 07/10/2020 8:32:29 AM

Type: Error Category: 0

Event: 0 Source: Office 2016 Licensing Service

The event description cannot be found.

 

Log: 'Application' Date/Time: 06/10/2020 7:39:27 AM

Type: Error Category: 0

Event: 0 Source: Office 2016 Licensing Service

The event description cannot be found.

 

Log: 'Application' Date/Time: 05/10/2020 10:22:28 PM

Type: Error Category: 17

Event: 4622 Source: Microsoft-Windows-EventSystem

The COM+ Event System could not marshal the subscriber for subscription {290AF5B8-6515-4A18-ABB9-F5C3B6368AD4}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}.  The HRESULT was 8007071a.

 

Log: 'Application' Date/Time: 05/10/2020 8:43:08 AM

Type: Error Category: 0

Event: 0 Source: Office 2016 Licensing Service

The event description cannot be found.

 

Log: 'Application' Date/Time: 04/10/2020 12:59:19 PM

Type: Error Category: 0

Event: 1023 Source: Microsoft-Windows-Perflib

Windows cannot load the extensible counter DLL "C:\WINDOWS\system32\sysmain.dll" (Win32 error code The specified module could not be found.).

 

Log: 'Application' Date/Time: 04/10/2020 9:56:52 AM

Type: Error Category: 0

Event: 0 Source: Office 2016 Licensing Service

The event description cannot be found.

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'Application' Log - Warning Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log: 'Application' Date/Time: 10/10/2020 6:56:48 PM

Type: Warning Category: 0

Event: 8233 Source: Microsoft-Windows-Security-SPP

The rules engine reported a failed VL activation attempt. Reason:0xC004F074 AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=UserLogon(1)

 

Log: 'Application' Date/Time: 10/10/2020 5:10:32 PM

Type: Warning Category: 0

Event: 8233 Source: Microsoft-Windows-Security-SPP

The rules engine reported a failed VL activation attempt. Reason:0xC004F074 AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=NetworkAvailable

 

Log: 'Application' Date/Time: 10/10/2020 5:10:25 PM

Type: Warning Category: 0

Event: 8233 Source: Microsoft-Windows-Security-SPP

The rules engine reported a failed VL activation attempt. Reason:0xC004F074 AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=TimerEvent

 

Log: 'Application' Date/Time: 10/10/2020 11:57:23 AM

Type: Warning Category: 0

Event: 8233 Source: Microsoft-Windows-Security-SPP

The rules engine reported a failed VL activation attempt. Reason:0xC004F074 AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=UserLogon(1)

 

Log: 'Application' Date/Time: 10/10/2020 11:56:08 AM

Type: Warning Category: 0

Event: 1008 Source: Microsoft-Windows-Perflib

The Open procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed with error code The system cannot find the file specified.. Performance data for this service will not be available.

 

Log: 'Application' Date/Time: 10/10/2020 11:33:50 AM

Type: Warning Category: 0

Event: 8233 Source: Microsoft-Windows-Security-SPP

The rules engine reported a failed VL activation attempt. Reason:0xC004F074 AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=TimerEvent

 

Log: 'Application' Date/Time: 10/10/2020 11:19:51 AM

Type: Warning Category: 0

Event: 10010 Source: Microsoft-Windows-RestartManager

Application 'C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe' (pid 10576) cannot be restarted - Application SID does not match Conductor SID..

 

Log: 'Application' Date/Time: 10/10/2020 9:33:35 AM

Type: Warning Category: 0

Event: 8233 Source: Microsoft-Windows-Security-SPP

The rules engine reported a failed VL activation attempt. Reason:0xC004F074 AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=NetworkAvailable

 

Log: 'Application' Date/Time: 10/10/2020 9:24:55 AM

Type: Warning Category: 0

Event: 8233 Source: Microsoft-Windows-Security-SPP

The rules engine reported a failed VL activation attempt. Reason:0xC004F074 AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=UserLogon(3)

 

Log: 'Application' Date/Time: 10/10/2020 9:24:49 AM

Type: Warning Category: 0

Event: 8233 Source: Microsoft-Windows-Security-SPP

The rules engine reported a failed VL activation attempt. Reason:0xC004F074 AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=TimerEvent

 

Log: 'Application' Date/Time: 09/10/2020 10:19:10 PM

Type: Warning Category: 0

Event: 8233 Source: Microsoft-Windows-Security-SPP

The rules engine reported a failed VL activation attempt. Reason:0xC004F074 AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=TimerEvent

 

Log: 'Application' Date/Time: 09/10/2020 8:19:10 PM

Type: Warning Category: 0

Event: 8233 Source: Microsoft-Windows-Security-SPP

The rules engine reported a failed VL activation attempt. Reason:0xC004F074 AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=TimerEvent

 

Log: 'Application' Date/Time: 09/10/2020 6:19:10 PM

Type: Warning Category: 0

Event: 8233 Source: Microsoft-Windows-Security-SPP

The rules engine reported a failed VL activation attempt. Reason:0xC004F074 AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=TimerEvent

 

Log: 'Application' Date/Time: 09/10/2020 4:19:10 PM

Type: Warning Category: 0

Event: 8233 Source: Microsoft-Windows-Security-SPP

The rules engine reported a failed VL activation attempt. Reason:0xC004F074 AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=TimerEvent

 

Log: 'Application' Date/Time: 09/10/2020 2:19:10 PM

Type: Warning Category: 0

Event: 8233 Source: Microsoft-Windows-Security-SPP

The rules engine reported a failed VL activation attempt. Reason:0xC004F074 AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=TimerEvent

 

Log: 'Application' Date/Time: 09/10/2020 12:19:12 PM

Type: Warning Category: 0

Event: 8233 Source: Microsoft-Windows-Security-SPP

The rules engine reported a failed VL activation attempt. Reason:0xC004F074 AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=TimerEvent

 

Log: 'Application' Date/Time: 09/10/2020 10:19:10 AM

Type: Warning Category: 0

Event: 8233 Source: Microsoft-Windows-Security-SPP

The rules engine reported a failed VL activation attempt. Reason:0xC004F074 AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=UserLogon(2)

 

Log: 'Application' Date/Time: 09/10/2020 10:18:18 AM

Type: Warning Category: 0

Event: 8233 Source: Microsoft-Windows-Security-SPP

The rules engine reported a failed VL activation attempt. Reason:0xC004F074 AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=NetworkAvailable

 

Log: 'Application' Date/Time: 09/10/2020 10:17:54 AM

Type: Warning Category: 0

Event: 8233 Source: Microsoft-Windows-Security-SPP

The rules engine reported a failed VL activation attempt. Reason:0xC004F074 AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=TimerEvent

 

Log: 'Application' Date/Time: 08/10/2020 11:45:06 PM

Type: Warning Category: 0

Event: 8233 Source: Microsoft-Windows-Security-SPP

The rules engine reported a failed VL activation attempt. Reason:0xC004F074 AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=NetworkAvailable

 

Vino's Event Viewer v01c run on Windows 7 in English

Report run at 10/10/2020 8:07:10 PM

 

Note: All dates below are in the format dd/mm/yyyy

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'System' Log - Critical Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log: 'System' Date/Time: 15/08/2020 8:17:28 AM

Type: Critical Category: 63

Event: 41 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

 

Log: 'System' Date/Time: 04/08/2020 9:02:29 PM

Type: Critical Category: 63

Event: 41 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

 

Log: 'System' Date/Time: 26/07/2020 1:48:10 PM

Type: Critical Category: 63

Event: 41 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

 

Log: 'System' Date/Time: 03/07/2020 1:43:50 PM

Type: Critical Category: 63

Event: 41 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'System' Log - Error Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log: 'System' Date/Time: 09/10/2020 10:22:36 AM

Type: Error Category: 0

Event: 7030 Source: Service Control Manager

The AMD User Experience Program Launcher service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

 

Log: 'System' Date/Time: 08/10/2020 11:42:07 PM

Type: Error Category: 0

Event: 7024 Source: Service Control Manager

The Avira Scheduler service terminated with the following service-specific error:  Incorrect function.

 

Log: 'System' Date/Time: 08/10/2020 5:32:01 PM

Type: Error Category: 0

Event: 10010 Source: Microsoft-Windows-DistributedCOM

The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.

 

Log: 'System' Date/Time: 08/10/2020 5:29:58 PM

Type: Error Category: 0

Event: 10010 Source: Microsoft-Windows-DistributedCOM

The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.

 

Log: 'System' Date/Time: 08/10/2020 5:27:58 PM

Type: Error Category: 0

Event: 10010 Source: Microsoft-Windows-DistributedCOM

The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.

 

Log: 'System' Date/Time: 06/10/2020 10:27:48 PM

Type: Error Category: 0

Event: 10010 Source: Microsoft-Windows-DistributedCOM

The server microsoft.windowscommunicationsapps_16005.12624.20368.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout.

 

Log: 'System' Date/Time: 04/10/2020 12:50:23 PM

Type: Error Category: 0

Event: 10010 Source: Microsoft-Windows-DistributedCOM

The server microsoft.windowscommunicationsapps_16005.12624.20368.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout.

 

Log: 'System' Date/Time: 02/10/2020 10:34:10 PM

Type: Error Category: 0

Event: 5 Source: BTHUSB

The Bluetooth driver expected an HCI event with a certain size but did not receive it.

 

Log: 'System' Date/Time: 02/10/2020 10:31:21 PM

Type: Error Category: 0

Event: 5 Source: BTHUSB

The Bluetooth driver expected an HCI event with a certain size but did not receive it.

 

Log: 'System' Date/Time: 02/10/2020 10:30:49 PM

Type: Error Category: 0

Event: 5 Source: BTHUSB

The Bluetooth driver expected an HCI event with a certain size but did not receive it.

 

Log: 'System' Date/Time: 27/09/2020 8:34:52 PM

Type: Error Category: 0

Event: 7024 Source: Service Control Manager

The Avira Scheduler service terminated with the following service-specific error:  Incorrect function.

 

Log: 'System' Date/Time: 27/09/2020 8:33:57 PM

Type: Error Category: 0

Event: 7043 Source: Service Control Manager

The Windows Update service did not shut down properly after receiving a preshutdown control.

 

Log: 'System' Date/Time: 16/09/2020 1:38:45 PM

Type: Error Category: 0

Event: 10010 Source: Microsoft-Windows-DistributedCOM

The server microsoft.windowscommunicationsapps_16005.12624.20368.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout.

 

Log: 'System' Date/Time: 09/09/2020 8:30:01 PM

Type: Error Category: 0

Event: 7024 Source: Service Control Manager

The Avira Scheduler service terminated with the following service-specific error:  Incorrect function.

 

Log: 'System' Date/Time: 02/09/2020 9:33:01 PM

Type: Error Category: 0

Event: 7024 Source: Service Control Manager

The Avira Scheduler service terminated with the following service-specific error:  Incorrect function.

 

Log: 'System' Date/Time: 02/09/2020 8:56:16 PM

Type: Error Category: 1

Event: 20 Source: Microsoft-Windows-WindowsUpdateClient

Installation Failure: Windows failed to install the following update with error 0x8024001E: Security Intelligence Update for Microsoft Defender Antivirus - KB2267602 (Version 1.323.392.0).

 

Log: 'System' Date/Time: 02/09/2020 5:32:41 PM

Type: Error Category: 0

Event: 7022 Source: Service Control Manager

The Update Orchestrator Service service hung on starting.

 

Log: 'System' Date/Time: 02/09/2020 4:43:03 PM

Type: Error Category: 0

Event: 10005 Source: Microsoft-Windows-DistributedCOM

DCOM got error "1084" attempting to start the service RmSvc with arguments "Unavailable" in order to run the server: {581333F6-28DB-41BE-BC7A-FF201F12F3F6}

 

Log: 'System' Date/Time: 02/09/2020 4:43:03 PM

Type: Error Category: 0

Event: 10005 Source: Microsoft-Windows-DistributedCOM

DCOM got error "1084" attempting to start the service RmSvc with arguments "Unavailable" in order to run the server: {581333F6-28DB-41BE-BC7A-FF201F12F3F6}

 

Log: 'System' Date/Time: 02/09/2020 4:42:19 PM

Type: Error Category: 0

Event: 10005 Source: Microsoft-Windows-DistributedCOM

DCOM got error "1084" attempting to start the service DispBrokerDesktopSvc with arguments "Unavailable" in order to run the server: DispBrokerDesktop.GlobalBrokerInstance

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'System' Log - Warning Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log: 'System' Date/Time: 10/10/2020 7:04:10 PM

Type: Warning Category: 0

Event: 10016 Source: Microsoft-Windows-DistributedCOM

The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}  and APPID  {15C20B67-12E7-4BB6-92BB-7AFF07997402}  to the user DAVIDDELL2\David Jackson SID (S-1-5-21-2490165305-1638453623-257508744-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

 

Log: 'System' Date/Time: 10/10/2020 7:03:36 PM

Type: Warning Category: 0

Event: 17 Source: Microsoft-Windows-WHEA-Logger

A corrected hardware error has occurred.  Component: PCI Express Root Port Error Source: Advanced Error Reporting (PCI Express)  Primary Bus:Device:Function: 0x0:0x1C:0x5 Secondary Bus:Device:Function: 0x0:0x0:0x0 Primary Device Name:PCI\VEN_8086&DEV_9D15&SUBSYS_08411028&REV_F1 Secondary Device Name:

 

Log: 'System' Date/Time: 10/10/2020 6:58:35 PM

Type: Warning Category: 0

Event: 17 Source: Microsoft-Windows-WHEA-Logger

A corrected hardware error has occurred.  Component: PCI Express Root Port Error Source: Advanced Error Reporting (PCI Express)  Primary Bus:Device:Function: 0x0:0x1C:0x5 Secondary Bus:Device:Function: 0x0:0x0:0x0 Primary Device Name:PCI\VEN_8086&DEV_9D15&SUBSYS_08411028&REV_F1 Secondary Device Name:

 

Log: 'System' Date/Time: 10/10/2020 6:50:43 PM

Type: Warning Category: 7

Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power

The speed of processor 7 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.

 

Log: 'System' Date/Time: 10/10/2020 6:49:35 PM

Type: Warning Category: 0

Event: 1 Source: rt640x64

Realtek PCIe GBE Family Controller is disconnected from network.

 

Log: 'System' Date/Time: 10/10/2020 6:49:32 PM

Type: Warning Category: 212

Event: 219 Source: Microsoft-Windows-Kernel-PnP

The driver \Driver\WudfRd failed to load for the device ACPI\INT3400\2&daba3ff&1.

 

Log: 'System' Date/Time: 10/10/2020 5:17:59 PM

Type: Warning Category: 0

Event: 10016 Source: Microsoft-Windows-DistributedCOM

The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user DAVIDDELL2\David Jackson SID (S-1-5-21-2490165305-1638453623-257508744-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ShellExperienceHost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708). This security permission can be modified using the Component Services administrative tool.

 

Log: 'System' Date/Time: 10/10/2020 5:17:53 PM

Type: Warning Category: 0

Event: 10016 Source: Microsoft-Windows-DistributedCOM

The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user DAVIDDELL2\David Jackson SID (S-1-5-21-2490165305-1638453623-257508744-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ShellExperienceHost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708). This security permission can be modified using the Component Services administrative tool.

 

Log: 'System' Date/Time: 10/10/2020 5:15:10 PM

Type: Warning Category: 0

Event: 10016 Source: Microsoft-Windows-DistributedCOM

The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user DAVIDDELL2\David Jackson SID (S-1-5-21-2490165305-1638453623-257508744-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ShellExperienceHost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708). This security permission can be modified using the Component Services administrative tool.

 

Log: 'System' Date/Time: 10/10/2020 5:14:19 PM

Type: Warning Category: 0

Event: 10016 Source: Microsoft-Windows-DistributedCOM

The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user DAVIDDELL2\David Jackson SID (S-1-5-21-2490165305-1638453623-257508744-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ShellExperienceHost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708). This security permission can be modified using the Component Services administrative tool.

 

Log: 'System' Date/Time: 10/10/2020 5:13:51 PM

Type: Warning Category: 0

Event: 10016 Source: Microsoft-Windows-DistributedCOM

The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}  and APPID  {15C20B67-12E7-4BB6-92BB-7AFF07997402}  to the user DAVIDDELL2\David Jackson SID (S-1-5-21-2490165305-1638453623-257508744-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

 

Log: 'System' Date/Time: 10/10/2020 5:11:07 PM

Type: Warning Category: 0

Event: 10016 Source: Microsoft-Windows-DistributedCOM

The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}  and APPID  {15C20B67-12E7-4BB6-92BB-7AFF07997402}  to the user DAVIDDELL2\David Jackson SID (S-1-5-21-2490165305-1638453623-257508744-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

 

Log: 'System' Date/Time: 10/10/2020 5:09:52 PM

Type: Warning Category: 0

Event: 17 Source: Microsoft-Windows-WHEA-Logger

A corrected hardware error has occurred.  Component: PCI Express Root Port Error Source: Advanced Error Reporting (PCI Express)  Primary Bus:Device:Function: 0x0:0x1C:0x5 Secondary Bus:Device:Function: 0x0:0x0:0x0 Primary Device Name:PCI\VEN_8086&DEV_9D15&SUBSYS_08411028&REV_F1 Secondary Device Name:

 

Log: 'System' Date/Time: 10/10/2020 5:09:52 PM

Type: Warning Category: 0

Event: 17 Source: Microsoft-Windows-WHEA-Logger

A corrected hardware error has occurred.  Component: PCI Express Root Port Error Source: Advanced Error Reporting (PCI Express)  Primary Bus:Device:Function: 0x0:0x1C:0x5 Secondary Bus:Device:Function: 0x0:0x0:0x0 Primary Device Name:PCI\VEN_8086&DEV_9D15&SUBSYS_08411028&REV_F1 Secondary Device Name:

 

Log: 'System' Date/Time: 10/10/2020 5:09:50 PM

Type: Warning Category: 0

Event: 1 Source: rt640x64

Realtek PCIe GBE Family Controller is disconnected from network.

 

Log: 'System' Date/Time: 10/10/2020 12:01:39 PM

Type: Warning Category: 0

Event: 10016 Source: Microsoft-Windows-DistributedCOM

The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}  and APPID  {15C20B67-12E7-4BB6-92BB-7AFF07997402}  to the user DAVIDDELL2\David Jackson SID (S-1-5-21-2490165305-1638453623-257508744-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

 

Log: 'System' Date/Time: 10/10/2020 11:59:23 AM

Type: Warning Category: 0

Event: 10016 Source: Microsoft-Windows-DistributedCOM

The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  Windows.SecurityCenter.WscBrokerManager  and APPID  Unavailable  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

 

Log: 'System' Date/Time: 10/10/2020 11:59:23 AM

Type: Warning Category: 0

Event: 10016 Source: Microsoft-Windows-DistributedCOM

The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  Windows.SecurityCenter.SecurityAppBroker  and APPID  Unavailable  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

 

Log: 'System' Date/Time: 10/10/2020 11:55:58 AM

Type: Warning Category: 7

Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power

The speed of processor 7 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.

 

Log: 'System' Date/Time: 10/10/2020 11:54:50 AM

Type: Warning Category: 0

Event: 1 Source: rt640x64

Realtek PCIe GBE Family Controller is disconnected from network.

 

[RKinner]

It is still showing the same error:

 

Log: 'System' Date/Time: 10/10/2020 6:58:35 PM

Type: Warning Category: 0

Event: 17 Source: Microsoft-Windows-WHEA-Logger

A corrected hardware error has occurred.  Component: PCI Express Root Port Error Source: Advanced Error Reporting (PCI Express)  Primary Bus:Device:Function: 0x0:0x1C:0x5 Secondary Bus:Device:Function: 0x0:0x0:0x0 Primary Device Name:PCI\VEN_8086&DEV_9D15&SUBSYS_08411028&REV_F1 Secondary Device Name:

 

Did the WiFi get turned on again somehow?  Normally this is a separate little circuit board so if you do decide to open up the back you might try removing it.

 

Avira is having some problems so you might try a repair or reinstall of Avira.

[daba]

Hello and thank you. I daren't open the laptop. Once I've sorted out the antivirus I'll check the wireless adapter isn't turned back on. I think I may have inadvertently stumbled on the core issue: residual avira components interfering. I've always used Revo but it didn't fully uninstall everything this time because the default avira uninstaller wouldn't complete the initial uninstall (screenshot). The interwebs are full of disgruntled users who now cannot update Windows 10 at all, due to this. Mine is up to date, I did it yesterday. So I would be very grateful to you if you could assist me in somehow cleaning things up with Avira. I had planned to get rid of it and re-install Panda - or possiby AVG. But since it's still showing the launcher icon in the tray have to now work through this fix: https://support.avir...e-installation-

 

I can't make much sense out of it. There's an immediate problem with those instructions, well several actually. First of all, if I try and follow Start - Control Panel - Folder Options, there is no Folder Options.Second, point 4, delete the Avira Folders: how are you supposed to find them/see them/ know if you have them? Point 8: activate the avira antivirus control box.

 

I also tried updating my Dell drivers. It said they'd found 5 including an urgent BIOS one. I've read that beeps indicates a BIOS issue, could they be connected? Either way, the download just kept downloading for hours with no resolution so I wasn't able to proceed. Help, I think I'm drowning!

[daba]

Forgot the screenshot. Apologies.

Attached Thumbnails

• 

[RKinner]

Their instructions are for Win 7.  To see Win 10 hidden files:

 

http://www.howtogeek...-windows-vista/

 

If you still can't get it then post a new FRST scan and we will see if FRST can remove it.

 

For the Dell drivers it is best to just download one at a time rather than using their bulk downloader.

[daba]

Thanks very much for that. I'll do the drivers tonight and tomorrow try  the avira process. If I can't get it to work I'll post a FRST. Much obliged.

[daba]

Morning (here at least). Thank you for your ongoing support. I appreciate it. So just now there was a Dell notification telling me that Dell Digital Delivery app was not on my system, to download it from Microsoft. It says error at 3% download. Stuck. So that's one thing.

 

Another is that the drivers, some of them, that I installed last night (the installs were confirmed) are today still showing on the drivers to be installed list. I ran the install again and despite saying 'install successful' or however it's worded, they're still on the list. Screenshot attached. So I haven't gotten to the Avira thing yet. But on that subject, a dell notication said neither Defender nor Avira antivirus were running; yet when I click the icon Windows AV IS running. To top it all, the skipping is back with a vengeance. Thank you. Any ideas?

[RKinner]

Let's check your speed:

 

https://www.speedtest.net/

 

Is that about what you pay for?

 

The Dell Digital Delivery app is the bulk downloader.  I prefer not to use it.  If it shows up in your uninstall list try and uninstall it.

 

Perhaps it is time for another FRST scan.

[daba]

Thank you. Pease excuse the typng. Best I can do. Ping 27, D 9.13Mbps U0.55

Dell's OWN driver suggestions for intel hd grapic cardd says incompatible! Beeping lots when I move cursor. When I bought the laptop it came with a pirated  English windows from China (the authentic version is Chinese only so for expats that's what they do), can we check that it's 64 bit? Maybe the system is 32-bit but most normal Dell 3478 Vostros are 64? I don't know.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-10-2020

Ran by David Jackson (administrator) on DAVIDDELL2 (Dell Inc. Vostro 3478) (12-10-2020 13:32:47)

Running from C:\Users\David Jackson\Desktop

Loaded Profiles: David Jackson

Platform: Windows 10 Home Version 1909 18363.1082 (X64) Language: English (United States)

Default browser: "C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe" --single-argument %1

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe

(Advanced Micro Devices, Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe

(Advanced Micro Devices, Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe

(Advanced Micro Devices, Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPUF.exe

(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0359160.inf_amd64_77f1d6913ff60c38\B358802\atieclxx.exe

(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0359160.inf_amd64_77f1d6913ff60c38\B358802\atiesrxx.exe

(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe

(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe

(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe <16>

(Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe

(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe

(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe

(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\atiw.exe

(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe

(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe

(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe

(F.lux Software LLC -> f.lux Software LLC) C:\Users\David Jackson\AppData\Local\FluxSoftware\Flux\flux.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe

(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe

(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe

(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Intel® pGFX 2020 -> ) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_cf129e457c51e71b\OneApp.IGCC.WinService.exe

(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0ff9f497187b8bed\igfxCUIService.exe

(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0ff9f497187b8bed\igfxEM.exe

(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_020c2c7d3ac4a7d3\IntelCpHDCPSvc.exe

(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_020c2c7d3ac4a7d3\IntelCpHeciSvc.exe

(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe

(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe

(Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2009.7-0\MsMpEng.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2009.7-0\NisSrv.exe

(Open-Shell) [File not signed] C:\Program Files\Open-Shell\StartMenu.exe

(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7193.611\DSAPI.exe

(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe

(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>

(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeApp.exe

(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe

(VS Revo Group Ltd. -> VS Revo Group) C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe

(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe

(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe

 

==================== Registry (Whitelisted) ===================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [Open-Shell Start Menu] => C:\Program Files\Open-Shell\StartMenu.exe [216576 2018-08-18] (Open-Shell) [File not signed]

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [318920 2019-05-30] (Intel® Rapid Storage Technology -> Intel Corporation)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

HKLM\...\Run: [WavesSvc] => c:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1235160 2019-09-26] (Waves Inc -> Waves Audio Ltd.)

HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [704720 2020-09-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\Run: [f.lux] => C:\Users\David Jackson\AppData\Local\FluxSoftware\Flux\flux.exe [1469968 2020-06-17] (F.lux Software LLC -> f.lux Software LLC)

HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe [2095272 2020-10-07] (Brave Software, Inc. -> Brave Software, Inc.)

HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.121\Installer\chrmstp.exe [2020-09-23] (Google LLC -> Google LLC)

HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\86.1.15.72\Installer\chrmstp.exe [2020-10-07] (Brave Software, Inc. -> Brave Software, Inc.)

HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

 

==================== Scheduled Tasks (Whitelisted) ============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {044E1B9A-370F-4F6F-BADB-0A0F0DA37B38} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-09-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

Task: {07206806-A807-414D-921E-5C3716C28B53} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [660688 2020-09-14] (Mozilla Corporation -> Mozilla Foundation)

Task: {11FCF4AA-3F7D-4378-967A-F69D76B06EE6} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_pepper.exe [1497656 2020-09-08] (Adobe Inc. -> Adobe)

Task: {1628DE49-B22E-47A2-9958-9B7685BB85C5} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)

Task: {1EC872FD-257A-42A2-A96F-1FE2A48525A3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {1FEE1AB6-7875-4C51-8A22-DFEA95CAE2DE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

Task: {21502A61-3EEA-4DD4-BEB9-730C9B04E2CE} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [30106496 2020-10-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

Task: {2D9B5C67-AA2D-4FE1-8F01-EEA440144BCF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {529BF201-0512-4F97-A595-3A1659566AD9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {5FC8279F-34E1-4E48-96E4-05997EF10D17} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe

Task: {74F7F83F-2E3D-47E4-AB60-9AD942D901C5} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK

Task: {75198F92-0F54-4164-926B-3AA5947FE1E3} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe

Task: {85493095-4007-4EB6-9694-D88CFAE7F7AE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

Task: {8A38CDAD-EF90-4699-B677-E6471EE6F8F7} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-09-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

Task: {8A408B5D-FB1B-4DEC-B6C8-7B2A2CC01B52} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-09-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

Task: {8BBD9E48-D1AD-4C50-9E18-A1023B11A20C} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1045976 2020-09-01] (Dell Inc. -> Dell Inc.)

Task: {8E9545BB-8354-41B5-B7EB-2FBE21D68677} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe

Task: {8EEC5CF0-6E3A-4C54-8E3A-812E083C98B1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

Task: {9501F0CA-ADFF-4560-8128-A85B9067C8B7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {A2E715DF-301D-4D24-868D-15650F4A0840} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645240 2020-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

Task: {BB8CD43C-4901-4FC2-AA25-E43E380B45FF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-24] (Google LLC -> Google LLC)

Task: {DCA8B5F6-E9BC-44A1-B703-96C3D0C61484} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)

Task: {E2784EE5-9C34-4A29-B50A-7D4BC89E782E} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645240 2020-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

Task: {E7611AFD-1B56-4D55-AE60-0C0DE6CB3B2D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-24] (Google LLC -> Google LLC)

Task: {EC8B1B18-0FAC-4DC3-9501-10DB2041BDAC} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-08] (Adobe Inc. -> Adobe)

Task: {F3BD7406-3407-4868-B770-5B166A045ADE} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)

Task: {F8288A4A-A5E8-414C-9179-FF7E716E29AB} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645240 2020-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

Tcpip\Parameters: [DhcpNameServer] 10.0.0.254

Tcpip\..\Interfaces\{8c70cad8-062e-4f13-8ce5-2a31ab038f35}: [DhcpNameServer] 10.0.0.254

Tcpip\..\Interfaces\{b3d91cbd-008e-4ca0-a438-0fc4de714817}: [DhcpNameServer] 8.8.8.8

Tcpip\..\Interfaces\{e74bf68f-123f-41dc-be80-cfca9c0eab71}: [DhcpNameServer] 192.168.88.1 192.168.1.1

 

FireFox:

========

FF DefaultProfile: 58x27176.default-1552496324060

FF ProfilePath: C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060 [2020-10-04]

FF Extension: (Clear Cache) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2019-07-10]

FF Extension: (Reverso – Translation, dictionary) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2020-07-21]

FF Extension: (Simple Translate) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2020-05-11]

FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2020-07-21]

FF Extension: (uBlock Origin) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2020-09-02]

FF Extension: (Avast Online Security) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2020-04-10] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/aos/update.json]

FF Extension: (Startpage.com — Private Search Engine) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\{20fc2e06-e3e4-4b2b-812b-ab431220cada}.xpi [2019-10-27]

FF Extension: (Zhongwen: Chinese-English Dictionary) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\{b65c7bc6-846b-4f65-b6ed-099d7e042309}.xpi [2019-03-14] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)

FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)

FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)

FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)

FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)

FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [No File]

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [No File]

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [No File]

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)

FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-09-11] (Adobe Inc. -> Adobe Systems Inc.)

 

Chrome: 

=======

CHR Profile: C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default [2020-10-11]

CHR Extension: (Slides) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-24]

CHR Extension: (Docs) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-24]

CHR Extension: (Google Drive) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-04-24]

CHR Extension: (YouTube) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-24]

CHR Extension: (Avira Safe Shopping) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2020-09-10]

CHR Extension: (uBlock Origin) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-09-27]

CHR Extension: (Sheets) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-24]

CHR Extension: (Google Docs Offline) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-27]

CHR Extension: (Avast Online Security) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-09-10]

CHR Extension: (Chrome Web Store Payments) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-24]

CHR Extension: (Gmail) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-04-24]

CHR Extension: (Chrome Media Router) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-10]

CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]

CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]

CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

 

==================== Services (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)

S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-08] (Adobe Inc. -> Adobe)

R2 AUEPLauncher; C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPLauncher.exe [61624 2020-09-10] (Advanced Micro Devices, Inc. -> AMD)

R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2988544 2020-06-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [384544 2020-10-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)

S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)

R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [284720 2020-08-08] (Dell Technologies Inc. -> Dell Technologies Inc.)

R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3563568 2020-08-08] (Dell Technologies Inc. -> Dell Technologies Inc.)

R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [490032 2020-08-08] (Dell Technologies Inc. -> Dell Technologies Inc.)

R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [40656 2020-04-09] (Dell Inc -> )

R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7193.611\DSAPI.exe [987632 2020-10-10] (PC-Doctor, Inc. -> PC-Doctor, Inc.)

R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [37056 2020-07-29] (Dell Inc -> )

R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31704 2020-09-01] (Dell Inc. -> Dell Inc.)

R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\NisSrv.exe [2372048 2020-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MsMpEng.exe [128376 2020-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)

S2 AviraSecurity; "C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe" [X]

 

===================== Drivers (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project)

R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

S3 asvpndrv; C:\WINDOWS\System32\drivers\asvpndrv.sys [31744 2014-05-18] (Astrill -> Astrill)

R4 DBUtil_2_3; C:\WINDOWS\TEMP\DBUtil_2_3.Sys [14840 2020-10-12] (Dell Inc. -> )

R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [42376 2020-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)

U5 PROCMON24; C:\Windows\System32\Drivers\PROCMON24.sys [97176 2019-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Sysinternals - www.sysinternals.com)

S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)

S3 rspWhySoSlow; C:\WINDOWS\System32\DRIVERS\rspWhy64.sys [28928 2016-12-17] (Daniel Terhell -> Resplendence Software Projects Sp.)

S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-10-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [428264 2020-10-11] (Microsoft Windows -> Microsoft Corporation)

R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69864 2020-10-11] (Microsoft Windows -> Microsoft Corporation)

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One month (created) ===================

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2020-10-12 13:32 - 2020-10-12 13:35 - 000026747 _____ C:\Users\David Jackson\Desktop\FRST.txt

2020-10-12 13:32 - 2020-10-12 13:32 - 002299392 _____ (Farbar) C:\Users\David Jackson\Desktop\FRST64 (1).exe

2020-10-12 12:38 - 2020-10-12 12:38 - 000003132 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher

2020-10-12 12:38 - 2020-10-12 12:38 - 000003118 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate

2020-10-12 12:21 - 2020-10-12 12:27 - 383118040 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Intel-HD-Graphics-Driver_82KT0_WIN_26.20.100.7263_A04 (1).EXE

2020-10-12 12:07 - 2020-10-12 12:07 - 000000000 ____D C:\WINDOWS\system32\ihvmanager

2020-10-12 11:54 - 2020-10-12 12:00 - 383118040 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Intel-HD-Graphics-Driver_82KT0_WIN_26.20.100.7263_A04.EXE

2020-10-12 11:51 - 2020-10-12 11:51 - 000610384 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\SupportAssistLauncher (1).exe

2020-10-12 11:40 - 2020-10-12 11:41 - 103156624 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Qualcomm-QCA61x4A-QCA9377-WiFi-and-Bluetooth-Driver_4747J_WIN_12.0.0.916_A33 (1).EXE

2020-10-11 23:21 - 2020-10-11 23:21 - 014363136 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\SupportAssist-Update-Plugin-Application_VN1DC_WIN_5.2.1.12926_A00.EXE

2020-10-11 23:10 - 2020-10-11 23:10 - 000000000 ____D C:\WINDOWS\{11A89B9C-E4A8-479A-9C38-07489C2FC153}

2020-10-11 23:09 - 2020-10-11 23:10 - 026781280 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Dell-Update-Application-for-Windows-10_26GC8_WIN_3.1.3_A00.EXE

2020-10-11 23:07 - 2020-10-11 23:07 - 010339496 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Dell-Mobile-Connect-Driver_6YDGY_WIN_3.1_A00.EXE

2020-10-11 23:04 - 2020-10-12 12:54 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services

2020-10-11 23:04 - 2020-10-11 23:04 - 000000000 ____D C:\Program Files (x86)\DummyDir

2020-10-11 23:00 - 2020-10-11 23:02 - 084948256 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Dell-Alienware-Digital-Delivery-Application_9MRKW_WIN_4.0.52.0_A17.EXE

2020-10-11 22:53 - 2020-10-11 22:53 - 000001077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves MaxxAudioPro.lnk

2020-10-11 22:53 - 2020-10-11 22:53 - 000000000 ____D C:\Program Files\Waves

2020-10-11 22:51 - 2020-10-11 22:52 - 000000000 ____D C:\WINDOWS\LastGood.Tmp

2020-10-11 22:47 - 2020-02-17 23:36 - 024942088 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioCapture64.dll

2020-10-11 22:47 - 2020-02-17 23:36 - 024161688 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRenderAVX64.dll

2020-10-11 22:47 - 2020-02-17 23:36 - 024063104 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRender64.dll

2020-10-11 22:47 - 2020-02-17 23:36 - 007272536 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys

2020-10-11 22:47 - 2020-02-17 23:36 - 003793640 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioMeters64.exe

2020-10-11 22:47 - 2020-02-17 23:36 - 003769296 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll

2020-10-11 22:47 - 2020-02-17 23:36 - 003676960 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl

2020-10-11 22:47 - 2020-02-17 23:36 - 003353720 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll

2020-10-11 22:47 - 2020-02-17 23:36 - 003159672 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll

2020-10-11 22:47 - 2020-02-17 23:36 - 002930048 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll

2020-10-11 22:47 - 2020-02-17 23:36 - 001353216 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll

2020-10-11 22:47 - 2020-02-17 23:36 - 000692056 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll

2020-10-11 22:47 - 2020-02-17 23:36 - 000575080 _____ (Intel Corporation) C:\WINDOWS\system32\tbb_waves.dll

2020-10-11 22:47 - 2020-02-17 23:36 - 000343600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll

2020-10-11 22:47 - 2020-02-17 23:36 - 000240024 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTHDASIO64.dll

2020-10-11 22:47 - 2020-02-17 23:36 - 000200600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RTHDASIO.dll

2020-10-11 22:47 - 2020-02-17 23:36 - 000192872 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll

2020-10-11 22:47 - 2020-02-17 23:36 - 000023584 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll

2020-10-11 22:47 - 2020-02-17 23:22 - 038528612 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT

2020-10-11 22:47 - 2018-01-08 04:04 - 005804772 _____ C:\WINDOWS\system32\Drivers\rtvienna.dat

2020-10-11 22:43 - 2019-12-19 15:07 - 002877104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll

2020-10-11 22:38 - 2020-10-11 22:54 - 000000000 ___HD C:\Program Files (x86)\Temp

2020-10-11 22:37 - 2020-10-11 22:37 - 000019632 _____ C:\WINDOWS\SysWOW64\RtkMsgs.dll

2020-10-11 22:23 - 2020-10-11 22:31 - 490330584 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Realtek-High-Definition-Audio-Driver_MM88C_WIN_6.0.8895.1_A16.EXE

2020-10-11 22:23 - 2020-10-11 22:23 - 012362680 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Intel-Chipset-Device-Software_5MPRF_WIN_10.1.18121.8164_A09.EXE

2020-10-11 22:12 - 2020-10-11 22:13 - 097367512 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Intel-Management-Engine-Interface-Driver_V0N4T_WIN_1932.12.0.1298_A03.EXE

2020-10-11 22:12 - 2020-10-11 22:12 - 006705368 _____ C:\Users\David Jackson\Downloads\Vostro_3478_3578_Inspiron_3476_3576_1.10.0.exe

2020-10-11 18:26 - 2020-10-11 18:27 - 000000000 ____D C:\Users\Public\Speedup Sessions

2020-10-11 18:26 - 2020-10-11 18:26 - 000003782 _____ C:\WINDOWS\system32\Tasks\AviraSystemSpeedupUpdate

2020-10-11 18:24 - 2020-10-11 18:25 - 004434320 _____ (Avira Operations GmbH & Co. KG) C:\Users\David Jackson\Downloads\avira_en_sptl1_cbc6c5b27d137256__pavws-spotlight-release.exe

2020-10-11 18:13 - 2020-10-11 18:13 - 003181960 _____ (Avira Operations GmbH & Co. KG) C:\Users\David Jackson\Desktop\avira_registry_cleaner_en.exe

2020-10-11 13:12 - 2020-10-11 13:12 - 000000000 ____D C:\Users\David Jackson\Documents\TotalAV

2020-10-11 13:08 - 2020-10-11 13:08 - 000000000 ____D C:\ProgramData\SecuritySuite

2020-10-11 12:55 - 2020-10-11 12:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira

2020-10-11 12:50 - 2020-10-11 12:50 - 013988288 _____ C:\Users\David Jackson\Downloads\TotalAV_Setup.exe

2020-10-11 00:07 - 2020-10-11 00:07 - 000158535 _____ C:\Users\David Jackson\Downloads\87866-795042.lies-students-hear.pdf

2020-10-10 20:32 - 2020-10-10 20:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell

2020-10-10 20:29 - 2020-10-10 20:29 - 000000000 _____ C:\WINDOWS\invcol.tmp

2020-10-10 20:28 - 2020-10-10 20:28 - 000003914 _____ C:\WINDOWS\system32\Tasks\Dell SupportAssistAgent AutoUpdate

2020-10-10 20:27 - 2020-10-10 20:27 - 000000000 ____D C:\Program Files (x86)\Dell

2020-10-10 20:26 - 2020-10-10 20:26 - 000000000 ____D C:\ProgramData\SupportAssist

2020-10-10 20:25 - 2020-10-10 20:25 - 000610384 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\SupportAssistLauncher.exe

2020-10-09 11:22 - 2020-10-09 11:22 - 000003304 _____ C:\WINDOWS\system32\Tasks\StartCNBM

2020-10-08 18:38 - 2020-10-08 18:38 - 000003194 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate

2020-10-08 18:37 - 2020-10-08 18:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software

2020-10-08 18:36 - 2020-10-08 18:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool

2020-10-08 18:18 - 2020-09-28 17:28 - 001753712 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe

2020-10-08 18:18 - 2020-09-28 17:28 - 001753712 _____ C:\WINDOWS\system32\vulkaninfo.exe

2020-10-08 18:18 - 2020-09-28 17:28 - 001593456 _____ (AMD) C:\WINDOWS\system32\coinst_20.20.dll

2020-10-08 18:18 - 2020-09-28 17:28 - 001359472 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe

2020-10-08 18:18 - 2020-09-28 17:28 - 001359472 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe

2020-10-08 18:18 - 2020-09-28 17:28 - 001047792 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll

2020-10-08 18:18 - 2020-09-28 17:28 - 001047792 _____ C:\WINDOWS\system32\vulkan-1.dll

2020-10-08 18:18 - 2020-09-28 17:28 - 000910248 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll

2020-10-08 18:18 - 2020-09-28 17:28 - 000910248 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll

2020-10-08 18:18 - 2020-09-28 17:28 - 000736880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll

2020-10-08 18:18 - 2020-09-28 17:28 - 000621168 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll

2020-10-08 18:18 - 2020-09-28 17:28 - 000496752 _____ C:\WINDOWS\system32\GameManager64.dll

2020-10-08 18:18 - 2020-09-28 17:28 - 000493168 _____ C:\WINDOWS\system32\dgtrayicon.exe

2020-10-08 18:18 - 2020-09-28 17:28 - 000380016 _____ C:\WINDOWS\SysWOW64\GameManager32.dll

2020-10-08 18:18 - 2020-09-28 17:28 - 000186992 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll

2020-10-08 18:18 - 2020-09-28 17:28 - 000166512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll

2020-10-08 18:18 - 2020-09-28 17:28 - 000156784 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll

2020-10-08 18:18 - 2020-09-28 17:28 - 000142448 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll

2020-10-08 18:18 - 2020-09-28 17:28 - 000046704 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll

2020-10-08 18:18 - 2020-09-28 17:28 - 000043632 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll

2020-10-08 18:18 - 2020-09-28 17:28 - 000019784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll

2020-10-08 18:18 - 2020-09-28 17:28 - 000019784 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll

2020-10-08 18:18 - 2020-09-28 17:27 - 004631664 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll

2020-10-08 18:18 - 2020-09-28 17:27 - 004156016 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll

2020-10-08 18:18 - 2020-09-28 17:27 - 001783408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll

2020-10-08 18:18 - 2020-09-28 17:27 - 001344624 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll

2020-10-08 18:18 - 2020-09-28 17:27 - 001344624 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll

2020-10-08 18:18 - 2020-09-28 17:27 - 000761456 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe

2020-10-08 18:18 - 2020-09-28 17:27 - 000468592 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll

2020-10-08 18:18 - 2020-09-28 17:27 - 000456304 _____ C:\WINDOWS\system32\atieah64.exe

2020-10-08 18:18 - 2020-09-28 17:27 - 000351856 _____ C:\WINDOWS\SysWOW64\atieah32.exe

2020-10-08 18:18 - 2020-09-28 17:27 - 000339568 _____ C:\WINDOWS\system32\clinfo.exe

2020-10-08 18:18 - 2020-09-28 17:27 - 000245360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll

2020-10-08 18:18 - 2020-09-28 17:27 - 000213104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll

2020-10-08 18:18 - 2020-09-28 17:27 - 000182400 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll

2020-10-08 18:18 - 2020-09-28 17:27 - 000167024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll

2020-10-08 18:18 - 2020-09-28 17:27 - 000158648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll

2020-10-08 18:18 - 2020-09-28 17:27 - 000140912 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll

2020-10-08 18:18 - 2020-09-28 17:27 - 000135792 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll

2020-10-08 18:18 - 2020-09-28 17:27 - 000125552 _____ C:\WINDOWS\system32\atidxx64.dll

2020-10-08 18:18 - 2020-09-28 17:27 - 000107632 _____ C:\WINDOWS\SysWOW64\atidxx32.dll

2020-10-08 18:18 - 2020-09-28 17:27 - 000070256 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll

2020-10-08 18:18 - 2020-09-28 17:26 - 000130232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll

2020-10-08 18:18 - 2020-09-28 17:26 - 000108248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll

2020-10-08 18:18 - 2020-09-28 16:26 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap

2020-10-08 18:18 - 2020-09-28 16:26 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap

2020-10-08 18:18 - 2020-09-28 16:26 - 000548096 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb

2020-10-08 18:18 - 2020-09-28 16:26 - 000548096 _____ C:\WINDOWS\system32\atiapfxx.blb

2020-10-08 18:18 - 2020-09-23 15:43 - 000510368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdfendrsr.exe

2020-10-08 18:18 - 2020-09-23 15:43 - 000088992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdfendr.sys

2020-10-08 18:18 - 2020-07-27 08:41 - 000062056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdxe.sys

2020-10-08 18:17 - 2020-09-28 17:27 - 072714352 _____ C:\WINDOWS\system32\amd_comgr.dll

2020-10-08 18:17 - 2020-09-28 17:27 - 060127344 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll

2020-10-08 18:17 - 2020-09-28 17:27 - 000941168 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll

2020-10-08 18:17 - 2020-09-28 17:27 - 000768624 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll

2020-10-08 18:17 - 2020-09-28 17:27 - 000553584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll

2020-10-08 18:17 - 2020-09-28 17:27 - 000383600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll

2020-10-08 18:17 - 2020-09-28 17:27 - 000134768 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll

2020-10-08 18:17 - 2020-09-28 17:27 - 000122480 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll

2020-10-08 18:17 - 2020-09-28 17:27 - 000120432 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll

2020-10-08 18:17 - 2020-09-28 17:27 - 000107120 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll

2020-10-08 18:17 - 2020-09-28 17:26 - 000546800 _____ C:\WINDOWS\system32\amdmiracast.dll

2020-10-08 18:17 - 2020-09-28 17:26 - 000489584 _____ C:\WINDOWS\system32\amdgfxinfo64.dll

2020-10-08 18:17 - 2020-09-28 17:26 - 000380016 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll

2020-10-08 18:17 - 2020-09-28 17:26 - 000198832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll

2020-10-08 18:17 - 2020-09-28 17:26 - 000167912 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll

2020-10-08 18:17 - 2020-09-28 17:26 - 000135928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll

2020-10-08 18:17 - 2020-09-28 17:26 - 000130232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll

2020-10-08 18:17 - 2020-09-28 17:26 - 000120264 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll

2020-10-08 18:17 - 2020-09-28 17:26 - 000108248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll

2020-10-08 14:45 - 2020-10-08 14:45 - 002779059 _____ C:\Users\David Jackson\Downloads\i-to-i-tefl-level-5-180-hour-course-guide.pdf

2020-10-02 23:21 - 2020-10-02 23:22 - 103156624 _____ (Dell Inc.) C:\Users\David Jackson\Downloads\Qualcomm-QCA61x4A-QCA9377-WiFi-and-Bluetooth-Driver_4747J_WIN_12.0.0.916_A33.EXE

2020-10-01 11:44 - 2020-10-01 11:44 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools

2020-10-01 11:44 - 2020-09-10 18:14 - 000905528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll

2020-10-01 11:44 - 2020-09-10 18:14 - 000436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll

2020-09-30 20:17 - 2020-09-30 20:17 - 000473751 _____ C:\Users\David Jackson\Desktop\SpeccyNew.txt

2020-09-30 20:15 - 2020-09-30 20:15 - 000473780 _____ C:\Users\David Jackson\Desktop\DAVIDDELL2.txt

2020-09-28 08:40 - 2020-10-12 13:32 - 000000000 ____D C:\Users\David Jackson\Desktop\FRST-OlderVersion

2020-09-27 21:44 - 2020-09-27 21:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla

2020-09-24 16:31 - 2020-09-24 16:31 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task

2020-09-24 16:31 - 2020-09-24 16:31 - 000002144 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

2020-09-23 12:36 - 2020-10-11 18:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

2020-09-23 12:36 - 2020-09-23 12:36 - 000001193 _____ C:\Users\Public\Desktop\Avira.lnk

2020-09-23 12:36 - 2020-09-23 12:36 - 000001193 _____ C:\ProgramData\Desktop\Avira.lnk

2020-09-14 13:16 - 2020-09-14 13:16 - 000000000 ____D C:\Users\David Jackson\AppData\Roaming\Macromedia

2020-09-14 13:09 - 2020-09-14 13:09 - 000002132 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk

2020-09-14 13:09 - 2020-09-14 13:09 - 000002132 _____ C:\ProgramData\Desktop\Acrobat Reader DC.lnk

2020-09-14 12:44 - 2020-10-02 23:34 - 000000000 ____D C:\Program Files\Mozilla Firefox

2020-09-14 12:33 - 2019-06-07 13:20 - 000687943 _____ C:\Users\David Jackson\Desktop\Passport scan.pdf

 

==================== One month (modified) ==================

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2020-10-12 13:35 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2020-10-12 13:34 - 2020-01-24 00:15 - 000000000 ____D C:\FRST

2020-10-12 13:09 - 2019-08-25 22:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy

2020-10-12 12:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness

2020-10-12 12:40 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps

2020-10-12 12:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Registration

2020-10-12 12:37 - 2018-10-17 11:39 - 000000000 __SHD C:\Users\David Jackson\IntelGraphicsProfiles

2020-10-12 12:35 - 2019-08-25 23:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT

2020-10-12 12:34 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI

2020-10-12 12:33 - 2019-10-06 14:14 - 000000000 ____D C:\Users\David Jackson\AppData\Local\OpenShell

2020-10-12 12:27 - 2018-12-19 10:36 - 000000000 ____D C:\Users\David Jackson\AppData\Local\CrashDumps

2020-10-12 12:09 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF

2020-10-12 12:08 - 2019-10-04 15:23 - 000000000 ____D C:\Program Files (x86)\Qualcomm

2020-10-12 11:28 - 2020-03-05 15:22 - 000735058 _____ C:\WINDOWS\system32\perfh010.dat

2020-10-12 11:28 - 2020-03-05 15:22 - 000135432 _____ C:\WINDOWS\system32\perfc010.dat

2020-10-12 11:28 - 2020-01-14 21:53 - 000745756 _____ C:\WINDOWS\system32\perfh00C.dat

2020-10-12 11:28 - 2020-01-14 21:53 - 000139160 _____ C:\WINDOWS\system32\perfc00C.dat

2020-10-12 11:28 - 2020-01-14 21:35 - 000696098 _____ C:\WINDOWS\system32\perfh007.dat

2020-10-12 11:28 - 2020-01-14 21:35 - 000139468 _____ C:\WINDOWS\system32\perfc007.dat

2020-10-12 11:28 - 2019-08-26 08:17 - 000395550 _____ C:\WINDOWS\system32\prfh0804.dat

2020-10-12 11:28 - 2019-08-26 08:17 - 000122334 _____ C:\WINDOWS\system32\prfc0804.dat

2020-10-12 11:28 - 2019-08-25 23:03 - 003916954 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2020-10-12 11:27 - 2019-03-13 22:08 - 000000000 ____D C:\Program Files (x86)\Intel

2020-10-12 11:27 - 2019-03-13 22:07 - 000000000 ____D C:\ProgramData\Package Cache

2020-10-12 11:27 - 2018-10-17 11:32 - 000000000 ____D C:\ProgramData\Intel

2020-10-12 11:27 - 2018-10-17 11:32 - 000000000 ____D C:\Program Files\Intel

2020-10-12 11:16 - 2018-11-01 14:56 - 000000000 ____D C:\Users\David Jackson\AppData\Local\PlaceholderTileLogoFolder

2020-10-12 10:12 - 2019-10-04 15:22 - 000000000 ____D C:\ProgramData\Dell

2020-10-11 23:22 - 2019-10-08 22:42 - 000000000 ____D C:\Program Files\Dell

2020-10-11 23:08 - 2019-04-27 12:01 - 000000000 ____D C:\Users\David Jackson\AppData\Local\Downloaded Installations

2020-10-11 22:53 - 2018-10-17 08:52 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM

2020-10-11 22:53 - 2018-10-17 08:52 - 000000000 ____D C:\WINDOWS\system32\RTCOM

2020-10-11 22:46 - 2019-10-04 15:22 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

2020-10-11 18:28 - 2020-09-02 22:02 - 000000000 ____D C:\ProgramData\Avira

2020-10-11 18:27 - 2020-09-02 22:02 - 000000000 ____D C:\Program Files (x86)\Avira

2020-10-11 13:06 - 2019-10-08 22:52 - 000000000 ____D C:\ProgramData\PCDr

2020-10-11 12:58 - 2018-10-18 10:25 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

2020-10-11 12:54 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP

2020-10-10 20:30 - 2019-10-08 22:43 - 000000000 ____D C:\Users\David Jackson\AppData\Local\Dell Inc

2020-10-10 20:07 - 2019-10-07 12:18 - 000016560 _____ C:\VEW.txt

2020-10-10 18:13 - 2018-10-17 11:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

2020-10-10 12:19 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp

2020-10-09 19:25 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF

2020-10-09 11:22 - 2018-10-17 11:31 - 000000000 ____D C:\Program Files\AMD

2020-10-08 22:42 - 2020-09-02 22:11 - 000003708 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update

2020-10-08 18:37 - 2020-01-30 14:14 - 000003160 _____ C:\WINDOWS\system32\Tasks\StartCN

2020-10-08 18:37 - 2020-01-30 14:14 - 000003080 _____ C:\WINDOWS\system32\Tasks\StartDVR

2020-10-08 18:29 - 2020-06-10 10:38 - 000000000 ____D C:\WINDOWS\system32\AMD

2020-10-08 18:18 - 2020-02-14 10:27 - 000000000 ____D C:\AMD

2020-10-07 20:21 - 2020-05-11 12:00 - 000002424 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk

2020-10-07 20:21 - 2020-05-11 12:00 - 000002383 _____ C:\Users\Public\Desktop\Brave.lnk

2020-10-07 20:21 - 2020-05-11 12:00 - 000002383 _____ C:\ProgramData\Desktop\Brave.lnk

2020-10-06 21:59 - 2018-10-17 10:44 - 000000000 ____D C:\Users\David Jackson\AppData\Roaming\vlc

2020-10-04 14:19 - 2018-10-17 11:02 - 000000000 ____D C:\Users\David Jackson\AppData\LocalLow\Mozilla

2020-10-02 23:34 - 2018-10-17 11:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2020-09-27 21:43 - 2018-10-17 11:02 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk

2020-09-27 18:23 - 2020-09-02 22:12 - 000000000 ____D C:\Users\Public\Security Sessions

2020-09-23 19:57 - 2020-04-24 13:53 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2020-09-23 19:57 - 2020-04-24 13:53 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2020-09-23 19:57 - 2020-04-24 13:53 - 000002262 _____ C:\ProgramData\Desktop\Google Chrome.lnk

2020-09-14 13:11 - 2019-01-12 22:37 - 000000000 ____D C:\Users\David Jackson\AppData\Local\Adobe

2020-09-14 13:08 - 2019-06-11 19:34 - 000000000 ____D C:\Program Files (x86)\Adobe

 

==================== Files in the root of some directories ========

 

2019-01-27 14:38 - 2019-01-27 14:48 - 000000094 _____ () C:\Users\David Jackson\AppData\Roaming\AlamySizeCheck Preferences

2019-03-15 01:43 - 2019-03-15 01:43 - 039718141 _____ () C:\Users\David Jackson\AppData\Local\Ahiramto

 

==================== SigCheck ============================

 

(There is no automatic fix for files that do not pass verification.)

 

==================== End of FRST.txt ========================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-10-2020

Ran by David Jackson (12-10-2020 13:37:13)

Running from C:\Users\David Jackson\Desktop

Windows 10 Home Version 1909 18363.1082 (X64) (2019-08-25 22:15:07)

Boot Mode: Normal

==========================================================

 

 

==================== Accounts: =============================

 

Administrator (S-1-5-21-2490165305-1638453623-257508744-500 - Administrator - Disabled)

David Jackson (S-1-5-21-2490165305-1638453623-257508744-1001 - Administrator - Enabled) => C:\Users\David Jackson

DefaultAccount (S-1-5-21-2490165305-1638453623-257508744-503 - Limited - Disabled)

defaultuser0 (S-1-5-21-2490165305-1638453623-257508744-1000 - Limited - Disabled) => C:\Users\defaultuser0

Guest (S-1-5-21-2490165305-1638453623-257508744-501 - Limited - Disabled)

WDAGUtilityAccount (S-1-5-21-2490165305-1638453623-257508744-504 - Limited - Disabled)

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

7-Zip 19.02 alpha (x64) (HKLM\...\7-Zip) (Version: 19.02 alpha - Igor Pavlov)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.012.20048 - Adobe Systems Incorporated)

Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.433 - Adobe)

AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.9.1 - Advanced Micro Devices, Inc.)

Anki (HKLM-x32\...\Anki) (Version: 2.1.13 - )

Avira (HKLM-x32\...\{47430B15-7CE6-46CF-903E-B85CD2D29A7D}) (Version: 1.2.151.3852 - Avira Operations GmbH & Co. KG) Hidden

Avira (HKLM-x32\...\{f24507a8-a438-4e46-9563-6d53c727bd7e}) (Version: 1.2.151.3852 - Avira Operations GmbH & Co. KG) Hidden

Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.36.1.29260 - Avira Operations GmbH & Co. KG)

Avira Software Updater (HKLM-x32\...\{073825B9-FF06-4690-8CE4-3C0B72036122}) (Version: 2.0.6.37231 - Avira Operations GmbH & Co. KG) Hidden

Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.7.0.11017 - Avira Operations GmbH & Co. KG)

Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden

Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 86.1.15.72 - Brave Software Inc)

Dell Digital Delivery Services (HKLM-x32\...\{CC5730C7-C867-43BD-94DA-00BB3836906F}) (Version: 4.0.52.0 - Dell Inc.)

Dell Mobile Connect Drivers (HKLM\...\{2D27B76E-8FB1-495B-A61D-FB76349E7E36}) (Version: 3.1.9518 - Screenovate Technologies Ltd.)

Dell SupportAssist (HKLM\...\{CC611DE8-38C7-4650-968E-B973B254E98C}) (Version: 3.7.0.148 - Dell Inc.)

Dell Update - SupportAssist Update Plugin (HKLM\...\{3C4F6923-3BE1-4E6C-8DEE-9EEF1E433795}) (Version: 5.2.1.12926 - Dell Inc.) Hidden

Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{8d32f870-d6fd-4420-b5cb-c29ac65f628d}) (Version: 5.2.1.12926 - Dell Inc.)

f.lux (HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\Flux) (Version:  - f.lux Software LLC)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.121 - Google LLC)

Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden

Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden

Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden

Intel® Chipset Device Software (HKLM-x32\...\{c4a581e8-a702-448c-80c7-4b6192985db2}) (Version: 10.1.18228.8176 - Intel® Corporation)

Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10209.6897 - Intel Corporation)

Intel® Graphics Driver Software (HKLM-x32\...\{34b71f5b-fd06-4029-966e-c1d187ea90a7}) (Version: 3.11.1.0 - Intel) Hidden

Intel® Graphics Driver Software (HKLM-x32\...\{d7a872bf-e69e-4300-8537-086dc6abbf23}) (Version: 3.11.1.0 - Intel) Hidden

Intel® HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 2.2.1.375 - Intel Corporation)

Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1932.12.0.1298 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7212 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.5.0.1017 - Intel Corporation)

Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.56.87.0 - Intel Corporation) Hidden

Intel® Trusted Connect Services Client (HKLM-x32\...\{05817e4d-5f15-49b4-afec-7edb31fc7dd6}) (Version: 1.56.87.0 - Intel Corporation) Hidden

Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{7D4998B3-AC68-4815-AC47-5A1969D91E30}) (Version: 17.5.0.1017 - Intel Corporation)

Luminar 3 (HKLM\...\Luminar 3) (Version: 3.2.0.5246 - Skylum)

Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.12253.1 - Waves Audio Ltd.) Hidden

Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\OneDriveSetup.exe) (Version: 19.152.0801.0008 - Microsoft Corporation)

Microsoft Update Health Tools (HKLM\...\{97238E8A-4919-4A1E-965A-C6C36938F4CE}) (Version: 2.68.0.0 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)

Mozilla Firefox 80.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 80.0.1 (x64 en-US)) (Version: 80.0.1 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0.2 - Mozilla)

OEM Application Profile (HKLM-x32\...\{12C2AEB0-ED60-4CCF-DD83-C65BC7CCFB50}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)

Open-Shell (HKLM\...\{FD722BB1-4960-455F-89C6-EFAEB79527EF}) (Version: 4.4.131 - The Open-Shell Team)

Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden

Qualcomm 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{E7086B15-806E-4519-A876-DBA9FDDE9A13}) (Version: 11.0.0.10505 - Qualcomm)

Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8895.1 - Realtek Semiconductor Corp.)

Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.18362.31252 - Realtek Semiconductor Corp.)

Revo Uninstaller 2.1.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.5 - VS Revo Group, Ltd.)

Skype version 8.65 (HKLM-x32\...\Skype_is1) (Version: 8.65 - Skype Technologies S.A.)

Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)

Update for Skype for Business 2016 (KB3127939) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{0E31A60F-4066-4FD8-AB36-4119E0FED3D9}) (Version:  - Microsoft)

Update for Skype for Business 2016 (KB3127939) 64-Bit Edition (HKLM\...\{90160000-012B-0409-1000-0000000FF1CE}_Office16.PROPLUS_{0E31A60F-4066-4FD8-AB36-4119E0FED3D9}) (Version:  - Microsoft)

Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)

UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden

VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)

Vulkan Run Time Libraries 1.0.68.0 (HKLM\...\VulkanRT1.0.68.0) (Version: 1.0.68.0 - LunarG, Inc.) Hidden

Vulkan Run Time Libraries 1.0.68.0 (HKLM\...\VulkanRT1.0.68.0-2) (Version: 1.0.68.0 - LunarG, Inc.) Hidden

Zoom (HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\ZoomUMX) (Version: 5.1 - Zoom Video Communications, Inc.)

 

Packages:

=========

Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-08] (Autodesk Inc.)

Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2727.0_x64__8j3eq9eme6ctt [2020-03-13] (INTEL CORP) [Startup Task]

Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-19] (INTEL CORP)

Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-29] (Microsoft Corporation) [MS Ad]

Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-29] (Microsoft Corporation) [MS Ad]

Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]

Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.4030.0_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Studios) [MS Ad]

Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.14.6005.0_x64__8wekyb3d8bbwe [2020-04-16] (Microsoft Studios)

MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]

Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-03-15] (Microsoft Corporation)

Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-24] (Microsoft Corporation)

PhotoScape X -> C:\Program Files\WindowsApps\MooiiTech.PhotoScapeX_4.0.2.0_x64__f5eddttrpssna [2019-12-31] (Mooii Tech)

Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c [2020-02-07] (Skype)

 

==================== Custom CLSID (Whitelisted): ==============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

CustomCLSID: HKU\S-1-5-21-2490165305-1638453623-257508744-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)

ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-05-09] (Intel® Rapid Storage Technology -> )

ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2018-08-18] (Open-Shell) [File not signed]

ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2018-08-18] (Open-Shell) [File not signed]

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]

ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-09-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-05-09] (Intel® Rapid Storage Technology -> )

ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]

ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-09-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-09-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-09-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]

ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\system32\StartMenuHelper64.dll [2018-08-18] (Open-Shell) [File not signed]

 

==================== Codecs (Whitelisted) ====================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Drivers32: [msacm.voxacm160] => C:\WINDOWS\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed]

HKLM\...\Drivers32: [msacm.scg726] => C:\WINDOWS\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed]

HKLM\...\Drivers32: [msacm.alf2cd] => C:\WINDOWS\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed]

HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [File not signed]

HKLM\...\Drivers32: [msacm.lame] => C:\WINDOWS\system32\lame.ax [245760 2005-08-01] () [File not signed]

HKLM\...\Drivers32: [vidc.dvsd] => C:\WINDOWS\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [File not signed]

HKLM\...\Drivers32: [vidc.mpg4] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]

HKLM\...\Drivers32: [vidc.mp42] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]

HKLM\...\Drivers32: [vidc.mp43] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]

HKLM\...\Drivers32: [vidc.xvid] => C:\WINDOWS\system32\xvidvfw.dll [139264 2004-07-03] () [File not signed]

HKLM\...\Drivers32: [vidc.DIVX] => C:\WINDOWS\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [File not signed]

HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]

HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]

HKLM\...\Drivers32: [vidc.VP62] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]

HKLM\...\Drivers32: [vidc.LAGS] => C:\WINDOWS\system32\lagarith.dll [216064 2011-12-07] () [File not signed]

 

==================== Shortcuts & WMI ========================

 

(The entries could be listed to be restored or removed.)

 

ShortcutWithArgument: C:\Users\David Jackson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brave Apps\Secure, Fast & Private Web Browser with Adblocker _ Brave Browser.lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\chrome_proxy.exe (Brave Software, Inc.) ->  --profile-directory=Default --app-id=dnglpbpmfhoikjfpaeipmeobcbnoikhg

ShortcutWithArgument: C:\Users\David Jackson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\e2f3576b7abb043d\Brave.lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.) -> --profile-directory=Default

 

==================== Loaded Modules (Whitelisted) =============

 

2020-04-09 20:11 - 2020-04-09 20:11 - 000019456 _____ () [File not signed] C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.HSA.Server.dll

2020-07-27 14:57 - 2020-07-27 14:57 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll

2020-07-27 14:57 - 2020-07-27 14:57 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll

2018-03-13 04:47 - 2018-03-13 04:47 - 000912896 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-core.dll

2018-03-13 04:47 - 2018-03-13 04:47 - 003109888 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-s3.dll

2015-02-19 01:13 - 2015-02-19 01:13 - 000817152 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Device.dll

2015-02-19 01:13 - 2015-02-19 01:13 - 003650560 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Platform.dll

2019-10-18 16:48 - 2019-09-05 20:00 - 000076800 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll

2018-08-18 22:57 - 2018-08-18 22:57 - 000880128 _____ (Open-Shell) [File not signed] C:\Program Files\Open-Shell\ClassicExplorer64.dll

2018-08-18 22:57 - 2018-08-18 22:57 - 003447808 _____ (Open-Shell) [File not signed] C:\Program Files\Open-Shell\StartMenuDLL.dll

2018-08-18 22:57 - 2018-08-18 22:57 - 000301568 _____ (Open-Shell) [File not signed] C:\WINDOWS\system32\StartMenuHelper64.dll

2020-09-01 22:43 - 2020-09-01 22:43 - 001899008 _____ (SQLite Development Team) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\sqlite3.dll

2020-10-10 20:36 - 2020-10-10 20:36 - 001680384 _____ (SQLite Development Team) [File not signed] C:\WINDOWS\TEMP\Costura\1D16C6BEE7EBD5DA54AEC8A9AD8A178A\64\sqlite3.dll

2020-07-27 14:57 - 2020-07-27 14:57 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll

2020-07-27 14:57 - 2020-07-27 14:57 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll

2020-07-27 14:57 - 2020-07-27 14:57 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll

2020-07-27 14:57 - 2020-07-27 14:57 - 000413696 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll

2020-07-27 14:57 - 2020-07-27 14:57 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll

2020-07-27 14:57 - 2020-07-27 14:57 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll

2020-07-27 14:57 - 2020-07-27 14:57 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll

2020-07-27 14:57 - 2020-07-27 14:57 - 000519168 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll

2020-07-27 14:57 - 2020-07-27 14:57 - 001431040 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll

2020-07-27 14:57 - 2020-07-27 14:57 - 001180672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll

2020-07-27 14:57 - 2020-07-27 14:57 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll

2020-09-09 20:57 - 2020-09-09 20:57 - 006010880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll

2020-07-27 14:57 - 2020-07-27 14:57 - 006345216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll

2020-07-27 14:57 - 2020-07-27 14:57 - 001078272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll

2020-07-27 14:57 - 2020-07-27 14:57 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll

2020-07-27 14:57 - 2020-07-27 14:57 - 004000256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll

2020-07-27 14:57 - 2020-07-27 14:57 - 003802624 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll

2020-07-27 14:57 - 2020-07-27 14:57 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll

2020-07-27 14:57 - 2020-07-27 14:57 - 001083904 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll

2020-07-27 14:57 - 2020-07-27 14:57 - 000205312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll

2020-07-27 14:57 - 2020-07-27 14:57 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll

2020-07-27 14:57 - 2020-07-27 14:57 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll

2020-07-27 14:57 - 2020-07-27 14:57 - 000376320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll

2020-07-27 14:57 - 2020-07-27 14:57 - 092323328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll

2020-07-27 14:57 - 2020-07-27 14:57 - 005560832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll

2020-07-27 14:57 - 2020-07-27 14:57 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll

2020-07-27 14:57 - 2020-07-27 14:57 - 000188416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll

2020-07-27 14:57 - 2020-07-27 14:57 - 002888704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll

2020-07-27 14:57 - 2020-07-27 14:57 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll

2020-07-27 14:57 - 2020-07-27 14:57 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll

2020-07-27 14:57 - 2020-07-27 14:57 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll

2020-07-27 14:57 - 2020-07-27 14:57 - 000287232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll

2020-07-27 14:57 - 2020-07-27 14:57 - 000329216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll

2020-07-27 14:57 - 2020-07-27 14:57 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll

2020-07-27 14:57 - 2020-07-27 14:57 - 000089088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll

2020-07-27 14:57 - 2020-07-27 14:57 - 000312320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll

2020-07-27 14:57 - 2020-07-27 14:57 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll

2020-09-09 20:57 - 2020-09-09 20:57 - 000085504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll

 

==================== Alternate Data Streams (Whitelisted) ========

 

==================== Safe Mode (Whitelisted) ==================

 

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LanmanServer => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LanmanWorkstation => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MB3Service => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NfsClnt => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SamSs => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MB3Service => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NfsClnt => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\simptcp => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"

 

==================== Association (Whitelisted) =================

 

==================== Internet Explorer (Whitelisted) ==========

 

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-21-2490165305-1638453623-257508744-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)

BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Open-Shell\ClassicExplorer64.dll [2018-08-18] (Open-Shell) [File not signed]

BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)

BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Open-Shell\ClassicIEDLL_64.dll [2018-08-18] (Open-Shell) [File not signed]

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Open-Shell\ClassicExplorer32.dll [2018-08-18] (Open-Shell) [File not signed]

BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Open-Shell\ClassicIEDLL_32.dll [2018-08-18] (Open-Shell) [File not signed]

Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Open-Shell\ClassicExplorer64.dll [2018-08-18] (Open-Shell) [File not signed]

Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Open-Shell\ClassicExplorer32.dll [2018-08-18] (Open-Shell) [File not signed]

Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)

Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)

 

(If an entry is included in the fixlist, it will be removed from the registry.)

 

IE trusted site: HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\localhost -> localhost

 

==================== Hosts content: =========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2016-07-16 12:47 - 2019-10-11 16:40 - 000000855 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1       localhost

 

2019-09-29 20:13 - 2019-09-29 20:13 - 000000440 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

 

==================== Other Areas ===========================

 

(Currently there is no automatic fix for this section.)

 

HKU\S-1-5-21-2490165305-1638453623-257508744-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg

DNS Servers: 10.0.0.254

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)

Windows Firewall is enabled.

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

(If an entry is included in the fixlist, it will be removed.)

 

MSCONFIG\Services: AUEPLauncher => 2

HKLM\...\StartupApproved\Run: => "WindowsDefender"

HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\StartupApproved\Run: => "OneDrive"

 

==================== FirewallRules (Whitelisted) ================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [UDP Query User{FCA55D5D-7C11-43D9-BE5C-AF42F4705963}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [TCP Query User{FA87A6B8-3905-474D-8007-7A444EAD1613}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{2B068F4C-AD4C-4CAD-A478-02D7224AB2ED}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{C94A512A-482D-4332-843B-29B804F22DBB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{3EBE2972-F1C6-4B63-9055-16A9896B355F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{9B577813-145A-4B2A-974A-581F724B04CF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{1E20A7E5-59B2-42F2-BED9-FB04D19643AE}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{3DA20463-FDCA-456A-8F99-4A7721540B47}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{194FEEA0-9365-4201-9F22-1C18DED52A83}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{21A82943-4743-4655-9964-877F56AFD9E9}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{066146B5-2CFD-4617-984F-22B7E8118678}] => (Allow) C:\Users\David Jackson\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

FirewallRules: [{C965D675-CDE4-4266-B9DA-A61A2E4A4F42}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

FirewallRules: [{35945756-CD93-45B2-A6A1-049CEE154AA7}] => (Allow) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)

FirewallRules: [{A725234F-4FD1-4DB7-BE07-94450D19B0EC}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{5077584C-12EC-4C37-B218-57E1B3C68DAC}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{6A8A7E34-5E25-4311-8DC5-984F064772DD}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

FirewallRules: [{20A72F54-35A3-4FCA-AF11-82BDB8D7D0B1}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

FirewallRules: [{6693D3E3-2768-4BBC-A6D6-2E0E27B38073}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

 

==================== Restore Points =========================

 

08-10-2020 18:00:28 Scheduled Checkpoint

11-10-2020 23:11:30 Installed Dell Update for Windows 10.

 

==================== Faulty Device Manager Devices ============

 

 

==================== Event log errors: ========================

 

Application errors:

==================

Error: (10/12/2020 12:27:26 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: brave.exe, version: 86.1.15.72, time stamp: 0x5f7b649c

Faulting module name: SHELL32.dll_unloaded, version: 10.0.18362.1049, time stamp: 0x37e737cc

Exception code: 0xc0000005

Fault offset: 0x000000000027be0a

Faulting process id: 0x25e4

Faulting application start time: 0x01d6a08aa8129fc2

Faulting application path: C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe

Faulting module path: SHELL32.dll

Report Id: 413f0fb4-0b98-4803-af34-90f4603e82b1

Faulting package full name: 

Faulting package-relative application ID:

 

Error: (10/12/2020 12:00:51 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: brave.exe, version: 86.1.15.72, time stamp: 0x5f7b649c

Faulting module name: ole32.dll, version: 10.0.18362.1082, time stamp: 0x3340c819

Exception code: 0xc0000005

Fault offset: 0x00000000000a2e22

Faulting process id: 0x2aa8

Faulting application start time: 0x01d6a086f1505db9

Faulting application path: C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe

Faulting module path: C:\WINDOWS\System32\ole32.dll

Report Id: a9332845-743a-4846-bc90-a0e08f308e0e

Faulting package full name: 

Faulting package-relative application ID:

 

Error: (10/12/2020 11:52:03 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: brave.exe, version: 86.1.15.72, time stamp: 0x5f7b649c

Faulting module name: SHELL32.dll_unloaded, version: 10.0.18362.1049, time stamp: 0x37e737cc

Exception code: 0xc0000005

Fault offset: 0x000000000027be0a

Faulting process id: 0x1a58

Faulting application start time: 0x01d6a085b5055efd

Faulting application path: C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe

Faulting module path: SHELL32.dll

Report Id: 9ec83d0d-c5fd-45b8-9f88-948e49f31e62

Faulting package full name: 

Faulting package-relative application ID:

 

Error: (10/12/2020 11:41:59 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: brave.exe, version: 86.1.15.72, time stamp: 0x5f7b649c

Faulting module name: SHELL32.dll_unloaded, version: 10.0.18362.1049, time stamp: 0x37e737cc

Exception code: 0xc0000005

Fault offset: 0x000000000027be0a

Faulting process id: 0x20b4

Faulting application start time: 0x01d6a0844f8f7f84

Faulting application path: C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe

Faulting module path: SHELL32.dll

Report Id: 941e2aee-214f-4193-9980-946214db61aa

Faulting package full name: 

Faulting package-relative application ID:

 

Error: (10/12/2020 11:27:00 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: DAVIDDELL2)

Description: Application or service 'Intel® Dynamic Application Loader Host Interface Service' could not be restarted.

 

Error: (10/12/2020 11:27:00 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: DAVIDDELL2)

Description: Application or service 'Intel® Management and Security Application Local Management Service' could not be restarted.

 

Error: (10/12/2020 10:44:40 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program SkypeApp.exe version 8.56.0.102 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

 

Process ID: 26a4

 

Start Time: 01d6a0780d579265

 

Termination Time: 4294967295

 

Application Path: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeApp.exe

 

Report Id: 38fa6b73-c85d-4962-aeeb-143a7a427a89

 

Faulting package full name: Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c

 

Faulting package-relative application ID: App

 

Hang type: Quiesce

 

Error: (10/12/2020 10:13:12 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )

Description: Event-ID 0

 

 

System errors:

=============

Error: (10/12/2020 12:35:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The AviraSecurity service failed to start due to the following error: 

The system cannot find the file specified.

 

Error: (10/12/2020 12:11:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The AviraSecurity service failed to start due to the following error: 

The system cannot find the file specified.

 

Error: (10/12/2020 11:48:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The AviraSecurity service failed to start due to the following error: 

The system cannot find the file specified.

 

Error: (10/12/2020 10:09:10 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The AviraSecurity service failed to start due to the following error: 

The system cannot find the file specified.

 

Error: (10/12/2020 10:09:02 AM) (Source: EventLog) (EventID: 6008) (User: )

Description: The previous system shutdown at 11:28:39 PM on ‎10/‎11/‎2020 was unexpected.

 

Error: (10/12/2020 10:08:22 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)

Description: 3221225684A fatal error occurred processing the restoration data.

 

Error: (10/11/2020 10:57:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The AviraSecurity service failed to start due to the following error: 

The system cannot find the file specified.

 

Error: (10/11/2020 10:50:33 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: The Downloaded Maps Manager service hung on starting.

 

 

Windows Defender:

===================================

Date: 2020-10-11 13:17:44.423

Description: 

Windows Defender Antivirus has encountered an error trying to update security intelligence.

New security intelligence Version: 

Previous security intelligence Version: 1.317.1232.0

Update Source: Microsoft Malware Protection Center

Security intelligence Type: AntiVirus

Update Type: Full

Current Engine Version: 

Previous Engine Version: 1.1.17400.5

Error code: 0x80070102

Error description: The wait operation timed out. 

 

Date: 2020-09-02 22:21:17.313

Description: 

Windows Defender Antivirus has encountered an error trying to update security intelligence.

New security intelligence Version: 1.323.389.0

Previous security intelligence Version: 1.317.1232.0

Update Source: User

Security intelligence Type: AntiSpyware

Update Type: Full

Current Engine Version: 1.1.17400.5

Previous Engine Version: 1.1.17400.5

Error code: 0x80509004

Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support. 

 

Date: 2020-09-02 22:21:17.313

Description: 

Windows Defender Antivirus has encountered an error trying to update security intelligence.

New security intelligence Version: 1.323.389.0

Previous security intelligence Version: 1.317.1232.0

Update Source: User

Security intelligence Type: AntiVirus

Update Type: Full

Current Engine Version: 1.1.17400.5

Previous Engine Version: 1.1.17400.5

Error code: 0x80509004

Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support. 

 

Date: 2020-09-02 22:08:36.628

Description: 

Windows Defender Antivirus has encountered an error trying to update security intelligence.

New security intelligence Version: 

Previous security intelligence Version: 1.317.1232.0

Update Source: Microsoft Malware Protection Center

Security intelligence Type: AntiVirus

Update Type: Full

Current Engine Version: 

Previous Engine Version: 1.1.17400.5

Error code: 0x80070102

Error description: The wait operation timed out. 

 

Date: 2020-09-02 21:56:20.179

Description: 

Windows Defender Antivirus has encountered an error trying to update security intelligence.

New security intelligence Version: 

Previous security intelligence Version: 1.317.1232.0

Update Source: Microsoft Malware Protection Center

Security intelligence Type: AntiVirus

Update Type: Full

Current Engine Version: 

Previous Engine Version: 1.1.17400.5

Error code: 0x80072f8f

Error description: A security error occurred 

 

CodeIntegrity:

===================================

 

Date: 2020-10-11 12:53:22.178

Description: 

Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

Date: 2020-09-30 18:30:03.769

Description: 

Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

Date: 2020-09-08 19:37:46.524

Description: 

Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

==================== Memory info =========================== 

 

BIOS: Dell Inc. 1.10.0 01/09/2020

Motherboard: Dell Inc. 0RKTGR

Processor: Intel® Core™ i5-8250U CPU @ 1.60GHz

Percentage of memory in use: 87%

Total physical RAM: 3960.65 MB

Available physical RAM: 491.85 MB

Total Virtual: 8373.12 MB

Available Virtual: 2631.56 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:100 GB) (Free:19 GB) NTFS

Drive d: () (Fixed) (Total:272 GB) (Free:244.84 GB) NTFS

Drive e: () (Fixed) (Total:272 GB) (Free:240.99 GB) NTFS

Drive f: () (Fixed) (Total:272.88 GB) (Free:265.95 GB) NTFS

 

\\?\Volume{3f430384-b413-4fd9-8d5a-36680837eb73}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.53 GB) NTFS

\\?\Volume{e34ef38a-3c5e-4b5c-8b7d-6e369a09d72f}\ (Image) (Fixed) (Total:11.76 GB) (Free:0.13 GB) NTFS

\\?\Volume{14ad7310-6585-44c2-acde-6de083ea88c1}\ (DELLSUPPORT) (Fixed) (Total:1.13 GB) (Free:0.05 GB) NTFS

\\?\Volume{7bd86504-d9e3-4a41-a225-36b9f05f67dd}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.6 GB) FAT32

 

==================== MBR & Partition Table ====================

 

==========================================================

Disk: 0 (Size: 931.5 GB) (Disk ID: 1AFE04F0)

 

Partition: GPT.

 

==================== End of Addition.txt =======================

 

Attached Thumbnails

• 
•