Jump to content

Recommended Posts

I have downloaded the Farbar Recovery Scan Tool (x64) V: 23-07-2020.

The first scan showed nothing in the scan tool, and the pop-up box states: Scan completed. FRST.txt is saved in the same directory FRST is located.  I will now click the ok box.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-07-2020
Ran by Admin (administrator) on ADMIN-PC (Dell Inc. Precision M6800) (24-07-2020 08:47:20)
Running from C:\Users\Admin\Downloads
Loaded Profiles: Admin
Platform: Windows 10 Pro Version 1909 18363.535 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2>
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(ALPS ELECTRIC CO., LTD. -> ALPSALPINE CO., LTD.) C:\Program Files\DellTPad\hidfind.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(Dell Inc -> ) C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityFramework.Agent.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\Dell Data Protection\Client Security Framework\DCF.Loader.exe
(Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe
(Dell Inc -> Dell) C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityFramework.LocalServer.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(HP Inc -> HP Inc.) C:\Program Files\HP\HP OfficeJet Pro 9010 series\Bin\HPNetworkCommunicatorCom.exe
(HP Inc -> HP Inc.) C:\Program Files\HP\HP OfficeJet Pro 9010 series\Bin\ScanToPCActivationApp.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel Corporation -> ) C:\WINDOWS\System32\igfxTray.exe
(Intel Corporation -> Intel Corporation) C:\WINDOWS\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\WINDOWS\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\WINDOWS\System32\igfxHK.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\iastorac.inf_amd64_ecb9604542bb4ba6\RstMwService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes Inc -> Malwarebytes) C:\Users\Admin\Desktop\adwcleaner_8.0.7.exe
(Microsoft Corporation -> Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) [File not signed] C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2005.23.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\SysWOW64\wbem\WmiPrvSE.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <7>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\WINDOWS\System32\nvwmi64.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [779152 2019-12-12] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7953504 2018-05-16] (Intel Corporation -> Motorola Solutions, Inc.)
HKLM\...\Run: [IntelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [5549152 2018-09-05] (Intel Corporation -> Intel(R) Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322120 2017-04-19] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8538872 2016-03-01] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1415928 2016-03-01] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [732592 2015-08-19] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [238440 2020-05-27] (IDSA Production signing key -> Intel)
HKU\S-1-5-21-2813573738-3828652003-1143853048-1000\...\Run: [HP OfficeJet Pro 9010 series (NET)] => C:\Program Files\HP\HP OfficeJet Pro 9010 series\Bin\ScanToPCActivationApp.exe [4071840 2018-12-10] (HP Inc -> HP Inc.)
HKU\S-1-5-21-2813573738-3828652003-1143853048-1000\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5417008 2020-05-03] (Adobe Inc. -> Adobe Systems Incorporated)
HKLM\...\Windows x64\Print Processors\hpfppw73: C:\Windows\System32\spool\prtprocs\x64\hpfppw73.dll [258048 2009-07-13] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\HP 2454 Status Monitor: C:\Windows\system32\hpinksts2454LM.dll [467256 2019-07-19] (HP Inc -> HP Inc.)
HKLM\...\Print\Monitors\HP 5412 Status Monitor: C:\Windows\system32\hpinksts5412LM.dll [332176 2012-09-12] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP OfficeJet Pro 9010 series): C:\Windows\system32\HPDiscoPM2454.dll [988064 2019-07-25] (HP Inc -> HP Inc.)
HKLM\...\Print\Monitors\PCL hpf3lw73: C:\Windows\system32\hpf3lw73.dll [48640 2009-07-13] (Microsoft Windows -> Hewlett-Packard Company)
HKLM\Software\...\Authentication\Credential Providers: [{05102259-6b83-447a-b5f0-5bf949283a12}] -> C:\Program Files\Dell\Dell Data Protection\Client Security Framework\DellCredentialProvider.dll [2019-11-08] (Dell Inc -> Dell Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{0528589e-4107-4900-832f-15fba63714ef}] -> C:\Program Files\Dell\Dell Data Protection\Client Security Framework\DellCredentialProviderOU.dll [2019-11-08] (Dell Inc -> Dell Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{05a5ed6c-fd84-43dd-86e7-658afd5bd929}] -> C:\Program Files\Dell\Dell Data Protection\Client Security Framework\DellCredentialProviderSC.dll [2019-11-08] (Dell Inc -> Dell Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Provider Filters: [{05102259-6b83-447a-b5f0-5bf949283a12}] -> C:\Program Files\Dell\Dell Data Protection\Client Security Framework\DellCredentialProvider.dll [2019-11-08] (Dell Inc -> Dell Inc.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {127717AB-FCDD-400C-94A6-7C1C17F25E47} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {230455D4-8225-4A24-83BB-EE41C44E9282} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2104728 2018-05-07] (NVIDIA Corporation -> )
Task: {254EB91B-F688-4DB4-A5B1-BD4A7C1D36D9} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {28C5A94A-6C19-4F1C-A7A8-12CE607ECF24} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {29E4769F-D7DB-400A-8A4D-DB3756BC908C} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {2F5E416C-0D8B-48B7-B2E3-C1D60F1AC151} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {32E69625-D0FD-41A4-834E-69DBA2C26C53} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {371E86A3-1558-4C69-99DB-7EF87D7FFC30} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {37749E0E-678C-4E67-9A13-F488D7057F9E} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {416CA235-B372-4A21-899F-64C8FC7D5032} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4A43573F-9AED-4BCC-9401-6DF86D702CCF} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {59181366-5485-47A8-B656-BB13D2E20C1B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5ACC9CEA-6283-430A-800C-8E71F695DAAA} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {6B30091B-FFD4-430A-B2CC-532641637B63} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {6F48C1C8-3FDB-4742-804B-BA27CF676273} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {70DB2F04-A587-4E30-B3EF-817ECD4F6B40} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe
Task: {7277F39B-69F4-470C-9E68-A7356AE24F8C} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {73619F19-49F0-4C61-9CBB-ECB411F2F599} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {757B8CCD-EA75-422F-B541-249B6419C2F0} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {79BC9015-C829-4466-A599-62890F5D216E} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {7D99917C-C8D8-4A07-8695-6CE9237278F0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-07-14] (Adobe Inc. -> Adobe)
Task: {7D9D18E1-BB9E-4F94-B925-49325FE6BDAC} - System32\Tasks\ScanToPCActivationApp.exe_{54F2F262-E443-4B89-9778-470CC3520E46} => C:\Program Files\HP\HP OfficeJet Pro 9010 series\Bin\ScanToPCActivationApp.exe [4071840 2018-12-10] (HP Inc -> HP Inc.)
Task: {8256F49A-06B9-4C3F-9C23-BAE79A061193} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {845CCA88-E8EE-4DF1-8A11-4CC2203FAB2C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1331792 2020-05-07] (Adobe Inc. -> Adobe Inc.)
Task: {8B8AE304-597A-404C-9AF4-F99876520B80} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {8C270B89-777C-4110-BC6D-282C634619CC} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1415928 2016-03-01] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {8D0CC3E7-3982-4904-9054-06A3543E221F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8D6E259A-2E25-4B5C-A3CC-CC7461047DFD} - \Microsoft\Windows\Setup\EOSNotify2 -> No File <==== ATTENTION
Task: {8E2A443A-BD1E-4E77-B88C-EB701334A629} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_403_Plugin.exe [1475640 2020-07-14] (Adobe Inc. -> Adobe)
Task: {8E5A992D-896E-41B5-A7CE-FC06E0CA6CA5} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {8F2C05A9-7B8F-47DB-8762-74DC8E3DD25A} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {91F63CCF-B67F-48D8-B380-9BD0DE4455A1} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {99F9128E-BC2F-4761-827A-7EB66252B4F5} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [124112 2020-07-09] (Mozilla Corporation -> Mozilla Foundation)
Task: {9A89E04A-8F6F-4261-AFE3-A83FB3A24E70} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {9D3F60E6-2E5E-43F8-95D2-15991A4DE7BF} - System32\Tasks\HPCustParticipation HP OfficeJet Pro 9010 series => C:\Program Files\HP\HP OfficeJet Pro 9010 series\Bin\HPCustPartic.exe [6692256 2019-07-25] (HP Inc -> HP Inc.)
Task: {A4AC5C98-DC11-4C44-B3B0-FF139822C5FF} - System32\Tasks\HpWebReg.exe => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HpWebReg.exe
Task: {A9208082-CC8A-4C9C-812D-F851E5360968} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {AAB44736-F727-4F57-A5C4-6FA4BC685320} - System32\Tasks\WpsExternal_Admin_20200617083151 => E:\wpsDOWNLOAD\WPS Office\11.2.0.9431\office6\wps.exe
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B268FDEB-691F-470D-BD2C-D0456AFDD192} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\WINDOWS\system32\sipnotify.exe
Task: {B7F24E95-CB93-4DED-BEC0-E81386E0C206} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {B8D2E7F7-232B-4374-AD79-6C89012E4EC0} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {BB68AF4F-C923-45C3-BBFE-1594CC565768} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [668464 2017-02-24] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {C8F697FE-2825-472B-B5E6-55C2324E2687} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CE994942-E903-4865-9D33-1E8CB8B6607C} - System32\Tasks\WpsUpdateTask_Admin => E:\wpsDOWNLOAD\WPS Office\11.2.0.9431\office6\wpsupdate.exe
Task: {F04197E4-093F-439D-8A4F-E9684FCF4BED} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F2CA0FD5-9B6B-417C-B95C-F7544E08D10B} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FEDE4907-C650-4DDF-9020-A78CB0794DCF} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{2224D229-2FED-4CB7-9DE5-88CBFC62606C}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{C37E3A45-6852-46B2-834D-CAB56FE663C1}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2813573738-3828652003-1143853048-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://mozilla%20firefox%20start%20page/
HKU\S-1-5-21-2813573738-3828652003-1143853048-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
SearchScopes: HKU\S-1-5-21-2813573738-3828652003-1143853048-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2813573738-3828652003-1143853048-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
Toolbar: HKU\S-1-5-21-2813573738-3828652003-1143853048-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File

FireFox:
========
FF DefaultProfile: 82xw3h06.default-1587058598624
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dx9qsax3.App [2020-01-03]
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dx9qsax3.App\Extensions\sp@avast.com.xpi [2020-01-03]
FF Extension: (Avast Online Security) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dx9qsax3.App\Extensions\wrc@avast.com.xpi [2020-01-03]
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\82xw3h06.default-1587058598624 [2020-07-24]
FF Notifications: Mozilla\Firefox\Profiles\82xw3h06.default-1587058598624 -> hxxps://www.instagram.com
FF Extension: (Facebook Container) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\82xw3h06.default-1587058598624\Extensions\@contain-facebook.xpi [2020-04-16]
FF Extension: (AdBlocker Ultimate) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\82xw3h06.default-1587058598624\Extensions\adblockultimate@adblockultimate.net.xpi [2020-07-17]
FF Extension: (Copy PlainText) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\82xw3h06.default-1587058598624\Extensions\copyplaintext@eros.man.xpi [2020-06-09]
FF Extension: (Enhancer for YouTube™) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\82xw3h06.default-1587058598624\Extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi [2020-04-16]
FF Extension: (Webmail Ad Blocker) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\82xw3h06.default-1587058598624\Extensions\gmailnoads@mywebber.com.xpi [2020-04-16]
FF Extension: (HTTPS Everywhere) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\82xw3h06.default-1587058598624\Extensions\https-everywhere@eff.org.xpi [2020-05-21]
FF Extension: (Google search link fix) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\82xw3h06.default-1587058598624\Extensions\jid0-XWJxt5VvCXkKzQK99PhZqAn7Xbg@jetpack.xpi [2020-06-12]
FF Extension: (Decentraleyes) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\82xw3h06.default-1587058598624\Extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2020-04-16]
FF Extension: (Privacy Badger) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\82xw3h06.default-1587058598624\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2020-07-22]
FF Extension: (uBlock Origin) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\82xw3h06.default-1587058598624\Extensions\uBlock0@raymondhill.net.xpi [2020-07-22]
FF Extension: (uBO-Scope) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\82xw3h06.default-1587058598624\Extensions\uBO-Scope@raymondhill.net.xpi [2020-04-16]
FF Extension: (Cookie Cleaner (Cookie Eraser)) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\82xw3h06.default-1587058598624\Extensions\{22b80bb1-c181-4870-8fc0-951f6966b703}.xpi [2020-06-02]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\82xw3h06.default-1587058598624\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2020-07-24]
FF Extension: (Zoom Scheduler) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\82xw3h06.default-1587058598624\Extensions\{bf855ead-d7c3-4c7b-9f88-9a7e75c0efdf}.xpi [2020-07-09]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\82xw3h06.default-1587058598624\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-07-23]
FF Extension: (Unpaywall) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\82xw3h06.default-1587058598624\Extensions\{f209234a-76f0-4735-9920-eb62507a54cd}.xpi [2020-04-16]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_403.dll [2020-07-14] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_403.dll [2020-07-14] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-02-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-02-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-03] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HKU\S-1-5-21-2813573738-3828652003-1143853048-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-07-14] (Adobe Inc. -> Adobe)
R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [114960 2019-12-12] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [284720 2020-06-10] (Dell Inc -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3455536 2020-06-10] (Dell Inc -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [294448 2020-06-10] (Dell Inc -> Dell Technologies Inc.)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [40656 2020-04-09] (Dell Inc -> )
S3 Dell.CommandPowerManager.Service; C:\WINDOWS\system32\dllhost.exe /Processid:{98869CF3-72F1-434B-A2A4-29D2E8B0D594} [21304 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
S3 Dell.CommandPowerManager.Service; C:\WINDOWS\system32\dllhost.exe /Processid:{98869CF3-72F1-434B-A2A4-29D2E8B0D594} [21304 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
S4 DellAuthService.exe; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\DellAuthService.exe [2790584 2019-11-08] (Dell Inc -> Dell Inc.)
R2 DellMgmtAgent; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityFramework.Agent.exe [22200 2019-11-08] (Dell Inc -> )
R2 DellMgmtLoader; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\DCF.Loader.exe [40632 2019-11-08] (Dell Inc -> Dell Inc.)
R3 DellMgmtServer; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityFramework.LocalServer.exe [52408 2019-11-08] (Dell Inc -> Dell)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [353768 2018-12-22] (Intel Corporation -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6970968 2020-06-30] (Malwarebytes Inc -> Malwarebytes)
S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [310880 2018-09-05] (Intel Corporation -> )
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [4399224 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2020-01-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [10752 2020-07-23] () [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.6-0\NisSrv.exe [2169576 2020-07-22] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.6-0\MsMpEng.exe [128376 2020-07-22] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4059744 2018-09-05] (Intel Corporation -> Intel® Corporation)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [X]
S2 DellClientManagementService; "C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe" [X]
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
S3 wpscloudsvr; "E:\wpsDOWNLOAD\WPS Office\wpscloudsvr.exe" LocalService [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [65248 2016-10-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [35208 2020-05-26] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellProf; C:\WINDOWS\System32\drivers\DellProf.sys [41208 2017-12-14] (Techporch Incorporated -> Dell Computer Corporation)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [22864 2016-10-27] (WDKTestCert Andy_Chen6,131219483243550933 -> OSR Open Systems Resources, Inc.)
R3 e1dexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e1d68x64.inf_amd64_63a4db11c926c9ab\e1d68x64.sys [606672 2019-08-06] (Intel(R) INTELND1820 -> Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-06-30] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [216056 2020-07-22] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-06-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [197264 2020-07-24] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73368 2020-07-24] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-07-22] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [131232 2020-07-24] (Malwarebytes Inc -> Malwarebytes)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2019-03-18] (Microsoft Windows -> Intel Corporation)
S3 nusb3hub; C:\WINDOWS\system32\drivers\nusb3hub.sys [80384 2010-09-30] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
S3 nusb3xhc; C:\WINDOWS\system32\drivers\nusb3xhc.sys [180736 2010-09-30] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 O2FJ2RDR; C:\WINDOWS\System32\drivers\O2FJ2x64.sys [228024 2015-05-21] (BayHub Technology Inc. -> BayHubTech/O2Micro)
S3 POADrvr; C:\WINDOWS\System32\drivers\POADrvr.sys [31552 2017-02-20] (Techporch Incorporated -> Dell Computer Corporation)
R0 SEDFilter; C:\WINDOWS\System32\DRIVERS\SEDFilter.sys [240304 2019-11-08] (Dell Inc -> Dell Inc.)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [43008 2018-07-18] (Intel Corporation -> )
R0 stdcfltn; C:\WINDOWS\System32\DRIVERS\stdcfltn.sys [30352 2016-10-07] (STMICROELECTRONICS S.R.L. -> ST Microelectronics)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [78232 2020-07-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [430312 2020-07-22] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [98544 2020-07-22] (Microsoft Windows -> Microsoft Corporation)
U3 aswbdisk; no ImagePath
U3 idsvc; no ImagePath
S3 PCDSRVC{37C877D3-EA85C116-06020300}_0; \??\c:\program files\dell\supportassistagent\pcdr\supportassist\6.0.7106.1402\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-07-24 08:47 - 2020-07-24 08:47 - 000033172 _____ C:\Users\Admin\Downloads\FRST.txt
2020-07-24 08:45 - 2020-07-24 08:45 - 002294784 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2020-07-24 08:10 - 2020-07-24 08:10 - 000197264 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-07-24 08:10 - 2020-07-24 08:10 - 000131232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-07-24 08:10 - 2020-07-24 08:10 - 000073368 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-07-24 08:10 - 2020-07-24 08:10 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-07-23 21:08 - 2020-07-23 21:08 - 000000000 ____D C:\Program Files\Waves
2020-07-23 21:07 - 2020-07-23 21:07 - 000003218 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_PushButton
2020-07-23 21:07 - 2016-03-01 23:45 - 013243904 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO3064.dll
2020-07-23 21:07 - 2016-03-01 23:45 - 003309264 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2020-07-23 21:07 - 2016-03-01 23:45 - 002988768 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkAPO64.dll
2020-07-23 21:07 - 2016-03-01 23:45 - 002047000 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBAPO264.dll
2020-07-23 21:07 - 2016-03-01 23:45 - 001773888 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\MBAPO232.dll
2020-07-23 21:07 - 2016-03-01 23:45 - 001416832 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO6064.dll
2020-07-23 21:07 - 2016-03-01 23:45 - 001372528 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2020-07-23 21:07 - 2016-03-01 23:45 - 001231248 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
2020-07-23 21:07 - 2016-03-01 23:45 - 001183360 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2020-07-23 21:07 - 2016-03-01 23:45 - 001015608 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll
2020-07-23 21:07 - 2016-03-01 23:45 - 000930848 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBAPO64.dll
2020-07-23 21:07 - 2016-03-01 23:45 - 000784304 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\MBAPO32.dll
2020-07-23 21:07 - 2016-03-01 23:45 - 000693024 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2020-07-23 21:07 - 2016-03-01 23:45 - 000657304 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBTHX64.dll
2020-07-23 21:07 - 2016-03-01 23:45 - 000591640 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\MBTHX32.dll
2020-07-23 21:07 - 2016-03-01 23:45 - 000422432 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBWrp64.dll
2020-07-23 21:07 - 2016-03-01 23:45 - 000355496 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2020-07-23 21:07 - 2016-03-01 23:45 - 000333288 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2020-07-23 21:07 - 2016-03-01 23:45 - 000333288 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2020-07-23 21:07 - 2016-03-01 23:45 - 000205640 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2020-07-23 21:07 - 2016-03-01 23:45 - 000084056 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBppld64.dll
2020-07-23 21:07 - 2016-03-01 23:45 - 000079304 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBPPCn64.dll
2020-07-23 21:07 - 2016-03-01 23:44 - 072130584 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2020-07-23 21:07 - 2016-03-01 23:44 - 003709056 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioMeters64.exe
2020-07-23 21:07 - 2016-03-01 23:44 - 002955000 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2020-07-23 21:07 - 2016-03-01 23:44 - 002602744 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTDVHD64.sys
2020-07-23 21:07 - 2016-03-01 23:44 - 001848056 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2020-07-23 21:07 - 2016-03-01 23:44 - 001579248 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTDSnM64.cpl
2020-07-23 21:07 - 2016-03-01 23:44 - 000179960 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTHDASIO64.dll
2020-07-23 21:07 - 2016-03-01 23:44 - 000156408 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RTHDASIO.dll
2020-07-23 21:07 - 2016-03-01 23:44 - 000032400 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2020-07-23 21:07 - 2015-09-30 10:22 - 000002236 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2020-07-23 21:02 - 2020-07-23 21:04 - 236563720 _____ (Dell Inc.) C:\Users\Admin\Downloads\Audio_Driver_DFR6K_WN32_6.0.1.6098_A12(1).EXE
2020-07-23 20:58 - 2020-07-23 20:58 - 000645304 _____ (Dell Inc.) C:\Users\Admin\Downloads\SupportAssistLauncher(1).exe
2020-07-23 20:51 - 2020-07-23 20:51 - 028064096 _____ (Piriform Software Ltd) C:\Users\Admin\Downloads\ccsetup569(4).exe
2020-07-23 11:52 - 2020-07-23 11:52 - 000000793 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\adwcleaner_8.0.7.lnk
2020-07-23 11:46 - 2020-07-23 11:46 - 008414384 _____ (Malwarebytes) C:\Users\Admin\Desktop\adwcleaner_8.0.7.exe
2020-07-23 11:41 - 2020-07-23 21:07 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2020-07-23 11:40 - 2019-12-12 16:37 - 000026408 _____ C:\WINDOWS\EvtMessage.dll
2020-07-23 11:37 - 2020-07-24 08:27 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2020-07-23 11:37 - 2020-07-23 11:37 - 000000000 ____D C:\Program Files (x86)\DummyDir
2020-07-23 11:35 - 2020-07-23 11:36 - 084948256 _____ (Dell Inc.) C:\Users\Admin\Downloads\Dell-Alienware-Digital-Delivery-Application_9MRKW_WIN_4.0.52.0_A17.EXE
2020-07-23 11:35 - 2015-12-10 22:57 - 002825944 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2020-07-23 11:32 - 2020-07-23 11:34 - 236563720 _____ (Dell Inc.) C:\Users\Admin\Downloads\Audio_Driver_DFR6K_WN32_6.0.1.6098_A12.EXE
2020-07-23 11:32 - 2020-07-23 11:32 - 012362680 _____ (Dell Inc.) C:\Users\Admin\Downloads\Intel-Chipset-Device-Software_5MPRF_WIN_10.1.18121.8164_A09(1).EXE
2020-07-23 11:31 - 2020-07-23 11:31 - 000003738 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2020-07-23 11:30 - 2020-07-23 11:31 - 118087992 _____ (Dell Inc.) C:\Users\Admin\Downloads\Chipset_Driver_4J8MX_WN32_11.7.0.1035_A00_07(1).EXE
2020-07-23 11:29 - 2020-07-23 11:29 - 012362680 _____ (Dell Inc.) C:\Users\Admin\Downloads\Intel-Chipset-Device-Software_5MPRF_WIN_10.1.18121.8164_A09.EXE
2020-07-23 11:27 - 2020-07-23 11:27 - 118087992 _____ (Dell Inc.) C:\Users\Admin\Downloads\Chipset_Driver_4J8MX_WN32_11.7.0.1035_A00_07.EXE
2020-07-23 11:26 - 2020-07-23 11:26 - 011366464 _____ (Dell Inc.) C:\Users\Admin\Downloads\Chipset_Driver_64GG6_WN32_10.1.1.8_A01.EXE
2020-07-23 11:25 - 2020-07-23 11:25 - 036037008 _____ (Dell Inc.) C:\Users\Admin\Downloads\Chipset_Driver_CP3V3_WN32_4.10.67_A00.EXE
2020-07-23 11:24 - 2020-07-23 11:24 - 020388976 _____ (Dell Inc.) C:\Users\Admin\Downloads\Chipset_Driver_FFXJM_WN32_3.0.8.52_A00.EXE
2020-07-23 11:23 - 2020-07-23 11:23 - 063285160 _____ (Dell Inc.) C:\Users\Admin\Downloads\Chipset_Application_PRRRC_WN_9.5.14.1724_A01.EXE
2020-07-23 11:21 - 2020-07-23 11:21 - 093937248 _____ (Dell Inc.) C:\Users\Admin\Downloads\Dell-Touchpad-Driver_18D77_WIN_10.3201.101.215_A08.EXE
2020-07-23 11:20 - 2020-07-23 11:20 - 030363056 _____ (Dell Inc.) C:\Users\Admin\Downloads\Intel-PCIe-Ethernet-Controller-Driver_VP20T_WIN_24.1.0.0_A13_01.EXE
2020-07-23 11:19 - 2020-07-23 11:19 - 030880384 _____ (Dell Inc.) C:\Users\Admin\Downloads\Intel-9x60-826x-7265-3165-7260-Bluetooth-Legacy-Driver_PDYP9_WIN_20.60.0_A22.EXE
2020-07-23 11:18 - 2020-07-23 11:18 - 008404888 _____ (Dell Inc.) C:\Users\Admin\Downloads\Network_Driver_RN8CN_WN32_1.4.4_A01_01.EXE
2020-07-23 11:16 - 2020-07-23 11:17 - 224214408 _____ (Dell Inc.) C:\Users\Admin\Downloads\Network_Driver_MHJ5D_WN32_18.33.0.2_A19.EXE
2020-07-23 11:14 - 2020-07-23 11:15 - 026625368 _____ C:\Users\Admin\Downloads\Network_DIAG_Intel_A00_WIN_X64_2WRW9-SETUP_ZPE.exe
2020-07-23 11:10 - 2020-07-23 11:11 - 000000000 ____D C:\SeaTemp
2020-07-23 11:08 - 2020-07-23 11:08 - 049455056 _____ C:\Users\Admin\Downloads\Kahuna V_ZPE.exe
2020-07-23 11:07 - 2020-07-23 11:22 - 000000000 ____D C:\WINDOWS\LastGood
2020-07-23 11:07 - 2020-07-23 11:07 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2020-07-23 11:04 - 2020-07-23 11:06 - 223589592 _____ (Dell Inc.) C:\Users\Admin\Downloads\Intel-HD-Graphics-4000-5000-500-P500-series-Driver_WWW9Y_WIN_20.19.15.5063_A10_01.EXE
2020-07-23 11:03 - 2020-07-23 11:03 - 000000000 ____D C:\WINDOWS\{F831F06C-1206-41A5-96C6-1C0A6F7C2DCE}
2020-07-23 11:02 - 2020-07-23 11:03 - 024362336 _____ (Dell Inc.) C:\Users\Admin\Downloads\System-Utilities_Application_0X5N4_WN32_2.1.1.EXE
2020-07-23 11:02 - 2020-07-23 11:02 - 018341168 _____ (Dell Inc.) C:\Users\Admin\Downloads\Serial-ATA_Driver_6H7TV_WN64_14.5.0.1081_A00.EXE
2020-07-23 11:01 - 2020-07-23 11:01 - 027466104 _____ (Dell Inc.) C:\Users\Admin\Downloads\Serial-ATA_Driver_1YT2G_WN32_14.5.0.1081_A00.EXE
2020-07-23 11:00 - 2020-07-23 11:00 - 021484408 _____ (Dell Inc.) C:\Users\Admin\Downloads\Dell-Command-Update-Application_68GJ6_WIN_3.1.2_A00.EXE
2020-07-23 11:00 - 2020-07-23 11:00 - 000000000 ____D C:\WINDOWS\{7DA24A28-C923-41B7-A761-BD12300E8634}
2020-07-23 10:59 - 2020-07-23 10:59 - 000002433 _____ C:\Users\Public\Desktop\Dell Data Security Console.lnk
2020-07-23 10:59 - 2020-07-23 10:59 - 000002433 _____ C:\ProgramData\Desktop\Dell Data Security Console.lnk
2020-07-23 10:59 - 2020-07-23 10:59 - 000000000 ____D C:\WINDOWS\system32\update
2020-07-23 10:59 - 2019-11-08 11:56 - 000240304 _____ (Dell Inc.) C:\WINDOWS\system32\Drivers\SEDFilter.sys
2020-07-23 10:52 - 2020-07-23 10:54 - 423856746 _____ C:\Users\Admin\Downloads\Dell-Encryption-10.5.0.1.zip
2020-07-23 10:44 - 2020-07-23 10:59 - 000000576 _____ C:\WINDOWS\SysWOW64\PasswordPolicyCheck.txt
2020-07-23 10:44 - 2020-07-23 10:46 - 000000000 ____D C:\ProgramData\Security Innovation
2020-07-23 10:40 - 2020-07-23 10:42 - 369839617 _____ C:\Users\Admin\Downloads\STInstaller-1.12.0.21.zip
2020-07-23 10:11 - 2020-07-23 11:43 - 000465600 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-07-23 10:06 - 2020-07-23 10:07 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2020-07-23 09:47 - 2020-07-23 09:47 - 010163952 _____ C:\Users\Admin\Desktop\M6800A26.exe
2020-07-23 09:20 - 2020-07-23 09:20 - 028064096 _____ (Piriform Software Ltd) C:\Users\Admin\Downloads\ccsetup569(3).exe
2020-07-23 08:39 - 2020-07-23 08:39 - 000645304 _____ (Dell Inc.) C:\Users\Admin\Downloads\SupportAssistLauncher.exe
2020-07-23 08:25 - 2020-07-23 08:26 - 000000000 ____D C:\Users\Admin\Downloads\Intel SSD Toolbox-v3.5.14
2020-07-23 08:23 - 2020-07-23 08:27 - 000000022 _____ C:\Users\Admin\Downloads\Intel SSD Toolbox-v3.5.14.zip
2020-07-23 08:14 - 2020-07-23 08:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Processor Diagnostic Tool 64bit
2020-07-23 08:14 - 2020-07-23 08:14 - 000000000 ____D C:\Program Files\Intel Corporation
2020-07-23 08:13 - 2020-07-23 08:13 - 009994876 _____ () C:\Users\Admin\Downloads\IPDT_Installer_4.1.4.36_64bit.exe
2020-07-22 21:47 - 2020-07-22 21:47 - 028064096 _____ (Piriform Software Ltd) C:\Users\Admin\Downloads\ccsetup569(2).exe
2020-07-22 20:31 - 2020-07-22 20:31 - 028064096 _____ (Piriform Software Ltd) C:\Users\Admin\Downloads\ccsetup569(1).exe
2020-07-22 11:02 - 2020-07-22 11:02 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-07-22 11:02 - 2020-07-22 11:02 - 000216056 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-07-21 08:29 - 2020-07-21 08:29 - 028064096 _____ (Piriform Software Ltd) C:\Users\Admin\Downloads\ccsetup569.exe
2020-07-19 09:40 - 2020-07-19 09:41 - 275281923 _____ C:\Users\Admin\Downloads\Transfer(3).zip
2020-07-17 21:26 - 2020-07-17 21:26 - 000000227 _____ C:\Users\Admin\Desktop\U-pick Farm United States Cloverfield Organic Farm.URL
2020-07-16 18:51 - 2020-07-16 18:54 - 663624249 _____ C:\Users\Admin\Downloads\dnb1999-07-05.flac16.zip
2020-07-16 18:42 - 2020-07-16 18:43 - 174519190 _____ C:\Users\Admin\Downloads\HB2014-09-30.zip
2020-07-16 18:29 - 2020-07-16 18:33 - 720065292 _____ C:\Users\Admin\Downloads\dnb2002-07-24.flac16.zip
2020-07-16 18:19 - 2020-07-16 18:23 - 811989165 _____ C:\Users\Admin\Downloads\dnb2002-06-28.flac16.zip
2020-07-16 18:14 - 2020-07-16 18:16 - 463824601 _____ C:\Users\Admin\Downloads\dnb2000-05-12.flac16.zip
2020-07-16 17:49 - 2020-07-16 17:54 - 773059168 _____ C:\Users\Admin\Downloads\dnb2000-07-13.flac16.zip
2020-07-16 17:39 - 2020-07-16 17:43 - 761369378 _____ C:\Users\Admin\Downloads\MK2014-09-30.zip
2020-07-16 17:17 - 2020-07-16 17:22 - 795504669 _____ C:\Users\Admin\Downloads\PP2016-03-23.PurimParadigm2016-03-23.flac16.zip
2020-07-16 17:13 - 2020-07-16 17:15 - 386549837 _____ C:\Users\Admin\Downloads\GreggsEggs2000-08-13.nak300.miller.113766.flac16.zip
2020-07-16 16:53 - 2020-07-16 16:56 - 506573785 _____ C:\Users\Admin\Downloads\greggseggs2001-08-09._sbd.flac16.zip
2020-07-15 23:11 - 2020-06-29 21:32 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-07-15 23:11 - 2020-06-29 21:26 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-07-15 16:45 - 2020-07-15 16:46 - 202005725 _____ C:\Users\Admin\Downloads\Transfer(2).zip
2020-07-15 15:40 - 2020-07-15 15:46 - 1037281153 _____ C:\Users\Admin\Downloads\gd1977-12-29.133042.aud.troy-smith.flac16.zip
2020-07-15 14:48 - 2020-07-15 14:54 - 864617283 _____ C:\Users\Admin\Downloads\lf2003-07-01.sbd.miller.110252.flac16.zip
2020-07-15 14:30 - 2020-07-15 14:36 - 1192402576 _____ C:\Users\Admin\Downloads\zero2000-11-10.116356.beyer.flac.zip
2020-07-15 14:12 - 2020-07-15 14:17 - 907863228 _____ C:\Users\Admin\Downloads\zero1998-05-07.mg300.abramson.miller.xxxxx.flac16.zip
2020-07-15 13:41 - 2020-07-15 13:47 - 1045305822 _____ C:\Users\Admin\Downloads\zero1999-04-10.beyer.flacf.zip
2020-07-15 13:30 - 2020-07-15 13:33 - 575447222 _____ C:\Users\Admin\Downloads\zero1999-04-10s2sbd.zip
2020-07-15 13:11 - 2020-07-15 13:15 - 914583850 _____ C:\Users\Admin\Downloads\zero1993-04-23.matrix.flac16.zip
2020-07-15 12:56 - 2020-07-15 13:05 - 1331801680 _____ C:\Users\Admin\Downloads\zero2000-11-11.zip
2020-07-15 12:43 - 2020-07-15 12:49 - 909820345 _____ C:\Users\Admin\Downloads\zero1998-05-24.m300.flac16.zip
2020-07-15 12:38 - 2020-07-15 12:39 - 166838629 _____ C:\Users\Admin\Downloads\zero1988-07-16sbd.zip
2020-07-15 12:21 - 2020-07-15 12:25 - 584588267 _____ C:\Users\Admin\Downloads\dnb2001-06-15.zip
2020-07-15 12:15 - 2020-07-15 12:17 - 384979096 _____ C:\Users\Admin\Downloads\nrps1972-06-17.shure.melton.miller.116338.flac16.zip
2020-07-15 12:07 - 2020-07-15 12:12 - 847597701 _____ C:\Users\Admin\Downloads\lf2002-08-22.sbd.miller-ford.108241.sbeok.flac16.zip
2020-07-15 11:59 - 2020-07-15 12:00 - 265972609 _____ C:\Users\Admin\Downloads\LosLobos1989-05-27.sbd.flac16.zip
2020-07-15 11:45 - 2020-07-15 11:48 - 546759502 _____ C:\Users\Admin\Downloads\LosLobos1988-07-31LagunaSeca-Montereyca.zip
2020-07-15 11:07 - 2020-07-15 11:10 - 507922555 _____ C:\Users\Admin\Downloads\LosLobos2001-07-13.fm.vgrm493.flac16.zip
2020-07-15 11:01 - 2020-07-15 11:03 - 243289734 _____ C:\Users\Admin\Downloads\loslobos1996-07-07.litz.sbd.flac16.zip
2020-07-15 10:56 - 2020-07-15 10:58 - 465646060 _____ C:\Users\Admin\Downloads\loslobos1998-05-22.litz.sbd.flac16.zip
2020-07-15 10:39 - 2020-07-15 10:43 - 750993712 _____ C:\Users\Admin\Downloads\llb2011-07-31.akg460ck8.flac24.zip
2020-07-15 09:38 - 2020-07-15 09:42 - 691724927 _____ C:\Users\Admin\Downloads\lf1988-09-22.sbd.cafiero.134862.sbeok.flac16.zip
2020-07-15 09:25 - 2020-07-15 09:29 - 574504148 _____ C:\Users\Admin\Downloads\lf1975-05-23.sbd.38f.83545.sbeok.flac16.zip
2020-07-15 09:19 - 2020-07-15 09:21 - 259339113 _____ C:\Users\Admin\Downloads\lf1976-05-31.sbd.unknown.127223.sbeok.flac16.zip
2020-07-15 09:11 - 2020-07-15 09:13 - 308432752 _____ C:\Users\Admin\Downloads\lf1973-03-20.sbd.bluebomber.120003.sbeok.flac16.zip
2020-07-15 08:59 - 2020-07-15 09:00 - 237605928 _____ C:\Users\Admin\Downloads\lf1973-04-01.sbd.goody.cronin.smith.131378.sbeok.flac16.zip
2020-07-15 08:48 - 2020-07-15 08:51 - 488929096 _____ C:\Users\Admin\Downloads\lf1977-08-02.sbd.135985.sbeok.flac16(1).zip
2020-07-15 08:37 - 2020-07-15 08:37 - 000000000 ____D C:\WINDOWS\system32\Tasks\Intel
2020-07-15 08:37 - 2020-07-15 08:37 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2020-07-14 23:18 - 2020-06-05 14:03 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-07-14 23:18 - 2020-06-05 14:03 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-07-14 17:03 - 2020-07-14 17:22 - 3283414669 _____ C:\Users\Admin\Downloads\ymsb2011-04-10.taperjeff.akg483-v3.flac24.zip
2020-07-14 16:50 - 2020-07-14 16:54 - 835793553 _____ C:\Users\Admin\Downloads\ymsb2008-10-16.mtx.95487.flac16.zip
2020-07-14 16:25 - 2020-07-14 16:36 - 2255852029 _____ C:\Users\Admin\Downloads\ymsb2013-08-01.dpa.4023.flac24.zip
2020-07-14 16:16 - 2020-07-14 16:18 - 456016946 _____ C:\Users\Admin\Downloads\ymsb2012-07-20.zip
2020-07-14 15:46 - 2020-07-14 16:07 - 2869501917 _____ C:\Users\Admin\Downloads\YonderMountainStringBand2013-08-03.Nak300CP4.Keo.Flac2496.zip
2020-07-14 15:24 - 2020-07-14 15:29 - 892599288 _____ C:\Users\Admin\Downloads\ymsb2002-04-20.flac16.sbd.zip
2020-07-14 14:58 - 2020-07-14 15:04 - 1357566135 _____ C:\Users\Admin\Downloads\sci2017-08-06.SonyPCM-D50_24x48.zip
2020-07-14 14:12 - 2020-07-14 14:16 - 959834627 _____ C:\Users\Admin\Downloads\sci1997-10-01.flac.zip
2020-07-14 13:37 - 2020-07-14 13:49 - 2195323255 _____ C:\Users\Admin\Downloads\sci2006-09-16.flac24.zip
2020-07-14 13:23 - 2020-07-14 13:30 - 1150047330 _____ C:\Users\Admin\Downloads\sci2001-03-10.mtx.miller.110384.flac16.zip
2020-07-14 13:14 - 2020-07-14 13:17 - 711233995 _____ C:\Users\Admin\Downloads\sci1998-09-03.sbd.shnf.zip
2020-07-14 12:28 - 2020-07-14 12:39 - 2102879108 _____ C:\Users\Admin\Downloads\los2013-09-19.tlm170.flac24.zip
2020-07-14 12:13 - 2020-07-14 12:19 - 1124303728 _____ C:\Users\Admin\Downloads\LoS2011-12-30.flac2448.zip
2020-07-14 12:05 - 2020-07-14 12:06 - 179857330 _____ C:\Users\Admin\Downloads\LoS2011-02-26.mtx.teamdrink.112845.flac24.zip
2020-07-14 11:54 - 2020-07-14 11:58 - 744274366 _____ C:\Users\Admin\Downloads\LoS1999-05-27.sbd.teamdrink.flac16.zip
2020-07-14 11:19 - 2020-07-14 11:24 - 968757739 _____ C:\Users\Admin\Downloads\dtb2008-07-12.ka500.603a.722.flac24.zip
2020-07-14 10:58 - 2020-07-14 11:04 - 969409932 _____ C:\Users\Admin\Downloads\Dawes2010-11-13.matrix2448.zip
2020-07-14 10:38 - 2020-07-14 10:43 - 1034818353 _____ C:\Users\Admin\Downloads\Dawes2016-04-15.EarthworksTC25.SBD.flac24.zip
2020-07-14 08:45 - 2020-07-14 08:45 - 009585208 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2020-07-13 08:13 - 2020-07-13 08:13 - 009158192 _____ C:\Users\Admin\Downloads\mb-support-1.6.2.802.exe
2020-07-13 08:13 - 2020-07-13 08:13 - 002292736 _____ (Farbar) C:\Users\Admin\Downloads\FRSTEnglish.exe
2020-07-12 18:54 - 2020-07-12 18:55 - 017770112 _____ C:\Users\Admin\Downloads\Transfer(1).zip
2020-07-11 23:22 - 2020-07-11 23:22 - 000000407 _____ C:\Users\Admin\Desktop\Internet Archive Search Engine.URL
2020-07-11 23:15 - 2020-07-11 23:19 - 798955082 _____ C:\Users\Admin\Downloads\dnb2000-01-01.flac16.zip
2020-07-11 23:00 - 2020-07-11 23:03 - 448707402 _____ C:\Users\Admin\Downloads\dnb2004-05-14.shnf.zip
2020-07-11 22:54 - 2020-07-11 22:57 - 409216819 _____ C:\Users\Admin\Downloads\dnb1997-10-26.139316.dsbd.ONT.flac16.zip
2020-07-11 22:39 - 2020-07-11 22:43 - 849077833 _____ C:\Users\Admin\Downloads\Dawes2011-03-13.zip
2020-07-11 22:21 - 2020-07-11 22:24 - 426918287 _____ C:\Users\Admin\Downloads\dawes2017-08-22.skm140.sunboy.flac24.zip
2020-07-11 21:58 - 2020-07-11 22:10 - 1799184815 _____ C:\Users\Admin\Downloads\soulive2012-03-06.mk21.flac24.zip
2020-07-11 21:33 - 2020-07-11 21:50 - 3334040808 _____ C:\Users\Admin\Downloads\soulive2012-03-10.mk21.flac24.zip
2020-07-11 21:15 - 2020-07-11 21:23 - 1328208135 _____ C:\Users\Admin\Downloads\Soulive2018-03-03.sbd.matrix.cafiero.flac16.zip
2020-07-11 20:43 - 2020-07-11 20:57 - 2740528949 _____ C:\Users\Admin\Downloads\soulive2019-07-11.cmc621.cmc641vxt.sbd.matrix.flac24.zip
2020-07-11 20:10 - 2020-07-11 20:29 - 3627830164 _____ C:\Users\Admin\Downloads\soulive2019-07-18.cmc621.cmc641vxt.sbd.matrix.flac24.zip
2020-07-11 19:52 - 2020-07-11 19:56 - 714286458 _____ C:\Users\Admin\Downloads\soulive2020-02-15.akgc426ck8.zip
2020-07-11 19:44 - 2020-07-11 19:47 - 731353554 _____ C:\Users\Admin\Downloads\soulive2020-02-15.ck8-24.zip
2020-07-09 10:37 - 2020-07-22 08:01 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Zoom
2020-07-09 10:37 - 2020-07-09 10:37 - 012825200 _____ (Zoom Video Communications, Inc.) C:\Users\Admin\Downloads\ZoomInstaller.exe
2020-07-09 08:49 - 2020-07-09 08:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-07-09 08:44 - 2020-07-10 07:32 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-07-09 08:36 - 2020-07-09 08:36 - 008420016 _____ (Malwarebytes) C:\Users\Admin\Downloads\adwcleaner_8.0.6.exe
2020-07-07 21:36 - 2020-07-07 21:41 - 975862688 _____ C:\Users\Admin\Downloads\GOE2018-08-24.GOE2018-08-24.flac16.zip
2020-07-07 21:20 - 2020-07-07 21:24 - 941711021 _____ C:\Users\Admin\Downloads\GOE2011-12-16.flac16.zip
2020-07-07 21:04 - 2020-07-07 21:06 - 498022833 _____ C:\Users\Admin\Downloads\dnb2002-06-25.flac16.zip
2020-07-07 20:58 - 2020-07-07 21:00 - 499513255 _____ C:\Users\Admin\Downloads\dnb2002-08-24.matrix.lund.29007.sbeok.flac16.zip
2020-07-07 20:50 - 2020-07-07 20:53 - 450693201 _____ C:\Users\Admin\Downloads\dnb2002-06-22.flac16.zip
2020-07-07 20:37 - 2020-07-07 20:41 - 789807778 _____ C:\Users\Admin\Downloads\dnb2001-08-04.flac16.zip
2020-07-07 20:29 - 2020-07-07 20:33 - 559170726 _____ C:\Users\Admin\Downloads\dnb2001-11-02.flac16.zip
2020-07-07 20:19 - 2020-07-07 20:23 - 562604959 _____ C:\Users\Admin\Downloads\dnb2001-12-30.flac16.zip
2020-07-07 20:11 - 2020-07-07 20:13 - 266905302 _____ C:\Users\Admin\Downloads\dnb2001-12-31.sbd.selleseth.flac16.zip
2020-07-07 20:01 - 2020-07-07 20:02 - 231820732 _____ C:\Users\Admin\Downloads\dnb1999-07-18.flac16.zip
2020-07-07 19:54 - 2020-07-07 19:56 - 306687570 _____ C:\Users\Admin\Downloads\dnb1999-07-09.flac16.zip
2020-07-07 19:22 - 2020-07-07 19:25 - 556822671 _____ C:\Users\Admin\Downloads\nms2005-07-02.tlm170.flac16-48.zip
2020-07-07 18:57 - 2020-07-07 19:02 - 839841905 _____ C:\Users\Admin\Downloads\bfft2003-11-28.sbd.flac16.zip
2020-07-07 18:38 - 2020-07-07 18:41 - 497774684 _____ C:\Users\Admin\Downloads\Bela_Fleck_and_the_Flecktones_High_Sierra_Main_Stage_2006-07-01.zip
2020-07-07 18:22 - 2020-07-07 18:27 - 792557991 _____ C:\Users\Admin\Downloads\bfft1991-08-18.cm300s.flac16.zip
2020-07-07 16:44 - 2020-07-07 17:19 - 768459766 _____ C:\Users\Admin\Downloads\gd1981-12-31.143777.5-1.tobin.flac1648.zip
2020-07-07 08:31 - 2020-07-07 08:31 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-07-07 08:30 - 2020-07-07 08:30 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-07-02 07:04 - 2020-07-02 07:04 - 000000233 _____ C:\Users\Admin\Desktop\Walmart Grocery - Reserve a Time.URL
2020-07-01 08:20 - 2020-07-01 08:20 - 000098857 _____ C:\Users\Admin\Desktop\Lee's Burn Pile Additions.pdf
2020-06-30 09:30 - 2020-06-30 09:30 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-07-24 08:47 - 2019-12-19 11:11 - 000000000 ____D C:\FRST
2020-07-24 08:20 - 2019-03-18 21:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-07-24 08:20 - 2017-12-13 10:51 - 000000000 ____D C:\ProgramData\Package Cache
2020-07-24 08:15 - 2020-01-04 14:38 - 000937380 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-07-24 08:15 - 2019-03-18 21:50 - 000000000 ____D C:\WINDOWS\INF
2020-07-24 08:11 - 2017-12-14 15:58 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Mozilla
2020-07-24 08:10 - 2020-01-04 14:36 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-07-24 08:10 - 2019-03-18 21:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-07-24 08:10 - 2017-12-13 13:36 - 000000000 __SHD C:\Users\Admin\IntelGraphicsProfiles
2020-07-24 08:10 - 2017-12-13 12:23 - 000000000 ____D C:\ProgramData\NVIDIA
2020-07-24 07:49 - 2018-07-14 08:26 - 000000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2020-07-24 07:43 - 2019-12-10 12:37 - 000000000 ____D C:\Program Files (x86)\Dell
2020-07-24 07:43 - 2017-12-13 10:51 - 000000000 ____D C:\ProgramData\Dell
2020-07-24 07:40 - 2020-02-27 00:23 - 000004154 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{A2DCE1B5-0E94-45BE-950C-59FDF463A8FA}
2020-07-24 07:39 - 2020-01-04 14:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-07-23 23:11 - 2019-03-18 21:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-07-23 23:11 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-07-23 21:16 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\Registration
2020-07-23 21:15 - 2017-12-13 11:48 - 000000000 ___HD C:\Program Files (x86)\Temp
2020-07-23 21:07 - 2020-01-04 14:28 - 000031095 _____ C:\WINDOWS\system32\Drivers\rtwavesEFX.dat
2020-07-23 21:07 - 2020-01-04 14:28 - 000010945 _____ C:\WINDOWS\system32\Drivers\rtwavesMFX.dat
2020-07-23 21:07 - 2017-12-13 11:48 - 001019725 _____ C:\WINDOWS\system32\Drivers\rtwavesskdy.dat
2020-07-23 21:07 - 2017-12-13 11:48 - 000421205 _____ C:\WINDOWS\system32\Drivers\rtwavesmapro.dat
2020-07-23 21:07 - 2017-12-13 11:48 - 000026404 _____ C:\WINDOWS\system32\Drivers\rtwavesmaprocap.dat
2020-07-23 21:04 - 2017-12-13 11:48 - 000001536 _____ C:\WINDOWS\SysWOW64\RtkMsgs.dll
2020-07-23 20:45 - 2017-12-13 11:01 - 000000000 ____D C:\Program Files\Dell
2020-07-23 12:29 - 2018-06-15 12:21 - 000000000 ____D C:\Users\Admin\AppData\Local\ElevatedDiagnostics
2020-07-23 11:43 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
2020-07-23 11:43 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2020-07-23 11:43 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2020-07-23 11:37 - 2020-01-03 17:19 - 000000000 ____D C:\ProgramData\Packages
2020-07-23 11:37 - 2020-01-03 17:02 - 000000000 ____D C:\Users\Admin\AppData\Local\Packages
2020-07-23 11:37 - 2017-12-13 11:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2020-07-23 11:35 - 2017-12-13 11:01 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-07-23 11:29 - 2017-12-13 10:52 - 000000000 ____D C:\Program Files\Intel
2020-07-23 10:59 - 2019-03-18 21:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2020-07-23 10:59 - 2019-03-18 21:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2020-07-23 10:59 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-07-23 10:59 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2020-07-23 10:59 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-07-23 10:59 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2020-07-23 10:47 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-07-23 10:11 - 2020-02-10 09:06 - 000000000 ____D C:\WINDOWS\Panther
2020-07-23 10:11 - 2018-08-24 23:45 - 000021050 _____ C:\WINDOWS\system32\results.xml
2020-07-23 08:43 - 2018-02-15 11:15 - 000000000 ____D C:\ProgramData\PCDr
2020-07-22 20:24 - 2020-01-04 14:36 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-07-22 08:06 - 2019-03-18 21:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-07-19 08:37 - 2018-01-11 12:00 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Skype
2020-07-15 08:37 - 2018-01-11 11:46 - 000000000 ____D C:\Program Files\DellTPad
2020-07-15 08:37 - 2017-12-13 12:39 - 000000000 ____D C:\Intel
2020-07-14 08:45 - 2020-01-04 14:36 - 000004574 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-07-14 08:45 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-07-10 07:32 - 2017-12-14 15:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-07-09 08:49 - 2017-12-14 15:58 - 000000936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-06-30 09:30 - 2020-04-17 15:25 - 000002025 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-06-30 09:30 - 2020-04-17 15:25 - 000002025 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-06-30 09:29 - 2020-05-29 08:56 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-06-30 09:29 - 2020-04-17 15:24 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-06-27 07:32 - 2020-05-13 08:58 - 000025830 _____ C:\Users\Admin\Desktop\Lee's Burn Pile Additions.odt

==================== Files in the root of some directories ========

2019-12-13 18:06 - 2019-12-13 18:06 - 000058288 _____ () C:\Users\Admin\AppData\Roaming\01844566e1ea464899fc8b43f8ee4704
2019-12-13 18:06 - 2019-12-13 18:06 - 000017410 _____ () C:\Users\Admin\AppData\Roaming\01844566e1ea464899fc8b43f8ee4704thumb
2019-12-13 18:08 - 2019-12-13 18:08 - 000058288 _____ () C:\Users\Admin\AppData\Roaming\074777ff3bfa42b79a23e155401db39d
2019-12-13 18:08 - 2019-12-13 18:08 - 000017410 _____ () C:\Users\Admin\AppData\Roaming\074777ff3bfa42b79a23e155401db39dthumb
2019-12-13 18:07 - 2019-12-13 18:07 - 000058288 _____ () C:\Users\Admin\AppData\Roaming\0bc18da66360477bac807282815361a1
2019-12-13 18:07 - 2019-12-13 18:07 - 000017410 _____ () C:\Users\Admin\AppData\Roaming\0bc18da66360477bac807282815361a1thumb
2019-12-13 18:08 - 2019-12-13 18:08 - 000058288 _____ () C:\Users\Admin\AppData\Roaming\0d3d5332f5c54e63a5d56b3599203008
2019-12-13 18:08 - 2019-12-13 18:08 - 000017410 _____ () C:\Users\Admin\AppData\Roaming\0d3d5332f5c54e63a5d56b3599203008thumb
2019-12-13 18:07 - 2019-12-13 18:07 - 000058288 _____ () C:\Users\Admin\AppData\Roaming\119e2cce4a1a4582807eea67dfa93947
2019-12-13 18:07 - 2019-12-13 18:07 - 000017410 _____ () C:\Users\Admin\AppData\Roaming\119e2cce4a1a4582807eea67dfa93947thumb
2019-12-13 18:07 - 2019-12-13 18:07 - 000058288 _____ () C:\Users\Admin\AppData\Roaming\1ac7808d7ed743e899fc1e39e32236e0
2019-12-13 18:07 - 2019-12-13 18:07 - 000017410 _____ () C:\Users\Admin\AppData\Roaming\1ac7808d7ed743e899fc1e39e32236e0thumb
2019-12-13 18:07 - 2019-12-13 18:07 - 000058288 _____ () C:\Users\Admin\AppData\Roaming\213c00b7888449348a369a29a4295d96
2019-12-13 18:07 - 2019-12-13 18:07 - 000017410 _____ () C:\Users\Admin\AppData\Roaming\213c00b7888449348a369a29a4295d96thumb
2019-12-13 18:08 - 2019-12-13 18:08 - 000058288 _____ () C:\Users\Admin\AppData\Roaming\2750a20cbdf14828ab541058f8fd9ef1
2019-12-13 18:08 - 2019-12-13 18:08 - 000017410 _____ () C:\Users\Admin\AppData\Roaming\2750a20cbdf14828ab541058f8fd9ef1thumb
2019-12-13 18:06 - 2019-12-13 18:06 - 000058288 _____ () C:\Users\Admin\AppData\Roaming\2e385a6151144c6dbf3ce9b47037a1eb
2019-12-13 18:06 - 2019-12-13 18:06 - 000017410 _____ () C:\Users\Admin\AppData\Roaming\2e385a6151144c6dbf3ce9b47037a1ebthumb
2019-12-13 18:07 - 2019-12-13 18:07 - 000058288 _____ () C:\Users\Admin\AppData\Roaming\33362a26ed34442ab453406769b97c53
2019-12-13 18:07 - 2019-12-13 18:07 - 000017410 _____ () C:\Users\Admin\AppData\Roaming\33362a26ed34442ab453406769b97c53thumb
2019-12-13 18:07 - 2019-12-13 18:07 - 000058288 _____ () C:\Users\Admin\AppData\Roaming\4581c067b7364532bf2994abc3eee60d
2019-12-13 18:07 - 2019-12-13 18:07 - 000017410 _____ () C:\Users\Admin\AppData\Roaming\4581c067b7364532bf2994abc3eee60dthumb
2019-12-13 18:08 - 2019-12-13 18:08 - 000058288 _____ () C:\Users\Admin\AppData\Roaming\47e693a2746040ed809b551dab5bc682
2019-12-13 18:08 - 2019-12-13 18:08 - 000017410 _____ () C:\Users\Admin\AppData\Roaming\47e693a2746040ed809b551dab5bc682thumb
2019-12-13 18:07 - 2019-12-13 18:07 - 000058288 _____ () C:\Users\Admin\AppData\Roaming\56a507ae62f646e8a25d5e35280cfe3d
2019-12-13 18:07 - 2019-12-13 18:07 - 000017410 _____ () C:\Users\Admin\AppData\Roaming\56a507ae62f646e8a25d5e35280cfe3dthumb
2019-12-13 18:07 - 2019-12-13 18:07 - 000058288 _____ () C:\Users\Admin\AppData\Roaming\6620323f92874d12ac54cbb162446994
2019-12-13 18:07 - 2019-12-13 18:07 - 000017410 _____ () C:\Users\Admin\AppData\Roaming\6620323f92874d12ac54cbb162446994thumb
2019-12-13 18:08 - 2019-12-13 18:08 - 000058288 _____ () C:\Users\Admin\AppData\Roaming\6648cd8d037649b3a510b38b73db45b3
2019-12-13 18:08 - 2019-12-13 18:08 - 000017410 _____ () C:\Users\Admin\AppData\Roaming\6648cd8d037649b3a510b38b73db45b3thumb
2019-12-13 18:08 - 2019-12-13 18:08 - 000058288 _____ () C:\Users\Admin\AppData\Roaming\6b816424adc1453d9a93e857aa138c30
2019-12-13 18:08 - 2019-12-13 18:08 - 000017410 _____ () C:\Users\Admin\AppData\Roaming\6b816424adc1453d9a93e857aa138c30thumb
2019-12-13 18:07 - 2019-12-13 18:07 - 000058288 _____ () C:\Users\Admin\AppData\Roaming\6c1580ff1541428fa0e3fadb4667e8f0
2019-12-13 18:07 - 2019-12-13 18:07 - 000017410 _____ () C:\Users\Admin\AppData\Roaming\6c1580ff1541428fa0e3fadb4667e8f0thumb
2019-12-13 18:08 - 2019-12-13 18:08 - 000058288 _____ () C:\Users\Admin\AppData\Roaming\75966f9feaf244b0b64dfdf2d841ce3b
2019-12-13 18:08 - 2019-12-13 18:08 - 000017410 _____ () C:\Users\Admin\AppData\Roaming\75966f9feaf244b0b64dfdf2d841ce3bthumb
2019-12-13 18:08 - 2019-12-13 18:08 - 000058288 _____ () C:\Users\Admin\AppData\Roaming\93839fd327c2400c94a0ecdd8d8f50df
2019-12-13 18:08 - 2019-12-13 18:08 - 000017410 _____ () C:\Users\Admin\AppData\Roaming\93839fd327c2400c94a0ecdd8d8f50dfthumb
2019-12-13 18:06 - 2019-12-13 18:06 - 000058288 _____ () C:\Users\Admin\AppData\Roaming\a44e73ac60ec4ecbab6bcea932d0d4bd
2019-12-13 18:06 - 2019-12-13 18:06 - 000017410 _____ () C:\Users\Admin\AppData\Roaming\a44e73ac60ec4ecbab6bcea932d0d4bdthumb
2019-12-13 18:06 - 2019-12-13 18:06 - 000058288 _____ () C:\Users\Admin\AppData\Roaming\a610a0e59b3b446695ed24fcd46f4507
2019-12-13 18:06 - 2019-12-13 18:06 - 000017410 _____ () C:\Users\Admin\AppData\Roaming\a610a0e59b3b446695ed24fcd46f4507thumb
2019-12-13 18:07 - 2019-12-13 18:07 - 000116576 _____ () C:\Users\Admin\AppData\Roaming\b519ab3d6e5140f084bc41189ced4151
2019-12-13 18:07 - 2019-12-13 18:07 - 000034820 _____ () C:\Users\Admin\AppData\Roaming\b519ab3d6e5140f084bc41189ced4151thumb
2019-12-13 18:06 - 2019-12-13 18:06 - 000058288 _____ () C:\Users\Admin\AppData\Roaming\bd538d651347495e9caeb2ec855b161a
2019-12-13 18:06 - 2019-12-13 18:06 - 000017410 _____ () C:\Users\Admin\AppData\Roaming\bd538d651347495e9caeb2ec855b161athumb
2019-12-13 18:07 - 2019-12-13 18:07 - 000058288 _____ () C:\Users\Admin\AppData\Roaming\bd711578efca493a81dfa53e56c60b93
2019-12-13 18:07 - 2019-12-13 18:07 - 000017410 _____ () C:\Users\Admin\AppData\Roaming\bd711578efca493a81dfa53e56c60b93thumb
2019-12-13 18:08 - 2019-12-13 18:08 - 000058288 _____ () C:\Users\Admin\AppData\Roaming\c613cecd07614db195a806c1ec95248c
2019-12-13 18:08 - 2019-12-13 18:08 - 000017410 _____ () C:\Users\Admin\AppData\Roaming\c613cecd07614db195a806c1ec95248cthumb
2019-12-13 18:06 - 2019-12-13 18:06 - 000058288 _____ () C:\Users\Admin\AppData\Roaming\d8710bbd968d490fb3f83c1496f4462d
2019-12-13 18:06 - 2019-12-13 18:06 - 000017410 _____ () C:\Users\Admin\AppData\Roaming\d8710bbd968d490fb3f83c1496f4462dthumb
2019-12-13 18:07 - 2019-12-13 18:07 - 000058288 _____ () C:\Users\Admin\AppData\Roaming\dbf8d4432b4c447baab452385901c41c
2019-12-13 18:07 - 2019-12-13 18:07 - 000017410 _____ () C:\Users\Admin\AppData\Roaming\dbf8d4432b4c447baab452385901c41cthumb
2019-12-13 18:06 - 2019-12-13 18:06 - 000058288 _____ () C:\Users\Admin\AppData\Roaming\dbfa349b957e49dba5f1a714198eee51
2019-12-13 18:06 - 2019-12-13 18:06 - 000017410 _____ () C:\Users\Admin\AppData\Roaming\dbfa349b957e49dba5f1a714198eee51thumb
2019-12-13 18:05 - 2019-12-13 18:05 - 000095085 _____ () C:\Users\Admin\AppData\Roaming\DefaultAlbumArt.png
2019-12-13 18:05 - 2019-12-13 18:05 - 000165847 _____ () C:\Users\Admin\AppData\Roaming\DefaultArtistArt.png
2019-12-13 18:05 - 2019-12-13 18:05 - 000164313 _____ () C:\Users\Admin\AppData\Roaming\DefaultPlaylistArt.png
2019-12-13 18:05 - 2019-12-13 18:05 - 000095085 _____ () C:\Users\Admin\AppData\Roaming\DefaultTrackArt.png
2019-12-13 18:08 - 2019-12-13 18:08 - 000058288 _____ () C:\Users\Admin\AppData\Roaming\e97ef139c3a64d759cca53c03b388e9b
2019-12-13 18:08 - 2019-12-13 18:08 - 000017410 _____ () C:\Users\Admin\AppData\Roaming\e97ef139c3a64d759cca53c03b388e9bthumb
2019-12-13 18:07 - 2019-12-13 18:07 - 000058288 _____ () C:\Users\Admin\AppData\Roaming\ec1e5b4fa60243828140332d1fbcc8c4
2019-12-13 18:07 - 2019-12-13 18:07 - 000017410 _____ () C:\Users\Admin\AppData\Roaming\ec1e5b4fa60243828140332d1fbcc8c4thumb
2019-12-13 18:08 - 2019-12-13 18:08 - 000058288 _____ () C:\Users\Admin\AppData\Roaming\ef41d1e1b9024ed3829742f89223b1c9
2019-12-13 18:08 - 2019-12-13 18:08 - 000017410 _____ () C:\Users\Admin\AppData\Roaming\ef41d1e1b9024ed3829742f89223b1c9thumb
2019-12-13 18:06 - 2019-12-13 18:06 - 000058288 _____ () C:\Users\Admin\AppData\Roaming\f22d90610a4a4ce292693c323b143ef4
2019-12-13 18:06 - 2019-12-13 18:06 - 000017410 _____ () C:\Users\Admin\AppData\Roaming\f22d90610a4a4ce292693c323b143ef4thumb
2019-12-13 18:06 - 2019-12-13 18:06 - 000058288 _____ () C:\Users\Admin\AppData\Roaming\f952db7863d24f1c8f620f2a44146ce3
2019-12-13 18:06 - 2019-12-13 18:06 - 000017410 _____ () C:\Users\Admin\AppData\Roaming\f952db7863d24f1c8f620f2a44146ce3thumb
2020-02-16 10:43 - 2020-02-16 10:43 - 000000017 _____ () C:\Users\Admin\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

I will now click the box that says "Addition.txt is saved in the same directory FRST is located.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-07-2020
Ran by Admin (24-07-2020 08:48:19)
Running from C:\Users\Admin\Downloads
Windows 10 Pro Version 1909 18363.535 (X64) (2020-01-04 21:36:53)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Admin (S-1-5-21-2813573738-3828652003-1143853048-1000 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2813573738-3828652003-1143853048-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2813573738-3828652003-1143853048-503 - Limited - Disabled)
Guest (S-1-5-21-2813573738-3828652003-1143853048-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2813573738-3828652003-1143853048-1002 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-2813573738-3828652003-1143853048-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
7-Zip 19.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.009.20074 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.89 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.403 - Adobe)
CmgMasterPrerequisites (HKLM\...\{EE34FA4E-715A-46FA-9CAF-06E26AE4217D}) (Version: 1.12.0.21 - Dell, Inc.) Hidden
Dell Command | Update (HKLM-x32\...\{0C8D5FDB-111E-4F8C-B469-5F330066410E}) (Version: 3.1.2 - Dell, Inc.)
Dell ControlVault Host Components Installer 64 bit (HKLM\...\{74117219-F4F7-4CB7-98A2-AAF9D6D9928C}) (Version: 3.4.8.14 - Broadcom Corporation)
Dell Data Protection | Security Tools (HKLM-x32\...\InstallShield_{812AA6D3-5BEB-4577-88B1-00998B91AB41}) (Version: 1.12.0.21 - Dell, Inc.) Hidden
Dell Data Security (HKLM-x32\...\{4BD6339D-77DF-4AD3-94C2-9E9305DD9A60}) (Version: 10.5.0.1 - Dell, Inc.) Hidden
Dell Data Security (HKLM-x32\...\InstallShield_{4BD6339D-77DF-4AD3-94C2-9E9305DD9A60}) (Version: 10.5.0.1 - Dell, Inc.) Hidden
Dell Digital Delivery Services (HKLM-x32\...\{CC5730C7-C867-43BD-94DA-00BB3836906F}) (Version: 4.0.52.0 - Dell Inc.)
Dell Encryption Management Agent - x64 (HKLM\...\{2749F664-7BB7-426C-80E7-5AA2F288B80B}) (Version: 10.5.0.1 - Dell, Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.3201.101.215 - ALPSALPINE CO., LTD.)
HP Dropbox Plugin (HKLM-x32\...\{96A402D4-6126-4899-AEA8-AA764304A7B1}) (Version: 49.1.321.0 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{39BEAF4B-67DB-4820-9864-BCCD4E6C5987}) (Version: 49.1.321.0 - HP)
HP FTP Plugin (HKLM-x32\...\{F6E456FC-18B7-4F41-AF13-9EECFF500A46}) (Version: 49.1.321.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{9EDF968A-5D0C-4AF3-9669-1369E2921AA1}) (Version: 49.1.321.0 - HP)
HP OfficeJet Pro 9010 series Basic Device Software (HKLM\...\{8B9002AC-982D-4474-8D98-C5339BD62A9D}) (Version: 49.3.4475.19206 - HP Inc.)
HP SFTP Plugin (HKLM-x32\...\{1A3B3517-5C77-4382-9915-B8F0C2AB691F}) (Version: 49.1.321.0 - HP)
HP SharePoint Plugin (HKLM-x32\...\{DB2306C6-0DEA-4468-AE0F-9CDEA7BE842E}) (Version: 49.1.321.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S OCR (HKLM-x32\...\{E793D9AC-4A93-402F-84AD-9C5C752CCBE8}) (Version: 15.4.1132.0 - HP Inc.)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel Driver && Support Assistant (HKLM-x32\...\{06626F51-076E-4195-B040-1EAB58735E21}) (Version: 20.5.20.3 - Intel) Hidden
Intel Processor Diagnostic Tool 64bit (HKLM-x32\...\{d23ef847-2a5d-49ad-a6b5-7ffc8f255179}) (Version: 4.1.4.36 - )
Intel(R) Chipset Device Software (HKLM-x32\...\{37942a92-9e3f-4d70-9b5c-5955cbc54505}) (Version: 10.1.18121.8164 - Intel(R) Corporation)
Intel(R) Computing Improvement Program (HKLM\...\{93FE134F-7678-4D90-A849-6FF6EB28CCDF}) (Version: 2.4.04289 - Intel Corporation)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1035 - Intel Corporation)
Intel(R) Network Connections 20.1.2019.0 (HKLM\...\PROSetDX) (Version: 20.1.2019.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5063 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.16.1063 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.4.40 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM\...\{00000060-0200-4FD1-8F3D-148929CC1385}) (Version: 20.60.0 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000060-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
LibreOffice 6.4.4.2 (HKLM\...\{F00C391B-6092-40E7-9ECD-144933865571}) (Version: 6.4.4.2 - The Document Foundation)
Malwarebytes version 4.1.2.73 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.2.73 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.6448.1 - Waves Audio Ltd.) Hidden
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 78.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 78.0.2 (x64 en-US)) (Version: 78.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.3 - Mozilla)
NVIDIA 3D Vision Driver 389.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 389.08 - NVIDIA Corporation)
NVIDIA Graphics Driver 389.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 389.08 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA nView 148.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 148.92 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NVIDIA Update 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA WMI 2.31.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.31.0 - NVIDIA Corporation)
O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\{1BCDE46C-168C-463A-81F4-B763F2D20537}) (Version: 3.0.08.52 - O2Micro International LTD.) Hidden
O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\InstallShield_{1BCDE46C-168C-463A-81F4-B763F2D20537}) (Version: 3.0.08.52 - O2Micro International LTD.)
Product Improvement Study for HP OfficeJet Pro 9010 series (HKLM\...\{15377C69-A10D-4B52-9F72-8568BE5833CC}) (Version: 49.3.4475.19206 - HP Inc.)
Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6086 - Realtek Semiconductor Corp.)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.10.0067 - ST Microelectronics)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Windows 7 Games for Windows 10 and 8 (HKLM\...\Win7Games) (Version: 2.0 - hxxp://winaero.com)
Windows Driver Package - Intel Corporation (iaStorA) HDC  (06/03/2015 14.5.0.1081) (HKLM\...\A5BD18E9983350F1E16C228926E48CB2B2C6638A) (Version: 06/03/2015 14.5.0.1081 - Intel Corporation)
Windows Driver Package - Intel Corporation (iaStorA) SCSIAdapter  (06/03/2015 14.5.0.1081) (HKLM\...\3C192C63C6A4D5A8DAAED5FFAD6B8D2ABC65695F) (Version: 06/03/2015 14.5.0.1081 - Intel Corporation)
WPS Office (11.2.0.9431) (HKU\S-1-5-21-2813573738-3828652003-1143853048-1000\...\Kingsoft Office) (Version: 11.2.0.9431 - Kingsoft Corp.)

Packages:
=========
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0.52.0_x64__htrsf667h5kn2 [2020-07-23] (Dell Inc)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.6.6.0_x64__htrsf667h5kn2 [2020-07-23] (Dell Inc)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_115.1.152.0_x64__v10z8vjag6ke6 [2020-05-28] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-03] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-04-06] (Adobe Systems Incorporated)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2813573738-3828652003-1143853048-1000_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key -> Intel)
CustomCLSID: HKU\S-1-5-21-2813573738-3828652003-1143853048-1000_Classes\CLSID\{28A80003-18FD-411D-B0A3-3C81F618E22B}\InprocServer32 -> E:\wpsDOWNLOAD\WPS Office\11.2.0.9431\office6\kwpsmenushellext64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-17] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [00nView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2018-05-07] (NVIDIA Corporation -> )
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-12-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-17] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers1_S-1-5-21-2813573738-3828652003-1143853048-1000: [          kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => E:\wpsDOWNLOAD\WPS Office\11.2.0.9431\office6\kwpsmenushellext64.dll -> No File
ContextMenuHandlers4_S-1-5-21-2813573738-3828652003-1143853048-1000: [          kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => E:\wpsDOWNLOAD\WPS Office\11.2.0.9431\office6\kwpsmenushellext64.dll -> No File

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2020-04-09 20:11 - 2020-04-09 20:11 - 000019456 _____ () [File not signed] C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.HSA.Server.dll
2008-07-03 16:38 - 2008-07-03 16:38 - 000002048 _____ () [File not signed] C:\Program Files\Microsoft Games\Solitaire\slc.dll
2019-02-21 22:00 - 2019-02-21 22:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2020-05-31 14:00 - 2020-05-31 14:00 - 000290304 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\spool\DRIVERS\x64\3\FXSAPI.DLL
2020-05-31 14:00 - 2020-05-31 14:00 - 007014912 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\spool\DRIVERS\x64\3\FXSRES.DLL
2020-05-31 14:00 - 2020-05-31 14:00 - 000413696 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\spool\DRIVERS\x64\3\FXSTIFF.dll
2020-05-31 14:00 - 2020-05-31 14:00 - 000150528 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\spool\DRIVERS\x64\3\FXSUI.DLL
2020-05-31 14:00 - 2020-05-31 14:00 - 000142848 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\spool\DRIVERS\x64\3\FXSWZRD.dll
2020-05-31 13:12 - 2018-02-27 15:08 - 000874880 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2020-05-31 13:12 - 2018-02-27 15:08 - 000339072 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2813573738-3828652003-1143853048-1000\...\dell.com -> dell.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2020-07-24 08:09 - 000000852 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\UCRT\;C:\Program Files\Intel\UCRT\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\HP\Common\HPDestPlgIn\;C:\Program Files (x86)\HP\IdrsOCR_15.4.1132.0\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Dell\Dell Data Protection\Drivers\TSS\bin\
HKU\S-1-5-21-2813573738-3828652003-1143853048-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\Saved Games\Dell Red Wallpaper.jpeg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: ApHidMonitorService => 2
MSCONFIG\Services: Bluetooth Device Monitor => 2
MSCONFIG\Services: Bluetooth Media Service => 2
MSCONFIG\Services: Bluetooth OBEX Service => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: Credential Vault Host Control Service => 2
MSCONFIG\Services: Credential Vault Host Storage => 2
MSCONFIG\Services: DDVCollectorSvcApi => 2
MSCONFIG\Services: DDVDataCollector => 2
MSCONFIG\Services: DDVRulesProcessor => 2
MSCONFIG\Services: Dell Hardware Support => 2
MSCONFIG\Services: DellDigitalDelivery => 2
MSCONFIG\Services: DFEPService => 2
MSCONFIG\Services: dpoTelemetrySvc => 2
MSCONFIG\Services: DSAService => 2
MSCONFIG\Services: EvtEng => 2
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: ibtsiva => 2
MSCONFIG\Services: igfxCUIService1.0.0.0 => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: Intel(R) PROSet Monitoring Service => 2
MSCONFIG\Services: Intel(R) SUR QC SAM => 3
MSCONFIG\Services: Intel(R) TPM Provisioning Service => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: MyWiFiDHCPDNS => 3
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: NVWMI => 2
MSCONFIG\Services: O2FLASH => 2
MSCONFIG\Services: poaService => 2
MSCONFIG\Services: PoaSMSrv => 2
MSCONFIG\Services: poaTaServ => 2
MSCONFIG\Services: RegSrvc => 2
MSCONFIG\Services: RtkAudioService => 2
MSCONFIG\Services: SDIOAssist => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SupportAssistAgent => 2
MSCONFIG\Services: wpscloudsvr => 3
MSCONFIG\Services: ZeroConfigService => 2

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{EA2ECF90-830F-4AB2-9461-B467F48AE21D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A1CF07EF-2A2C-45CF-B190-A714BB3F99DB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{34B93616-8FF6-4A83-84FB-C7C24EEC05C6}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{4E376A9F-8900-4F37-9C27-F375EEBA99C5}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 9010 series\bin\FaxApplications.exe (HP Inc -> HP Inc.)
FirewallRules: [{AB71C0B3-E828-44A0-A02D-8E95446B21AB}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 9010 series\bin\DigitalWizards.exe (HP Inc -> HP Inc.)
FirewallRules: [{7D599634-FCDE-4AAE-9C3C-D696F1644CD6}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 9010 series\bin\SendAFax.exe (HP Inc -> HP Inc.)
FirewallRules: [{1FC1A4C4-ABBC-4E6A-A8C7-64C7F6843696}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 9010 series\bin\FaxPrinterUtility.exe (HP Inc -> HP Inc.)
FirewallRules: [{868CCFAA-189E-46C2-830D-947127CE72D3}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 9010 series\Bin\DeviceSetup.exe (HP Inc -> HP Inc.)
FirewallRules: [{4A438577-86E0-4FD1-B19D-4802B68A8FEF}] => (Allow) LPort=5357
FirewallRules: [{6B275438-CD37-456C-B7F9-410761F8E9F1}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 9010 series\Bin\HPNetworkCommunicatorCom.exe (HP Inc -> HP Inc.)
FirewallRules: [{C652D740-6ADD-4F95-BDF3-01118284CDF3}] => (Allow) LPort=35699
FirewallRules: [{5B491436-08BE-41E5-893F-F1DCAB8CE914}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B36D464A-BD35-436C-8DC7-E80EEBDA8F7A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{07AB3249-03FC-4DE6-AA85-46D82B4BA892}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A724A8DE-885B-43FF-87E8-F9D0780AB0DD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

07-07-2020 08:42:39 Intel® Driver & Support Assistant
09-07-2020 08:49:45 Intel® Driver & Support Assistant
11-07-2020 07:45:06 Intel® Driver & Support Assistant
12-07-2020 19:00:02 Windows Backup
14-07-2020 09:00:22 Intel® Driver & Support Assistant
16-07-2020 07:50:57 Intel® Driver & Support Assistant
18-07-2020 10:08:00 Intel® Driver & Support Assistant
19-07-2020 11:42:53 Intel® Driver & Support Assistant
20-07-2020 21:14:49 Intel® Driver & Support Assistant
22-07-2020 04:00:49 Intel® Driver & Support Assistant
23-07-2020 07:57:23 Intel® Driver & Support Assistant
23-07-2020 11:39:44 Dell Client Management Service
23-07-2020 11:50:21 AdwCleaner_BeforeCleaning_23/07/2020_11:50:19
23-07-2020 12:22:44 AdwCleaner_BeforeCleaning_23/07/2020_12:22:41
23-07-2020 20:42:45 AdwCleaner_BeforeCleaning_23/07/2020_20:42:42
23-07-2020 20:45:47 AdwCleaner_BeforeCleaning_23/07/2020_20:45:44
23-07-2020 21:09:29 AdwCleaner_BeforeCleaning_23/07/2020_21:09:26
23-07-2020 21:13:27 AdwCleaner_BeforeCleaning_23/07/2020_21:13:24
24-07-2020 07:41:42 AdwCleaner_BeforeCleaning_24/07/2020_07:41:40
24-07-2020 07:43:38 AdwCleaner_BeforeCleaning_24/07/2020_07:43:34
24-07-2020 07:45:20 AdwCleaner_BeforeCleaning_24/07/2020_07:45:17
24-07-2020 07:46:57 AdwCleaner_BeforeCleaning_24/07/2020_07:46:54
24-07-2020 08:09:38 AdwCleaner_BeforeCleaning_24/07/2020_08:09:36

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (07/24/2020 08:25:36 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6156,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (07/24/2020 08:20:40 AM) (Source: MsiInstaller) (EventID: 11714) (User: NT AUTHORITY)
Description: Product: Intel Driver && Support Assistant -- Error 1714. The older version of Intel Driver && Support Assistant cannot be removed.  Contact your technical support group.  System Error 1612.

Error: (07/24/2020 08:12:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IAStorDataMgrSvc.exe, version: 14.8.16.1063, time stamp: 0x58eb8338
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x04f110a5
Faulting process id: 0x12a4
Faulting application start time: 0x01d661ccd8b69a54
Faulting application path: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Faulting module path: unknown
Report Id: f6d2d43d-1625-4b5f-b0df-e65cc375b192
Faulting package full name:
Faulting package-relative application ID:

Error: (07/24/2020 08:12:32 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: IAStorDataMgrSvc.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
   at IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   at IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   at IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (07/24/2020 08:10:27 AM) (Source: SetupARService) (EventID: 0) (User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
   at SetupAfterRebootService.SetupARService.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (07/24/2020 08:01:15 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5856,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (07/24/2020 07:58:01 AM) (Source: MsiInstaller) (EventID: 11714) (User: NT AUTHORITY)
Description: Product: Intel Driver && Support Assistant -- Error 1714. The older version of Intel Driver && Support Assistant cannot be removed.  Contact your technical support group.  System Error 1612.

Error: (07/24/2020 07:49:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IAStorDataMgrSvc.exe, version: 14.8.16.1063, time stamp: 0x58eb8338
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x04f910a5
Faulting process id: 0x2b30
Faulting application start time: 0x01d661c9af4ad863
Faulting application path: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Faulting module path: unknown
Report Id: 1f9dca28-372f-4094-a93a-0f41d81754f1
Faulting package full name:
Faulting package-relative application ID:


System errors:
=============
Error: (07/24/2020 08:12:34 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Rapid Storage Technology service terminated unexpectedly.  It has done this 1 time(s).

Error: (07/24/2020 08:12:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Dell Client Management Service service failed to start due to the following error:
The system cannot find the file specified.

Error: (07/24/2020 08:10:27 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The MozillaMaintenance service terminated with the following error:
Incorrect function.

Error: (07/24/2020 08:09:45 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Dell Digital Delivery Services service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.

Error: (07/24/2020 08:09:45 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Dell Data Vault Collector service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (07/24/2020 08:09:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Driver & Support Assistant service terminated unexpectedly.  It has done this 1 time(s).

Error: (07/24/2020 08:09:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Driver & Support Assistant Updater service terminated unexpectedly.  It has done this 1 time(s).

Error: (07/24/2020 08:09:45 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The WMI Performance Adapter service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.


Windows Defender:
===================================
Date: 2020-01-29 08:55:07.992
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {9023733D-87A8-48DC-9A58-AA4AE5DE30FC}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-07-22 20:23:45.127
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.319.1543.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17200.2
Error code: 0x8007045b
Error description: A system shutdown is in progress.

Date: 2020-07-22 20:09:05.926
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.319.1543.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17200.2
Error code: 0x80090305
Error description: The requested security package does not exist

Date: 2020-07-22 20:09:05.926
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.319.1543.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17200.2
Error code: 0x80090305
Error description: The requested security package does not exist

Date: 2020-07-22 20:09:05.926
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.319.1543.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17200.2
Error code: 0x80090305
Error description: The requested security package does not exist

Date: 2020-07-22 20:09:05.918
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.319.1543.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17200.2
Error code: 0x80090305
Error description: The requested security package does not exist

CodeIntegrity:
===================================

Date: 2020-06-23 06:24:55.820
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\WINDOWS\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-06-23 06:24:55.811
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\WINDOWS\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-06-23 06:24:55.723
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\WINDOWS\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-06-23 06:24:55.715
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\WINDOWS\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-06-23 06:24:55.704
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\WINDOWS\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-06-23 06:24:55.695
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\WINDOWS\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-06-23 06:24:55.225
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\WINDOWS\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-06-23 06:24:55.204
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\WINDOWS\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: Dell Inc. A26 06/13/2019
Motherboard: Dell Inc. 0CF0TC
Processor: Intel(R) Core(TM) i7-4710MQ CPU @ 2.50GHz
Percentage of memory in use: 20%
Total physical RAM: 32673.08 MB
Available physical RAM: 26070.95 MB
Total Virtual: 65441.08 MB
Available Virtual: 58724.19 MB

==================== Drives ================================

Drive 😄 () (Fixed) (Total:446.53 GB) (Free:228.72 GB) NTFS

\\?\Volume{f4c2233a-e02c-11e7-b64e-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{01c48ef8-0000-0000-0000-60a86f000000}\ () (Fixed) (Total:0.5 GB) (Free:0.04 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 447.1 GB) (Disk ID: 01C48EF8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=446.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=510 MB) - (Type=27)

==================== End of Addition.txt =======================

I was instructed to do this by the CCleaner Help Request Forum, who provided me the links.  I have Malwarebytes Premium, use Firefox and Win.10 Pro.  Thank You for your help.

Link to post
Share on other sites

  • Root Admin

Hello @Bethyboo

 

Please run the following steps and post back the logs as an attachment when ready.

STEP 01

  • If you're already running Malwarebytes then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button.
  • If you don't have Malwarebytes installed yet please download it from here and install it.
  • Once installed then open Malwarebytes and select Scan and let it run.
  • Once the scan is completed click on the View Report button, then the Export button and save the file as a Text file to your desktop or other location you can find and attach that log on your next reply.
  • If Malwarebytes won't run then please skip to the next step and let me know in your next reply.

STEP 02

Please download AdwCleaner by Malwarebytes and save the file to your Desktop.

  • Right-click on the program and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Accept the Terms of use.
  • Wait until the database is updated.
  • Click Scan Now.
  • When finished, please click Clean & Repair.
  • Your PC should reboot now if any items were found.
  • After reboot, a log file will be opened. Attach or Copy its content into your next reply.

 

RESTART THE COMPUTER Before running Step 3

STEP 03
Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). If you've, run the tool before you need to place a checkmark here.
  • Please attach the Additions.txt log to your reply as well.

 

Thanks

Link to post
Share on other sites

Hi. 

I opened my AdwCleaner by right-clicking and choosing to run it as the Administrator.  Nothing came up to accept any terms of use...it ran exactly like usual.  I have downloaded and re-downloaded it (I already had it on my desktop), but it is the same.  There is something in it that I go through the motions of quarantining it, but it doesn't do it. 

I downloaded the Farbar, and I got a notification that it "failed to update (1)" which I will click on the ok so I can keep going.

Here's what you asked for, this time in attachments.

Thank You.

FRST.txt Addition.txt

Link to post
Share on other sites

  • Root Admin

Hi @Bethyboo

The logs do not show any real signs of an infection but there are multiple errors logged in the Event Logs section that you should try to address and fix.

 

Application errors:
==================
Error: (07/24/2020 01:47:02 PM) (Source: MsiInstaller) (EventID: 11714) (User: NT AUTHORITY)
Description: Product: Intel Driver && Support Assistant -- Error 1714. The older version of Intel Driver && Support Assistant cannot be removed.  Contact your technical support group.  System Error 1612.

Error: (07/24/2020 01:38:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IAStorDataMgrSvc.exe, version: 14.8.16.1063, time stamp: 0x58eb8338
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x054610a5
Faulting process id: 0x2b18
Faulting application start time: 0x01d661fa70fd4323
Faulting application path: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Faulting module path: unknown
Report Id: a2de4ee6-52e1-4dd0-b399-258734e00780
Faulting package full name:
Faulting package-relative application ID:

Error: (07/24/2020 01:38:55 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: IAStorDataMgrSvc.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
   at IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   at IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   at IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (07/24/2020 01:36:50 PM) (Source: SetupARService) (EventID: 0) (User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
   at SetupAfterRebootService.SetupARService.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (07/24/2020 01:24:29 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2332,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (07/24/2020 11:40:33 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9964,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (07/24/2020 10:52:48 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4628,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (07/24/2020 10:42:59 AM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Windows Search Service failed to process the list of included and excluded locations with the error <30, 0x80040d07, "iehistory://{S-1-5-21-2813573738-3828652003-1143853048-1000}/">.


System errors:
=============
Error: (07/24/2020 01:38:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Rapid Storage Technology service terminated unexpectedly.  It has done this 1 time(s).

Error: (07/24/2020 01:38:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Dell Client Management Service service failed to start due to the following error:
The system cannot find the file specified.

Error: (07/24/2020 01:36:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The MozillaMaintenance service terminated with the following error:
Incorrect function.

Error: (07/24/2020 01:36:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Dell Digital Delivery Services service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.

Error: (07/24/2020 01:36:01 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Dell Data Vault Service API service depends on the Dell Data Vault Collector service which failed to start because of the following error:
The process terminated unexpectedly.

Error: (07/24/2020 01:36:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Dell Data Vault Collector service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (07/24/2020 01:36:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Driver & Support Assistant service terminated unexpectedly.  It has done this 1 time(s).

Error: (07/24/2020 01:36:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Driver & Support Assistant Updater service terminated unexpectedly.  It has done this 1 time(s).


Windows Defender:
===================================
Date: 2020-01-29 08:55:07.992
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {9023733D-87A8-48DC-9A58-AA4AE5DE30FC}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-07-22 20:23:45.127
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.319.1543.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17200.2
Error code: 0x8007045b
Error description: A system shutdown is in progress.

Date: 2020-07-22 20:09:05.926
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.319.1543.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17200.2
Error code: 0x80090305
Error description: The requested security package does not exist

Date: 2020-07-22 20:09:05.926

 

If you like I can write up a generic clean up script and assist you in trying to correct these issues if you'd like, just let me know.

Thank you

 

 

Link to post
Share on other sites

I think the problem is with my AdwCleaner.  I've downloaded it a few time, now, and it stays the same.  First I thought it was the CCleaner, which is why I went to them first, because when I open it up, I can scan once, then it freezes, and the rest of my computer runs like sludge.  They said no, it's not that, and to contact you folks.

Link to post
Share on other sites

  • Root Admin

No problem. I will assist you.

NOTE: This is a generic clean up script. It is not designed to specifically address the above issue but it may correct some of them.

 

 

Please download the attached fixlist.txt file and save it to the Desktop or location where you ran FRST from.
NOTE. It's important that both files, FRST or FRST64, and fixlist.txt are in the same location or the fix will not work.

Please make sure you disable any real time antivirus or security software before running this script. Once completed make sure you re-enable it.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system that cannot be undone.

Run FRST or FRST64 and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Desktop (Fixlog.txt) or wherever you ran FRST from. Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.

NOTE-1:  This fix will run a scan to check that all Microsoft operating system files are valid and not corrupt and attempt to correct any invalid files. It will also run a disk check on the restart to ensure disk integrity. Depending on the speed of your computer this fix may take 30 minutes or more.

NOTE-2: As part of this fix all temporary files will be removed. If you have any open web pages that have not been bookmarked please make sure you bookmark them now as all open applications will be automatically closed. Also, make sure you know the passwords for all websites as cookies will also be removed. The use of an external password manager is highly recommended instead of using your browser to store passwords.

The following directories are emptied:

  • Windows Temp
  • Users Temp folders
  • Edge, IE, FF, Chrome and Opera caches, HTML5 storages, Cookies and History
  • Recently opened files cache
  • Flash Player cache
  • Java cache
  • Steam HTML cache
  • Explorer thumbnail and icon cache
  • BITS transfer queue (qmgr*.dat files)
  • Recycle Bin

Important: items are permanently deleted. They are not moved to quarantine. If you have any questions or concerns please ask before running this fix.

The system will be rebooted after the fix has run.

fixlist.txt

Thanks

 

Link to post
Share on other sites

FRST won't download an updated version for me.  It has yesterday's date on it.

I ran it anyway (the same way I did before) and when it finished I clicked the Fix button, and nothing happened because it said there was nothing loaded in it to fix.  I tried downloading the 32-bit, but it said it wasn't compatible with my laptop...thought I'd try to see if it might download today's instead of yesterday's.

What am I doing wrong?  Something definitely has a hold of my laptop.  When I re-boot, there is a faint ghost of something that appears for a nanosecond (all I see is an empty shell) and disappears.  It is not the new AdwCleaner, because that is a black square that appears and then disappears, it is something else.

Is there something else I can do?

Link to post
Share on other sites

  • Root Admin

Great, that's a good start.

From the log:  Windows Resource Protection found corrupt files and successfully repaired them.

Let me have you run the following now.

 

 

SecurityCheck by glax24              

I would like you to run a tool named SecurityCheck to inquire on the current-security-update status of some applications.

  • Download SecurityCheck by glax24 from here  https://tools.safezone.cc/glax24/SecurityCheck/SecurityCheck.exe
  • and save the tool on the desktop.
  • If Windows's  SmartScreen block that with a message-window, then
  • Click on the MORE INFO spot and over-ride that and allow it to proceed.
  • This tool is safe.   Smartscreen is overly sensitive.
  • Right-click  with your mouse on the Securitycheck.exe  and select "Run as administrator"   and reply YES to allow to run & go forward
  • Wait for the scan to finish. It will open in a text file named SecurityType.txt. Close the file.  Attach it with your next reply.
  • You can find this file in a folder called SecurityCheck, C:\SecurityCheck\SecurityCheck.txt

 

Link to post
Share on other sites

  • Root Admin

Please review and update as needed


------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.535.18362.0 Warning! Download Update

--------------------------- [ OtherUtilities ] ----------------------------
LibreOffice 6.4.4.2 v.6.4.4.2 Warning! Download Update
-------------------------------- [ Arch ] ---------------------------------
7-Zip 18.05 (x64) v.18.05 Warning! Download Update
Uninstall old version and install new one.
7-Zip 19.00 (x64 edition) v.19.00.00.0
--------------------------- [ AdobeProduction ] ---------------------------
Adobe AIR v.32.0.0.89 Warning! Download Update

 

Then reboot the computer 2 times and then run FRST again and SCAN and post back the 2 new logs.

Cheers

 

Link to post
Share on other sites

Hi.

I don't use Internet Explorer at all.  I have on my computer, but have never used it.  I use Firefox.

I don't know what Arch is, so I guess I don't use it.

I do use Libre Office 6.4, and don't know what Adobe Air is, but I use the Acrobat Reader--which is Adobe, correct?

The bug is in my CCleaner.  I uninstalled it, but there are 2 files left that will not delete or uninstall.  Nothing pops up about them when I attempt to delete them, but they don't delete.

If I open my CCleaner, I am able to scan once, and then it freezes and my laptop runs like sludge, and the only way to end it is to use my AdwCleaner which re-boots and I can start over--except the ghost square appears and disappears a minute or two after re-booting, so I open my Malwarebytes and close my laptop before it opens.  Then I can come back to the laptop and start over.  I don't know if any of this makes sense or not, but it is what is going on.

I'll update the Adobe and Libre--and the others if you tell me I need to.

Thank You for your help!

Link to post
Share on other sites

Hi.

I found 11 CCleaner files, all .exe which aren't accepted file types by this site.  Also, they are far more megabytes than the max total size allowed.  I don't know how to get them to you, but none of them will either delete or uninstall.  Also, the shortcut CCleaner file that is right next to the Ccleaner file I was able to open and save as text to be able to attach (they won't attach as is, and I don't know why) won't attach either.

The CCleaner files are all different ccsetup files, and all .exe

I hope you are still there?

FRST.txt2.txt Addition.txt2.txt Fixlog.txt ccleaner.txt

Link to post
Share on other sites

  • Root Admin

I don't want the actual files. Just the names and locations of the files you're trying to removed.

Please save the attached fixlist.txt file and save to the same location as the FRST program then run FRST and click on FIX and post back the new fixlog.txt file

fixlist.txt

This will search for all files with that name so that I can help you remove them.

 

Link to post
Share on other sites

The reason it is taking me so long, is because the file is so deep.  C:\Users\Admin\Desktop\ADMIN-PC\Backup Set 2020-03-08 222201\Backup Files 2020-03-29 211518\Backup files 2.zip\C\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\AppIconCache\125 

I go to find it and my head is spinning.  Btw, I don't use Cortana or One or Edge, and I've been trying to get rid of Edge since I had to go from Win.7pro (where I was perfectly happy--particularly since I don't own a cellphone/smartphone) to Win.10.  There is so much trackware/bloatware/sneakware, I cannot stand it.  I just state that because Cortana is a part of where this garbage is being held.

I am so exhausted...really, I know nothing about computers...I'm just groping here.  I'm so sorry I'm not a better help to the both of us!

Link to post
Share on other sites

Oh, I forgot to mention that 8 of the files I wasn't able to delete, I deleted!  I had to go deep (like that link above), just following my nose and then back-tracking when I hit a dead end, but I found those buggers, and when I found them in their place, for some reason I was able to delete them!  Who knew?

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.