Trying to get rid of a very Chrome - Mybrowser redirect

[AndyCY]

 

Hello Malwarebyters,

Malware byte Trial version 4.3.0.98 will not identify or solve the problem.

My default and only Browser is Google Chrome.

When I type something in the search box i see something like adptracker and then aplilanddays and then something like this: https://mybrowser-search.com/search?q=michael%20simkin&ac=1468047342

Any remedy?

Thanks

[kevinf80]

Hello AndyCY and welcome to Malwarebytes, Continue with the following: Open Malwarebytes, select > small cog wheel top right hand corner, that will open "settings" from there select "Security" tab. Scroll down to "Scan Options" ensure Scan for Rootkits and Scan within Archives are both on.... Clsoe out the settings window, this will take you back to "DashBoard" select the Blue "Scan Now" tab...... When the scan completes quarantine any found entries... To get the log from Malwarebytes do the following:   Click on the Detection History tab > from main interface. Then click on "History" that will open to a historical list Double click on the Scan log which shows the Date and time of the scan just performed. Click Export > From export you have two options: Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply Text file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply   Please use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply… Next, Download AdwCleaner by Malwarebytes onto your Desktop. Or from this Mirror   Right-click on AdwCleaner.exe and select http://i.imgur.com/Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users) Accept the EULA (I accept), then click on Scan Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Quarantine button. This will kill all the active processes Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply Next, Download Farbar Recovery Scan Tool and save it to your desktop. Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way... Be aware FRST must be run from an account with Administrator status...   Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.) Make sure Addition.txt is checkmarked under "Optional scans"   Press Scan button to run the tool.... It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply. The tool will also make a log named (Addition.txt) Please attach that log to your reply. Let me see those logs in your reply... Thank you, Kevin....

[AndyCY]

Hi Kevin, thanks for your super prompt response. 

Here are the logs. Hope I have done things correct. Problem remains.

looking for your news.

 

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 1/15/21
Scan Time: 6:09 PM
Log File: fc912d32-574b-11eb-87a2-00ffd4c7cf0c.json

-Software Information-
Version: 4.3.0.98
Components Version: 1.0.1130
Update Package Version: 1.0.35787
License: Trial

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Dell-PC\Dell

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 277219
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 15 min, 7 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)

(end)

 

 

# -------------------------------
# Malwarebytes AdwCleaner 8.0.9.0
# -------------------------------
# Build:    01-11-2021
# Database: 2021-01-11.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    01-15-2021
# Duration: 00:01:01
# OS:       Windows 7 Home Premium
# Cleaned:  33
# Awaiting reboot:2
# Failed:   0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted       Amazon Assistant for Chrome - pbjikboenpfhbbejgkoklgkhjpfogcam

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted       Preinstalled.DellPhotoStage   Folder   C:\DELL\PHOTOSTAGE
Deleted       Preinstalled.DellPhotoStage   Folder   C:\Program Files (x86)\DELL\PHOTOSTAGE
Deleted       Preinstalled.DellPhotoStage   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{E4335E82-17B3-460F-9E70-39D9BC269DB3}
Deleted       Preinstalled.DellQuickset   Folder   C:\Program Files\DELL\QUICKSET
Deleted       Preinstalled.DellQuickset   Folder   C:\ProgramData\DELL\QUICKSET
Deleted       Preinstalled.DellQuickset   Registry   HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\QuickSet
Deleted       Preinstalled.DellQuickset   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{87CF757E-C1F1-4D22-865C-00C6950B5258}
Deleted       Preinstalled.DellStageRemote   Folder   C:\Program Files (x86)\DELL\STAGE REMOTE
Deleted       Preinstalled.DellStageRemote   Folder   C:\Users\Dell\AppData\Local\DELL\STAGE REMOTE
Deleted       Preinstalled.DellStageRemote   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{AF4D3C63-009B-4A17-B02E-D395065DD3F0}
Deleted       Preinstalled.DellSupportAssistAgent   File   C:\Users\Public\Desktop\SupportAssist.lnk
Deleted       Preinstalled.DellSupportAssistAgent   Folder   C:\ProgramData\SUPPORTASSIST\CLIENT\TECHNICIANTOOLKIT
Deleted       Preinstalled.DellSupportAssistAgent   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FFCB0E94-F308-41AC-8C31-E50C9F0B2E2C}
Deleted       Preinstalled.DellSupportAssistAgent   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FFCB0E94-F308-41AC-8C31-E50C9F0B2E2C}
Deleted       Preinstalled.DellSupportAssistAgent   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dell SupportAssistAgent AutoUpdate
Deleted       Preinstalled.DellSupportAssistAgent   Task   C:\Windows\System32\Tasks\DELL SUPPORTASSISTAGENT AUTOUPDATE
Deleted       Preinstalled.DellSupportCenter   Folder   C:\Program Files\DELL SUPPORT CENTER
Deleted       Preinstalled.DellSupportCenter   Folder   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL SUPPORT CENTER
Deleted       Preinstalled.DellSupportCenter   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0090A87C-3E0E-43D4-AA71-A71B06563A4A}
Deleted       Preinstalled.DellUpdateforWindows10   Folder   C:\ProgramData\DELL\UPDATESERVICE
Deleted       Preinstalled.LenovoThinkVantageToolbox   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3E9D32CF-777E-4E71-AAD2-3A03959FFC7D}
Deleted       Preinstalled.LenovoThinkVantageToolbox   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{444D5215-E409-4AF7-8858-96633A2C509C}
Deleted       Preinstalled.LenovoThinkVantageToolbox   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3E9D32CF-777E-4E71-AAD2-3A03959FFC7D}
Deleted       Preinstalled.LenovoThinkVantageToolbox   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{444D5215-E409-4AF7-8858-96633A2C509C}
Deleted       Preinstalled.LenovoThinkVantageToolbox   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCDEventLauncher
Deleted       Preinstalled.LenovoThinkVantageToolbox   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCDoctorBackgroundMonitorTask
Deleted       Preinstalled.LenovoThinkVantageToolbox   Task   C:\Windows\System32\Tasks\PCDEVENTLAUNCHER
Deleted       Preinstalled.LenovoThinkVantageToolbox   Task   C:\Windows\System32\Tasks\PCDOCTORBACKGROUNDMONITORTASK
Deleted       Preinstalled.LenovoThinkVantageToolbox   Task   C:\Windows\Tasks\PCDOCTORBACKGROUNDMONITORTASK.JOB
Deleted       Preinstalled.MyDell   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dell Support Center
Needs Reboot  Preinstalled.DellSupportAssistAgent   Folder   C:\Program Files\DELL\SUPPORTASSISTAGENT
Needs Reboot  Preinstalled.DellUpdateforWindows10   Folder   C:\Program Files (x86)\DELL\UPDATESERVICE

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

***** Reboot Required to Complete *****

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-01-2021
Ran by Dell (15-01-2021 19:39:18)
Running from C:\Users\Dell\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2017-05-24 19:05:11)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3848644748-4105553010-2298354658-500 - Administrator - Disabled)
Dell (S-1-5-21-3848644748-4105553010-2298354658-1001 - Administrator - Enabled) => C:\Users\Dell
Guest (S-1-5-21-3848644748-4105553010-2298354658-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3848644748-4105553010-2298354658-1004 - Limited - Enabled)
UpdatusUser (S-1-5-21-3848644748-4105553010-2298354658-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {88AE6B46-DC3C-455A-A21B-085F285A3546}
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1Password 4.6.2.626 (HKLM-x32\...\1Password4_is1) (Version: 4.0 - AgileBits)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 18.01 (x64) (HKLM\...\7-Zip) (Version: 18.01 - Igor Pavlov)
AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.11.22 - STMicroelectronics)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.3.183.5 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Apple Software Update (HKLM-x32\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
Avira (HKLM-x32\...\{4BC30143-FC17-4BA0-96C3-11F21F026099}) (Version: 1.2.100.18354 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.44.143 - Avira Operations GmbH & Co. KG)
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.37.1.24458 - Avira Operations GmbH & Co. KG)
Avira Safe Shopping (HKLM-x32\...\{FA4F79B8-FA3E-4BDC-82B1-F0AA064E24C0}) (Version: 1.0.49.1987 - Avira Operations Gmbh & Co. KG)
Avira Scout (HKLM-x32\...\Avira Scout) (Version: 17.6.3071.2851 - Avira Operations GmbH & Co. KG)
Avira Software Updater (HKLM-x32\...\{591FD32E-4D97-44D6-84E5-84751E7A9859}) (Version: 2.0.4.31895 - Avira Operations GmbH & Co. KG)
Bing Bar (HKLM-x32\...\{08234a0d-cf39-4dca-99f0-0c5cb496da81}) (Version: 6.0.2282.0 - Microsoft Corporation)
Bing Bar Platform (HKLM-x32\...\{77C4850C-3592-4A2F-B652-ACB77A1EF77C}) (Version: 6.0.2282.0 - Microsoft Corporation) Hidden
Bing Rewards Client Installer (HKLM-x32\...\{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}) (Version: 16.0.345.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
Bonjour Print Services (HKLM\...\{0DA20600-6130-443B-9D4B-F30520315FA6}) (Version: 2.0.2.0 - Apple Inc.)
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
C4400 (HKLM-x32\...\{B1E33614-25CC-4C2A-8CBA-88B51ABF67E0}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
Copy (HKLM-x32\...\{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}) (Version: 130.0.428.000 - Hewlett-Packard) Hidden
Crypto Plugin (HKU\S-1-5-21-3848644748-4105553010-2298354658-1001\...\Crypto Plugin) (Version: 1.1.8 - Privatbank)
CyberLink PowerDVD 9.6 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.6.1.3522 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.57 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.57 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}) (Version: 1.5.201.0 - Fingertapps)
Dell Stage (HKLM-x32\...\{FE182796-F6BA-486A-8590-89B7E8D1D60F}) (Version: 1.7.209.0 - Fingertapps)
Dell SupportAssist (HKLM\...\{6D2933E3-DC42-44E5-B80E-DACDD64ADFF5}) (Version: 3.5.0.448 - Dell Inc.)
Dell VideoStage  (HKLM-x32\...\{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.) Hidden
Dell VideoStage  (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.01.19 - Creative Technology Ltd)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}) (Version: 130.0.465.000 - Hewlett-Packard) Hidden
DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 114.3.363 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.379.1 - Dropbox, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.141 - Google LLC)
Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.32.7 - Google Inc.) Hidden
GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
High-Definition Video Playback (HKLM-x32\...\{237CCB62-8454-43E3-B158-3ACD0134852E}) (Version: 7.3.10000.0.0 - Nero AG) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart C4400 All-In-One Driver Software 13.0 Rel. 3 (HKLM\...\{8181C5B7-2FF5-4677-BA6A-8E2C3F5A7601}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (HKLM-x32\...\{681B698F-C997-42C3-B184-B489C6CA24C9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (HKLM-x32\...\{D79113E7-274C-470B-BD46-01B10219DF6A}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
inSSIDer Office (HKLM-x32\...\{F7F37748-A121-4B38-8192-6453E1FF5ADD}) (Version: 4.4.0.6 - MetaGeek, LLC)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2455 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{BEE86606-EFB5-4353-9F34-29E0C59CDCFA}) (Version: 15.2.0.0284 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}) (Version: 1.2.0.0587 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{181BBF43-CA17-4E1A-A78D-81E67A57B8A4}) (Version: 15.02.0000.1258 - Intel Corporation)
Java(TM) 6 Update 27 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416027FF}) (Version: 6.0.270 - Oracle)
Java(TM) 6 Update 27 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216027FF}) (Version: 6.0.270 - Oracle)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LibreOffice 5.2.6.2 (HKLM-x32\...\{443795BA-BBA0-46CF-A07F-DB5B461785F7}) (Version: 5.2.6.2 - The Document Foundation)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
NVIDIA 3D Vision Driver 268.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 268.30 - NVIDIA Corporation)
NVIDIA Graphics Driver 268.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.30 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Popcorn-Time (HKU\S-1-5-21-3848644748-4105553010-2298354658-1001\...\Popcorn-Time) (Version: 0.4.4 - Popcorn Time)
PS_AIO_03_C4400_Software_Min (HKLM-x32\...\{7E5A8023-0E90-4503-A1EA-C9FC25680AF9}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6312 - Realtek Semiconductor Corp.)
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SmartWebPrinting (HKLM-x32\...\{DC635845-46D3-404B-BCB1-FC4A91091AFA}) (Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (HKLM-x32\...\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}) (Version: 130.0.469.000 - Hewlett-Packard) Hidden
SyncUP (HKLM-x32\...\{40F06490-8C14-43AA-99D3-EEEFDBAC3CFC}) (Version: 1.10.11100.8.106 - Nero AG)
SyncUP (HKLM-x32\...\{D92C9CCE-E5F0-4125-977A-0590F3225B74}) (Version: 10.2.14900 - Nero AG)
Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}) (Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (HKLM-x32\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
Update for Skype for Business 2015 (KB4011255) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{FCBDF81E-8BA7-4705-A8BB-048A3FB755D7}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4011255) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{FCBDF81E-8BA7-4705-A8BB-048A3FB755D7}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4011255) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{FCBDF81E-8BA7-4705-A8BB-048A3FB755D7}) (Version:  - Microsoft)
Viber (HKLM-x32\...\{EAF077BA-8EA4-4CEC-A215-4ACAE713A8BF}) (Version: 6.9.0.1048 - Viber Media Inc.) Hidden
Viber (HKU\S-1-5-21-3848644748-4105553010-2298354658-1001\...\{a85cbe05-cc32-4419-ad8f-7ff7bc41bc05}) (Version: 6.9.0.1048 - Viber Media Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.8 - VideoLAN)
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinZip 22.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24115}) (Version: 22.0.12670 - Corel Corporation)
Zinio Reader 4 (HKLM-x32\...\{7FB00B6B-6843-97EC-EED6-78BD6D35370A}) (Version: 4.2.4164 - Zinio LLC) Hidden
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Εργαλεία γλωσσικού ελέγχου του Microsoft Office 2013 - Ελληνικά (HKLM\...\{90150000-001F-0408-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Εργαλεία γλωσσικού ελέγχου του Microsoft Office 2013 - Ελληνικά (HKLM-x32\...\{90150000-001F-0408-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Πακέτο συμβατότητας για το 2007 Microsoft Office system (HKLM-x32\...\{90120000-0020-0408-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Πρόσθετο αποθήκευσης ως PDF ή XPS της Microsoft για προγράμματα του Microsoft Office 2007 (HKLM-x32\...\{90120000-00B2-0408-0000-0000000FF1CE}) (Version: 12.0.4518.1029 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKU\S-1-5-21-3848644748-4105553010-2298354658-1001\...\ChromeHTML: ->  <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-3848644748-4105553010-2298354658-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.WinZipExpressForOffice.dll () [File not signed]
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [BTMSentToExt] -> {0A7D34C2-E9DA-48A1-9E34-0CDFC2DE3B44} =>  -> No File
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-03-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-11-01] (Corel Corporation -> WinZip Computing, S.L.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-11-01] (Corel Corporation -> WinZip Computing, S.L.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-07-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2011-04-22] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-03-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-11-01] (Corel Corporation -> WinZip Computing, S.L.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Dell\Desktop\Andy - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\Dell\Desktop\Kleanthis (Maria) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\Dell\Desktop\Natalia (Nat) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2011-10-23 01:14 - 2010-12-20 16:49 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2009-05-21 19:21 - 2009-05-21 19:21 - 000248832 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll
2009-09-20 11:24 - 2009-09-20 11:24 - 000213504 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqddcmn.dll
2009-09-20 11:24 - 2009-09-20 11:24 - 000133120 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqddsvc.dll
2010-08-06 10:15 - 2010-08-06 10:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-08-06 10:15 - 2010-08-06 10:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2011-05-19 08:16 - 2011-05-19 08:16 - 000054784 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Bluetooth\vdpsrca.dll
2011-10-23 01:14 - 2010-12-20 16:45 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2012-04-23 16:21 - 2012-04-23 16:21 - 000333312 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\BluetoothHS\BTHSSupplicant.dll
2012-03-15 05:00 - 2012-03-15 05:00 - 000105472 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\BluetoothHS\UsR3IoPort.dll
2017-04-21 12:26 - 2017-04-21 12:26 - 000126976 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\WINDOWS\Microsoft.Net\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2020-01-13 07:04 - 2020-01-13 07:04 - 001899008 _____ (SQLite Development Team) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\sqlite3.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Dell\IMG_3942.MOV:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Dell\Documents\8015 installation instruction's vedio .avi:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Dell\Documents\8015 installation instruction's vedio .avi:com.dropbox.attrs [54]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

HKU\S-1-5-21-3848644748-4105553010-2298354658-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www1.euro.dell.com/content/default.aspx?c=cy&l=en&s=gen
HKU\S-1-5-21-3848644748-4105553010-2298354658-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www1.euro.dell.com/content/default.aspx?c=cy&l=en&s=gen
SearchScopes: HKLM -> DefaultScope {B6382810-6500-4DDC-8000-1AA99DF65EBD} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {B6382810-6500-4DDC-8000-1AA99DF65EBD} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {B6382810-6500-4DDC-8000-1AA99DF65EBD} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {B6382810-6500-4DDC-8000-1AA99DF65EBD} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3848644748-4105553010-2298354658-1001 -> DefaultScope {B6382810-6500-4DDC-8000-1AA99DF65EBD} URL = 
SearchScopes: HKU\S-1-5-21-3848644748-4105553010-2298354658-1001 -> {B6382810-6500-4DDC-8000-1AA99DF65EBD} URL = 
BHO: No Name -> {037C06D5-3893-49E8-9AC0-41F7524AFBF5} -> No File
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2017-09-12] (Microsoft Corporation -> Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-23] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Company -> Hewlett-Packard Co.)
BHO-x32: No Name -> {037C06D5-3893-49E8-9AC0-41F7524AFBF5} -> No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-08-24] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-07-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Bing Bar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll [2010-08-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-23] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Company -> Hewlett-Packard Co.)
Toolbar: HKLM-x32 - @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll [2010-08-13] (Microsoft Corporation -> Microsoft Corporation)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://files.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\dell.com -> dell.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2017-11-20 16:01 - 2021-01-15 19:30 - 000000435 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 Dell-PC.mshome.net # 2025 1 1 27 11 56 50 333

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\DLLShared\;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\DLLShared\;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\DLLShared\;C:\Program Files (x86)\Roxio\OEM\AudioCore\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-3848644748-4105553010-2298354658-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.140.209.239 - 213.140.213.232
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupreg: Agile1pAgent => C:\Program Files (x86)\1Password 4\Agile1pAgent.exe
MSCONFIG\startupreg: Avira Safe Shopping => "C:\Program Files (x86)\Avira\Safe Shopping\Avira Safe Shopping.exe"
MSCONFIG\startupreg: CTFMON => C:\Windows\System32\ctfmon.exe
MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3 
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: WinZip FAH => C:\Program Files\WinZip\FAHConsole.exe
MSCONFIG\startupreg: WinZip PreLoader => C:\Program Files\WinZip\WzPreloader.exe
MSCONFIG\startupreg: WinZip UN => C:\Program Files\WinZip\WZUpdateNotifier.exe

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{051C0788-CA48-4A94-BACB-7AF283F5E9C0}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{34FD4BAC-D077-44A6-A98B-B76B75146E36}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{A497B582-C6A4-4983-8420-CB2A23A9BCC2}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{8C10E689-DBE6-4ECA-9F6E-C1418645B9AB}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{45C3289F-A2FC-4A2F-AFC1-849E2233DDC2}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{DD6C75B1-36BF-4BD6-9D00-C3626024B59F}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{589C7F37-6E8A-48EF-9411-65A89D91D7E2}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{F88DD30F-A59A-4615-9E37-151637334267}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Mobile Wireless Group -> )
FirewallRules: [{FE0DB2DC-4791-459E-A54C-86E3CA20ABCD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FB16B56D-6894-4B22-B9E3-5CA4928DFA3F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{4CEA560C-9570-42A4-9A65-18298E95F24A}C:\program files\microsoft office\office15\lync.exe] => (Block) C:\program files\microsoft office\office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{D942451C-C914-49BA-8F89-010784F8AC4C}C:\program files\microsoft office\office15\lync.exe] => (Block) C:\program files\microsoft office\office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{ABFFDE26-491C-44CC-B2DB-436F339EA85B}C:\program files (x86)\1password 4\1password.exe] => (Allow) C:\program files (x86)\1password 4\1password.exe (AgileBits Inc. -> AgileBits)
FirewallRules: [UDP Query User{BC65A468-0CA8-4A70-AB0A-8921866324A7}C:\program files (x86)\1password 4\1password.exe] => (Allow) C:\program files (x86)\1password 4\1password.exe (AgileBits Inc. -> AgileBits)
FirewallRules: [TCP Query User{0B0D3DAD-9C33-4240-B3F8-A5BCC27935F9}C:\users\dell\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\dell\appdata\local\popcorn-time\popcorn-time.exe (The NW.js Community) [File not signed]
FirewallRules: [UDP Query User{9F4FCB2E-9DE1-457F-9415-8ECC43CA54C0}C:\users\dell\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\dell\appdata\local\popcorn-time\popcorn-time.exe (The NW.js Community) [File not signed]
FirewallRules: [{4DCE8E8D-56EA-4A8E-88F9-0A05873766AD}] => (Block) C:\users\dell\appdata\local\popcorn-time\popcorn-time.exe (The NW.js Community) [File not signed]
FirewallRules: [{35E835DA-409B-4D75-B65D-F0D2C35F6FBC}] => (Block) C:\users\dell\appdata\local\popcorn-time\popcorn-time.exe (The NW.js Community) [File not signed]
FirewallRules: [TCP Query User{9C212D17-E539-45C2-A889-C67F3B029D83}C:\users\dell\appdata\local\viber\qtwebengineprocess.exe] => (Block) C:\users\dell\appdata\local\viber\qtwebengineprocess.exe (Viber Media S.à r.l. -> The Qt Company Ltd.)
FirewallRules: [UDP Query User{CFEE9295-CAE6-49E2-A7D1-B848F8BE0EEB}C:\users\dell\appdata\local\viber\qtwebengineprocess.exe] => (Block) C:\users\dell\appdata\local\viber\qtwebengineprocess.exe (Viber Media S.à r.l. -> The Qt Company Ltd.)
FirewallRules: [TCP Query User{734275E1-CAFF-4F13-98B4-C6B59EBC2EDB}C:\users\dell\appdata\local\viber\qtwebengineprocess.exe] => (Block) C:\users\dell\appdata\local\viber\qtwebengineprocess.exe (Viber Media S.à r.l. -> The Qt Company Ltd.)
FirewallRules: [UDP Query User{DB2C8C3E-B4D0-4915-8EE1-C169DE16B0DD}C:\users\dell\appdata\local\viber\qtwebengineprocess.exe] => (Block) C:\users\dell\appdata\local\viber\qtwebengineprocess.exe (Viber Media S.à r.l. -> The Qt Company Ltd.)
FirewallRules: [TCP Query User{9810121D-C4E3-444C-99AE-833A7F90657D}C:\users\dell\appdata\local\viber\viber.exe] => (Allow) C:\users\dell\appdata\local\viber\viber.exe (Viber Media S.à r.l. -> Viber Media S.à r.l.)
FirewallRules: [UDP Query User{E3B0BF19-87D6-4955-A46F-DD8950068937}C:\users\dell\appdata\local\viber\viber.exe] => (Allow) C:\users\dell\appdata\local\viber\viber.exe (Viber Media S.à r.l. -> Viber Media S.à r.l.)
FirewallRules: [{B1975469-63F0-423C-9048-2A1685F11B3A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A219160A-61E5-4CFF-B4AE-06B90C0BAFF5}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

==================== Restore Points =========================

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (01/15/2021 07:33:36 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2021-01-20T08:19:36Z. Error Code: 0x80041321.

Error: (01/15/2021 07:31:05 PM) (Source: COM+) (EventID: 4691) (User: )
Description: The run-time environment was unable to initialize for transactions required to support transactional components. Make sure that MS-DTC is running. (DtcGetTransactionManagerEx(): hr = 0x8004d01b)

Error: (01/15/2021 07:31:05 PM) (Source: MSDTC) (EventID: 4441) (User: )
Description: A MS DTC component has encountered an internal error. The process is being terminated. Error Specifics: DtcSystemShutdown (d:\w7rtm\com\complus\dtc\dtc\msdtc\src\msdtc.cpp@2539): Shutting down with an error

Error: (01/15/2021 07:31:05 PM) (Source: MSDTC) (EventID: 4112) (User: )
Description: Could not start the MS DTC Transaction Manager.

Error: (01/15/2021 07:31:05 PM) (Source: MSDTC) (EventID: 4185) (User: )
Description: MS DTC Transaction Manager start failed. LogInit returned error 0x2. This is expected if the corresponding volume has been restored (search for kb article regarding the issue). In all other cases, contact product support.

Error: (01/15/2021 07:31:05 PM) (Source: MSDTC) (EventID: 4163) (User: )
Description: MS DTC log file not found. After ensuring that all Resource Managers coordinated by MS DTC have no indoubt transactions, please run msdtc -resetlog to create the log file.

Error: (01/15/2021 07:28:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/15/2021 07:28:35 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe".Error in manifest or policy file "C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe.Config" on line 0.
Invalid Xml syntax.

System errors:
=============
Error: (01/15/2021 07:31:05 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Distributed Transaction Coordinator service terminated with service-specific error %%-1073737712.

Error: (01/15/2021 07:30:08 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Dell Client Management Service service hung on starting.

Error: (01/15/2021 07:29:22 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (01/15/2021 07:28:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WinZip Compression Smart Monitor Service service failed to start due to the following error: 
The system cannot find the file specified.

Error: (01/15/2021 07:28:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The TunMirror service failed to start due to the following error: 
The system cannot find the file specified.

Error: (01/15/2021 07:28:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Avira System Speedup service failed to start due to the following error: 
The system cannot find the file specified.

Error: (01/15/2021 07:27:45 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\WINDOWS\System32\IWMSSvc.dll

Error: (01/15/2021 07:27:45 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\WINDOWS\System32\IWMSSvc.dll

==================== Memory info =========================== 

BIOS: Dell Inc. A12 09/07/2012
Motherboard: Dell Inc. 0NJT03
Processor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz
Percentage of memory in use: 83%
Total physical RAM: 8086.17 MB
Available physical RAM: 1370.32 MB
Total Virtual: 16170.52 MB
Available Virtual: 8146.04 MB

==================== Drives ================================

Drive 😄 (OS) (Fixed) (Total:911.88 GB) (Free:776.2 GB) NTFS
Drive h: () (Removable) (Total:1.84 GB) (Free:1.5 GB) FAT

\\?\Volume{b4274ec4-4091-11e7-96f8-806e6f6e6963}\ (RECOVERY) (Fixed) (Total:19.53 GB) (Free:10.53 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 3984C600)
Partition 1: (Not Active) - (Size=102 MB) - (Type=DE)
Partition 2: (Active) - (Size=19.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=911.9 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Protective MBR) (Size: 1.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

 

 

 

[kevinf80]

You have not posted the primary log from FRST "frst.txt" Logs are saved here :- C:\FRST\Logs

[AndyCY]

THIS ONE?

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-01-2021
Ran by Dell (administrator) on DELL-PC (Dell Inc. Dell System XPS L502X) (15-01-2021 22:57:04)
Running from C:\Users\Dell\Downloads
Loaded Profiles: UpdatusUser & Dell
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
(Dell Inc -> SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <4>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\WINDOWS\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\114.3.363\QtWebEngineProcess.exe <3>
(Google LLC -> ) C:\Program Files (x86)\Google\Update\Install\{C33045AC-A9A4-4AB9-9D6C-245FD77A5A21}\googleearth-win-pro-7.3.3.7786-x64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <41>
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation-Mobile Wireless Group -> Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Mobile Wireless Group -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\alg.exe
(Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe <2>
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7106.1428\DSAPI.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Viber Media S.à r.l. -> Viber Media S.à r.l.) C:\Users\Dell\AppData\Local\Viber\Viber.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7992336 2021-01-14] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-3848644748-4105553010-2298354658-1001\...\Run: [] => [X]
HKU\S-1-5-21-3848644748-4105553010-2298354658-1001\...\Run: [Viber] => C:\Users\Dell\AppData\Local\Viber\Viber.exe [46810640 2020-12-18] (Viber Media S.à r.l. -> Viber Media S.à r.l.)
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\PCL hpz3lw71: C:\WINDOWS\system32\hpz3lw71.dll [46080 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\WINDOWS\system32\cmd.exe /D /C start C:\WINDOWS\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.141\Installer\chrmstp.exe [2021-01-13] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D00AE86-E9F9-43A0-82A4-79EBA59183E2}] -> C:\Program Files (x86)\Avira\Scout\Application\59.0.3071.2851\Installer\chrmstp.exe [2017-07-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\WINDOWS\system32\cmd.exe /D /C start C:\WINDOWS\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B424785-72AF-4131-9201-B4DA9EB8479B} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\4 => C:\Program Files\WinZip\WzPreloader.exe [117760 2017-11-01] (WinZip Computing, S.L.) [File not signed]
Task: {14DAB368-E4FB-4F12-AC34-A5666EEACD22} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\23 => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686704 2010-12-17] (STMicroelectronics -> )
Task: {165CDB94-3178-4889-934B-5803CB575BAF} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\9 => "wscript.exe" //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
Task: {16DBEEFE-25B1-438A-B5A3-EE7A33116969} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {19B915B8-E21B-47DD-92CA-FF7C9574C68B} - System32\Tasks\AdwCleaner_onReboot => C:\Users\Dell\Downloads\adwcleaner_8.0.9 (1).exe [8458096 2021-01-15] (Malwarebytes Inc -> Malwarebytes)
Task: {221FBB10-C808-4E41-A3CD-96107DC20DBF} - System32\Tasks\AviraScoutUpdateTaskMachineCore => C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [114824 2017-05-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {24A2A35A-AE6C-49BA-BCED-C769CBAFCC0A} - System32\Tasks\Avira\System Speedup\Delayed Startup\Dell\1 => C:\Users\Dell\AppData\Local\Viber\Viber.exe [46810640 2020-12-18] (Viber Media S.à r.l. -> Viber Media S.à r.l.)
Task: {25DBCC21-3330-4B60-BFBB-02A1E5155F92} - System32\Tasks\Avira\System Speedup\Delayed Startup\Dell\2 => C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe [204288 2010-11-29] (Intel(R) Software -> Intel® Corporation)
Task: {28066527-2FE9-4E03-AEFF-9C336BD18330} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [696640 2019-03-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {438766D9-8D7B-4EFD-80ED-73BFECBE9A35} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\22 => C:\Windows\system32\igfxpers.exe [416024 2011-08-05] (Intel Corporation -> Intel Corporation)
Task: {4A40E918-0995-4649-9260-E7922F6EDD58} - System32\Tasks\DropboxUpdateTaskMachineCore1d4c0b0e907d498 => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-25] (Dropbox, Inc -> Dropbox, Inc.)
Task: {5EB28158-3A29-4F81-9466-9660446AC249} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {653529C6-FF6A-454C-A632-BBE1FF12B03D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {7956CF9C-3370-427C-B6F5-9CA5EB10226A} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\24 => c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe [75048 2010-10-29] (CyberLink -> cyberlink)
Task: {7F720C07-C8AF-476A-8A69-0378361EEC40} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\2
Task: {8A766BFB-0303-4B18-8D55-71EBBAB41F53} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [566592 2008-07-30] (Apple Inc. -> Apple Inc.)
Task: {96E865D0-997C-4142-BC77-C51F7B3FCF61} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\25 => c:\Program Files\Dell\QuickSet\QuickSet.exe
Task: {9706A3B4-589F-46D4-9D49-8FAED64AA6F6} - \Avira Safe Shopping Updater -> No File <==== ATTENTION
Task: {97769EC6-58AB-4CAB-A746-C150B01C086B} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\20 => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe [75064 2011-07-08] (Nero AG -> )
Task: {BB72BC5B-A5B3-48BD-BE99-9C2DF2A2A3F3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1190424 2018-08-13] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {BE1A2711-FD3A-4270-A5AD-333786F9727A} - System32\Tasks\DropboxUpdateTaskMachineUA1d4c0b0e93cc80e => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-25] (Dropbox, Inc -> Dropbox, Inc.)
Task: {C0C2ECC3-C2EB-4D00-ABB0-F5B8794D95C0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {C2D94855-5B07-4B37-A40D-2C2A7BCED7B4} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\7 => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {C33AE4D0-DEAA-444B-A74C-2E0DF4D475C7} - System32\Tasks\GoogleUpdateTaskMachineUA1d48ff79fb2da9c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-24] (Google Inc -> Google Inc.)
Task: {C344D148-1F55-4535-954D-72948AA1ABA3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-24] (Google Inc -> Google Inc.)
Task: {C581C8D8-4A53-4FBE-8BD9-F583801DA83B} - \Avira\System Speedup\SpeedupSysTray -> No File <==== ATTENTION
Task: {C9FAEB9D-D827-4477-B834-6677E7CDAFAF} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\8 => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [270336 2009-09-20] (Hewlett-Packard Co.) [File not signed]
Task: {D011C68D-69F5-4B39-8A36-A9D1AD50AF56} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\21 => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [4802864 2012-06-25] (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation)
Task: {D0A9E194-78EB-465C-9364-93ACF100A554} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\6 => C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2195824 2012-02-01] (Unlimited Realities -> ) -> "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
Task: {DC4DE65E-3DF2-4E63-8706-4F9B51A8DA2C} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\3
Task: {DCBA6E7C-CD58-466A-A28D-6F9D9F77B6D0} - System32\Tasks\AviraScoutUpdateTaskMachineUA => C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [114824 2017-05-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {DF68396B-B827-4BB7-80B2-E8477600CCB5} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\5 => "rundll32.exe" C:\Windows\system32\nvHotkey.dll,Start
Task: {DFDC9AA4-3A28-4E9B-A0DF-0033ACDD2636} - System32\Tasks\GoogleUpdateTaskMachineCore1d48ff79f7d71f3 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-24] (Google Inc -> Google Inc.)
Task: {E2CB21F8-F132-492C-A321-B1686B6364CD} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell Support Center\pcdrcui.exe
Task: {E49E445C-4960-40CA-95F9-F1C5A25B0E8F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-24] (Google Inc -> Google Inc.)
Task: {F8D25D53-6AEE-4A6E-BAF2-6108FA14C049} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore1d4c0b0e907d498.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA1d4c0b0e93cc80e.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\SystemToolsDailyTest.job => C:\Program Files\Dell Support Center\pcdrcui.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [152864 2010-05-18] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 10 C:\Program Files\Bonjour\mdnsNSP.dll [193824 2010-05-18] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 213.140.209.239 213.140.213.232
Tcpip\..\Interfaces\{1AAE7FDE-BFDD-4EC1-977B-A889CA6E735A}: [DhcpNameServer] 213.140.209.226 213.140.208.226 213.140.210.226
Tcpip\..\Interfaces\{D8F547F9-ED3E-4C36-A2C0-7CD6076162CD}: [DhcpNameServer] 213.140.209.239 213.140.213.232

FireFox:
========
FF ProfilePath: C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\BcWCNCvj.default [not found] <==== ATTENTION
FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox
FF Extension: (Bing Bar) - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox [2011-10-23] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension
FF Extension: (Search Helper Extension) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2011-10-23] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: (Default Manager) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2011-10-23] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2017-06-28] [Legacy] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF HKU\S-1-5-21-3848644748-4105553010-2298354658-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-10-23] (Sun Microsystems, Inc.) [File not signed]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2011-10-23] (Sun Microsystems, Inc.) [File not signed]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-02-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpWinExt,version=5.0 -> C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll [2010-08-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2011-04-22] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2011-04-22] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @scout.avira-update.com/Avira Scout Update;version=3 -> C:\Program Files (x86)\Avira\Scout Update\1.3.32.7\npScoutUpdate3.dll [2017-05-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FF Plugin-x32: @scout.avira-update.com/Avira Scout Update;version=9 -> C:\Program Files (x86)\Avira\Scout Update\1.3.32.7\npScoutUpdate3.dll [2017-05-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3848644748-4105553010-2298354658-1001: @bankid.ua/cryptoplugin,version=1.1.8 -> C:\Users\Dell\AppData\Local\cryptoplugin\npcryptoplugin.dll [2016-04-18] () [File not signed]

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default [2021-01-15]
CHR Notifications: Default -> hxxps://best.aliexpress.com; hxxps://book.flyuia.com; hxxps://calendar.google.com; hxxps://erasmusu.com; hxxps://fighterjetsworld.com; hxxps://gcx.aliexpress.com; hxxps://he.aliexpress.com; hxxps://mail.google.com; hxxps://mycyprusinsider.os.tc; hxxps://protarassummerfilmfestival.com; hxxps://wikipedeals.com; hxxps://www.alibaba.com; hxxps://www.aliexpress.com; hxxps://www.bangkokpost.com; hxxps://www.dominos.com.cy; hxxps://www.facebook.com; hxxps://www.flyuia.com; hxxps://www.roomster.com
CHR Session Restore: Default -> is enabled.
CHR Extension: (Google Translate) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-21]
CHR Extension: (Slides) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-08]
CHR Extension: (Docs) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-08]
CHR Extension: (Google Drive) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-08]
CHR Extension: (RSS Subscription Extension) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmjffnfcokiodbeiamclanljnaheeoke [2018-05-03]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-12-17]
CHR Extension: (High Contrast) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcfdncoelnlbldjfhinnjlhdjlikmph [2020-03-01]
CHR Extension: (Quick Note) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeoamaomfacmjfahcafjbflffklcfihk [2018-06-05]
CHR Extension: (Adobe Acrobat) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-12-17]
CHR Extension: (Urban Anti-Malware - Safe Browsing) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\efbobpikdmjaaklfkdlgfopochnjadab [2020-12-30]
CHR Extension: (Sheets) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-08]
CHR Extension: (Google Docs Offline) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-19]
CHR Extension: (Crypto-Plugin) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\idfiabaafjemgcecklpgnebaebonghka [2017-12-13]
CHR Extension: (Mate Translate – translator, dictionary) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmgiclibbndffejedjimfjmfoabpcke [2020-12-30]
CHR Extension: (Save to Facebook) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfikkaogpplgnfjmbjdpalkhclendgd [2019-12-10]
CHR Extension: (Explain and Send Screenshots) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdddabjhelpilpnpgondfmehhcplpiin [2020-12-17]
CHR Extension: (Email Tracker for Gmail - Mailtrack) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndnaehgpjlnokgebbaldlmgkapkpjkkb [2021-01-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-11]
CHR Extension: (ImTranslator: Translator, Dictionary, TTS) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\noaijdpnepcgjemiklgfkcfbkokogabh [2020-12-29]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2021-01-05]
CHR Extension: (Amazon Assistant for Chrome) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2021-01-15]
CHR Extension: (AliRadar Shopping Assistant) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfjibkklgpfcfdlhijfglamdnkjnpdeg [2020-10-08]
CHR Extension: (Gmail) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-24]
CHR Extension: (Chrome Media Router) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-21]
CHR Profile: C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-08-26]
CHR Profile: C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-01-14]
CHR Extension: (Slides) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-02-27]
CHR Extension: (Docs) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2020-02-27]
CHR Extension: (Google Drive) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-14]
CHR Extension: (YouTube) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-02-27]
CHR Extension: (Avira Safe Shopping) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2021-01-14]
CHR Extension: (Adobe Acrobat) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-01-14]
CHR Extension: (Sheets) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-02-27]
CHR Extension: (Google Docs Offline) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-01-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-02-27]
CHR Extension: (Gmail) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-14]
CHR Extension: (Chrome Media Router) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-14]
CHR Profile: C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Profile 2 [2020-10-12]
CHR Extension: (Slides) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-08-25]
CHR Extension: (Docs) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2020-08-25]
CHR Extension: (Google Drive) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-08-25]
CHR Extension: (YouTube) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-08-25]
CHR Extension: (Avira Safe Shopping) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2020-10-08]
CHR Extension: (Adobe Acrobat) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-08-25]
CHR Extension: (Sheets) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-08-25]
CHR Extension: (Google Docs Offline) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-10-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-08-25]
CHR Extension: (Gmail) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-08-25]
CHR Extension: (Chrome Media Router) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-08]
CHR Profile: C:\Users\Dell\AppData\Local\Google\Chrome\User Data\System Profile [2020-10-29]
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

Opera: 
=======
OPR Extension: (Avira Browser Safety) - C:\Users\Dell\AppData\Roaming\Opera Software\Opera Stable\Extensions\dalelnnofafalcmkmnhdbigbjjkloabo [2019-12-15]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [83984 2018-08-13] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
R2 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [98208 2009-11-18] (Andrea Electronics -> Andrea Electronics Corporation)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [893008 2019-03-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [248312 2019-03-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [248312 2019-03-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1191152 2019-03-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [384360 2020-12-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [103840 2019-03-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [921664 2011-05-19] (Intel Corporation) [File not signed]
S3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1335360 2011-05-19] (Intel Corporation) [File not signed]
R2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [995392 2011-05-19] (Intel Corporation) [File not signed]
S2 CLKMSVC10_9EC60124; c:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe [236016 2010-10-29] (CyberLink -> CyberLink)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-25] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-25] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44064 2021-01-14] (Dropbox, Inc -> Dropbox, Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [248376 2020-01-22] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3359288 2020-01-22] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [271416 2020-01-22] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7106.1428\DSAPI.exe [965104 2020-05-10] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [36544 2020-04-17] (Dell Inc -> )
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-14] (Malwarebytes Inc -> Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S2 scupdate; C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [114824 2017-05-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 scupdatem; C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [114824 2017-05-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 SftService; C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE [1692480 2011-07-08] (Dell Inc -> SoftThinks SAS)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [38360 2020-05-03] (Dell Inc. -> Dell Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2286976 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
S2 SpeedupService; "C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe" [X]
S2 TunMirror; "C:\ProgramData\KMSAuto\bin\TunMirror.exe" [X]
S2 WinZip Compression Smart Monitor Service; "C:\Program Files\WinZip\WinZip Smart Monitor\WinZip Compression Smart Monitor Service.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Acceler; C:\WINDOWS\System32\DRIVERS\Accelern.sys [27760 2010-12-13] (STMicroelectronics -> ST Microelectronics)
R3 AMPPAL; C:\WINDOWS\System32\DRIVERS\AMPPAL.sys [198144 2012-03-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 AMPPALP; C:\WINDOWS\System32\DRIVERS\amppal.sys [198144 2012-03-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 athur; C:\WINDOWS\System32\DRIVERS\athurx.sys [1847296 2010-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [65104 2019-03-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [206808 2019-03-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [158840 2019-03-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [36072 2019-03-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\System32\DRIVERS\avnetflt.sys [78600 2017-04-10] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [35376 2019-03-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 CtClsFlt; C:\WINDOWS\System32\DRIVERS\CtClsFlt.sys [176000 2011-06-16] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)
R3 DDDriver; C:\WINDOWS\System32\drivers\DDDriver64Dcsa.sys [41608 2019-02-28] (Techporch Incorporated -> Dell Inc.)
S3 DellProf; C:\WINDOWS\System32\drivers\DellProf.sys [41208 2019-02-28] (Techporch Incorporated -> Dell Computer Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-12-14] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2021-01-05] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [197792 2021-01-15] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-01-15] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-12-14] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\System32\DRIVERS\mwac.sys [127088 2021-01-15] (Malwarebytes Inc -> Malwarebytes)
S3 NAL; C:\WINDOWS\system32\Drivers\iqvw64e.sys [50640 2019-03-31] (Intel(R) INTELNPG1 -> Intel Corporation)
R3 nusb3hub; C:\WINDOWS\System32\DRIVERS\nusb3hub.sys [82432 2011-02-11] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 nusb3xhc; C:\WINDOWS\System32\DRIVERS\nusb3xhc.sys [181760 2011-02-11] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
S3 NvStUSB; C:\WINDOWS\system32\drivers\nvstusb.sys [121960 2010-12-12] (NVIDIA Corporation -> )
R3 phantomtap; C:\WINDOWS\System32\DRIVERS\phantomtap.sys [35664 2017-10-25] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 ptun0901; C:\WINDOWS\System32\DRIVERS\ptun0901.sys [27136 2014-08-08] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 qicflt; C:\WINDOWS\System32\DRIVERS\qicflt.sys [29288 2010-07-13] (Quanta Computer Inc. -> Quanta Computer)
R0 stdcfltn; C:\WINDOWS\System32\DRIVERS\stdcfltn.sys [21616 2010-08-20] (STMicroelectronics -> ST Microelectronics)
S3 tap0901; C:\WINDOWS\System32\DRIVERS\tap0901.sys [30720 2019-10-31] (OpenVPN Inc. -> The OpenVPN Project)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-15 22:56 - 2021-01-15 22:56 - 000001477 _____ C:\Users\Dell\Desktop\FRST64 (1) - Shortcut.lnk
2021-01-15 22:55 - 2021-01-15 22:55 - 002281472 _____ (Farbar) C:\Users\Dell\Downloads\FRST64 (1).exe
2021-01-15 22:52 - 2021-01-15 22:53 - 001995264 _____ (Farbar) C:\Users\Dell\Downloads\FRST.exe
2021-01-15 22:51 - 2021-01-15 22:51 - 000000000 ____D C:\Users\Dell\AppData\LocalLow\IGDump
2021-01-15 19:39 - 2021-01-15 19:41 - 000047927 _____ C:\Users\Dell\Downloads\Addition.txt
2021-01-15 19:37 - 2021-01-15 22:58 - 000040067 _____ C:\Users\Dell\Downloads\FRST.txt
2021-01-15 19:36 - 2021-01-15 22:57 - 000000000 ____D C:\FRST
2021-01-15 19:35 - 2021-01-15 19:35 - 002281472 _____ (Farbar) C:\Users\Dell\Downloads\FRST64.exe
2021-01-15 19:31 - 2021-01-15 19:31 - 000197792 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-01-15 19:30 - 2021-01-15 19:30 - 000127088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-01-15 19:30 - 2021-01-15 19:30 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-01-15 18:40 - 2021-01-15 19:27 - 000003106 _____ C:\WINDOWS\system32\Tasks\AdwCleaner_onReboot
2021-01-15 18:29 - 2021-01-15 18:29 - 008458096 _____ (Malwarebytes) C:\Users\Dell\Downloads\adwcleaner_8.0.9 (1).exe
2021-01-15 18:17 - 2021-01-15 18:17 - 002086424 _____ (Malwarebytes) C:\Users\Dell\Downloads\MBSetup (3).exe
2021-01-15 18:16 - 2021-01-15 18:17 - 008458096 _____ (Malwarebytes) C:\Users\Dell\Downloads\adwcleaner_8.0.9.exe
2021-01-15 17:28 - 2021-01-15 17:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-01-14 18:53 - 2021-01-14 18:53 - 002086424 _____ (Malwarebytes) C:\Users\Dell\Downloads\MBSetup (2).exe
2021-01-14 18:51 - 2021-01-14 18:51 - 002086424 _____ (Malwarebytes) C:\Users\Dell\Downloads\MBSetup (1).exe
2021-01-14 18:50 - 2021-01-14 18:50 - 002086424 _____ (Malwarebytes) C:\Users\Dell\Downloads\MBSetup.exe
2021-01-14 17:53 - 2021-01-14 17:53 - 000000000 ____D C:\ProgramData\UrbanVPN
2021-01-14 03:13 - 2021-01-14 03:13 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-01-14 03:13 - 2021-01-14 03:13 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-01-14 03:13 - 2021-01-14 03:13 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-01-14 03:13 - 2021-01-14 03:13 - 000044064 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-01-13 17:14 - 2021-01-13 17:14 - 000071911 _____ C:\Users\Dell\Downloads\202101130073002Z7D.pdf
2021-01-05 17:51 - 2021-01-05 17:51 - 000220160 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-12-30 23:03 - 2020-12-30 23:03 - 031769416 _____ (Urban Security) C:\Users\Dell\Downloads\UrbanVPN2 (1).exe
2020-12-30 22:59 - 2020-12-30 22:59 - 000000000 ____D C:\Users\Dell\UrbanVPN
2020-12-30 22:38 - 2020-12-30 22:38 - 000000000 ____D C:\Users\Dell\AppData\Roaming\Urban Security
2020-12-30 22:35 - 2020-12-30 22:35 - 031769416 _____ (Urban Security) C:\Users\Dell\Downloads\UrbanVPN2.exe
2020-12-29 12:01 - 2020-12-29 12:01 - 000293594 _____ C:\Users\Dell\Downloads\465 594 0000 (23).pdf
2020-12-22 16:56 - 2020-12-22 16:57 - 000000000 ____D C:\Users\Dell\AppData\Local\Viber

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-15 22:57 - 2019-02-09 21:51 - 000000904 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA1d4c0b0e93cc80e.job
2021-01-15 19:40 - 2009-07-14 06:45 - 000021296 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-01-15 19:40 - 2009-07-14 06:45 - 000021296 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-01-15 19:31 - 2009-07-14 05:20 - 000000000 ____D C:\WINDOWS\Registration
2021-01-15 19:30 - 2017-11-20 16:01 - 000000435 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2021-01-15 19:28 - 2019-02-09 21:51 - 000000900 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore1d4c0b0e907d498.job
2021-01-15 19:28 - 2017-05-24 21:05 - 000000000 ____D C:\Users\Dell\AppData\Local\SoftThinks
2021-01-15 19:28 - 2011-10-23 02:50 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-15 19:28 - 2011-10-23 01:27 - 000000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2021-01-15 19:28 - 2009-07-14 07:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-15 19:27 - 2017-10-05 10:44 - 000003292 _____ C:\WINDOWS\system32\Tasks\Avira_Antivirus_Systray
2021-01-15 19:27 - 2011-10-23 02:32 - 000000000 ____D C:\ProgramData\Dell
2021-01-15 19:23 - 2020-09-03 15:52 - 000000000 ____D C:\Users\Dell\AppData\Local\CrashDumps
2021-01-15 19:23 - 2017-12-05 10:32 - 000000000 ____D C:\AdwCleaner
2021-01-15 18:51 - 2009-07-14 07:13 - 000800654 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-15 18:51 - 2009-07-14 05:20 - 000000000 ____D C:\WINDOWS\inf
2021-01-15 18:40 - 2017-05-24 21:07 - 000000000 ____D C:\Users\Dell\AppData\Local\Dell
2021-01-15 18:40 - 2011-10-23 01:32 - 000000000 ____D C:\Program Files (x86)\Dell
2021-01-15 18:40 - 2011-10-23 01:24 - 000000000 ____D C:\Program Files\Dell
2021-01-15 18:40 - 2011-02-10 16:01 - 000000000 ____D C:\DELL
2021-01-15 17:28 - 2017-05-25 00:46 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-01-14 19:38 - 2017-05-24 23:46 - 000000000 ____D C:\Users\Dell\AppData\Roaming\AgileBits
2021-01-13 10:54 - 2017-12-08 11:08 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-13 10:54 - 2017-12-08 11:08 - 000002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-01-13 10:52 - 2019-02-09 21:51 - 000003900 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA1d4c0b0e93cc80e
2021-01-13 10:52 - 2019-02-09 21:51 - 000003648 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore1d4c0b0e907d498
2021-01-11 17:41 - 2009-07-14 05:20 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-01-05 17:59 - 2017-05-25 00:50 - 000000000 ___RD C:\Users\Dell\Dropbox
2021-01-04 17:17 - 2020-05-18 09:26 - 000000000 ____D C:\Users\Dell\Documents\ViberDownloads
2020-12-30 22:59 - 2017-05-24 21:05 - 000000000 ____D C:\Users\Dell
2020-12-30 22:25 - 2018-02-08 17:19 - 000000000 ____D C:\Users\Dell\AppData\LocalLow\Mozilla
2020-12-23 17:24 - 2017-08-21 11:32 - 000000000 ____D C:\Users\Dell\AppData\Roaming\ViberPC

==================== Files in the root of some directories ========

2020-02-06 18:26 - 2020-02-06 18:26 - 000004608 _____ () C:\Users\Dell\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2018-01-08 19:45
==================== End of FRST.txt ========================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-01-2021
Ran by Dell (15-01-2021 22:58:21)
Running from C:\Users\Dell\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2017-05-24 19:05:11)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3848644748-4105553010-2298354658-500 - Administrator - Disabled)
Dell (S-1-5-21-3848644748-4105553010-2298354658-1001 - Administrator - Enabled) => C:\Users\Dell
Guest (S-1-5-21-3848644748-4105553010-2298354658-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3848644748-4105553010-2298354658-1004 - Limited - Enabled)
UpdatusUser (S-1-5-21-3848644748-4105553010-2298354658-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {88AE6B46-DC3C-455A-A21B-085F285A3546}
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1Password 4.6.2.626 (HKLM-x32\...\1Password4_is1) (Version: 4.0 - AgileBits)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 18.01 (x64) (HKLM\...\7-Zip) (Version: 18.01 - Igor Pavlov)
AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.11.22 - STMicroelectronics)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.3.183.5 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Apple Software Update (HKLM-x32\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
Avira (HKLM-x32\...\{4BC30143-FC17-4BA0-96C3-11F21F026099}) (Version: 1.2.100.18354 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.44.143 - Avira Operations GmbH & Co. KG)
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.37.1.24458 - Avira Operations GmbH & Co. KG)
Avira Safe Shopping (HKLM-x32\...\{FA4F79B8-FA3E-4BDC-82B1-F0AA064E24C0}) (Version: 1.0.49.1987 - Avira Operations Gmbh & Co. KG)
Avira Scout (HKLM-x32\...\Avira Scout) (Version: 17.6.3071.2851 - Avira Operations GmbH & Co. KG)
Avira Software Updater (HKLM-x32\...\{591FD32E-4D97-44D6-84E5-84751E7A9859}) (Version: 2.0.4.31895 - Avira Operations GmbH & Co. KG)
Bing Bar (HKLM-x32\...\{08234a0d-cf39-4dca-99f0-0c5cb496da81}) (Version: 6.0.2282.0 - Microsoft Corporation)
Bing Bar Platform (HKLM-x32\...\{77C4850C-3592-4A2F-B652-ACB77A1EF77C}) (Version: 6.0.2282.0 - Microsoft Corporation) Hidden
Bing Rewards Client Installer (HKLM-x32\...\{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}) (Version: 16.0.345.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
Bonjour Print Services (HKLM\...\{0DA20600-6130-443B-9D4B-F30520315FA6}) (Version: 2.0.2.0 - Apple Inc.)
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
C4400 (HKLM-x32\...\{B1E33614-25CC-4C2A-8CBA-88B51ABF67E0}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
Copy (HKLM-x32\...\{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}) (Version: 130.0.428.000 - Hewlett-Packard) Hidden
Crypto Plugin (HKU\S-1-5-21-3848644748-4105553010-2298354658-1001\...\Crypto Plugin) (Version: 1.1.8 - Privatbank)
CyberLink PowerDVD 9.6 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.6.1.3522 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.57 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.57 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}) (Version: 1.5.201.0 - Fingertapps)
Dell Stage (HKLM-x32\...\{FE182796-F6BA-486A-8590-89B7E8D1D60F}) (Version: 1.7.209.0 - Fingertapps)
Dell SupportAssist (HKLM\...\{6D2933E3-DC42-44E5-B80E-DACDD64ADFF5}) (Version: 3.5.0.448 - Dell Inc.)
Dell VideoStage  (HKLM-x32\...\{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.) Hidden
Dell VideoStage  (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.01.19 - Creative Technology Ltd)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}) (Version: 130.0.465.000 - Hewlett-Packard) Hidden
DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 114.3.363 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.379.1 - Dropbox, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.141 - Google LLC)
Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.32.7 - Google Inc.) Hidden
GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
High-Definition Video Playback (HKLM-x32\...\{237CCB62-8454-43E3-B158-3ACD0134852E}) (Version: 7.3.10000.0.0 - Nero AG) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart C4400 All-In-One Driver Software 13.0 Rel. 3 (HKLM\...\{8181C5B7-2FF5-4677-BA6A-8E2C3F5A7601}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (HKLM-x32\...\{681B698F-C997-42C3-B184-B489C6CA24C9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (HKLM-x32\...\{D79113E7-274C-470B-BD46-01B10219DF6A}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
inSSIDer Office (HKLM-x32\...\{F7F37748-A121-4B38-8192-6453E1FF5ADD}) (Version: 4.4.0.6 - MetaGeek, LLC)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2455 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{BEE86606-EFB5-4353-9F34-29E0C59CDCFA}) (Version: 15.2.0.0284 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}) (Version: 1.2.0.0587 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{181BBF43-CA17-4E1A-A78D-81E67A57B8A4}) (Version: 15.02.0000.1258 - Intel Corporation)
Java(TM) 6 Update 27 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416027FF}) (Version: 6.0.270 - Oracle)
Java(TM) 6 Update 27 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216027FF}) (Version: 6.0.270 - Oracle)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LibreOffice 5.2.6.2 (HKLM-x32\...\{443795BA-BBA0-46CF-A07F-DB5B461785F7}) (Version: 5.2.6.2 - The Document Foundation)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
NVIDIA 3D Vision Driver 268.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 268.30 - NVIDIA Corporation)
NVIDIA Graphics Driver 268.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.30 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Popcorn-Time (HKU\S-1-5-21-3848644748-4105553010-2298354658-1001\...\Popcorn-Time) (Version: 0.4.4 - Popcorn Time)
PS_AIO_03_C4400_Software_Min (HKLM-x32\...\{7E5A8023-0E90-4503-A1EA-C9FC25680AF9}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6312 - Realtek Semiconductor Corp.)
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SmartWebPrinting (HKLM-x32\...\{DC635845-46D3-404B-BCB1-FC4A91091AFA}) (Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (HKLM-x32\...\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}) (Version: 130.0.469.000 - Hewlett-Packard) Hidden
SyncUP (HKLM-x32\...\{40F06490-8C14-43AA-99D3-EEEFDBAC3CFC}) (Version: 1.10.11100.8.106 - Nero AG)
SyncUP (HKLM-x32\...\{D92C9CCE-E5F0-4125-977A-0590F3225B74}) (Version: 10.2.14900 - Nero AG)
Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}) (Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (HKLM-x32\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
Update for Skype for Business 2015 (KB4011255) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{FCBDF81E-8BA7-4705-A8BB-048A3FB755D7}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4011255) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{FCBDF81E-8BA7-4705-A8BB-048A3FB755D7}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4011255) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{FCBDF81E-8BA7-4705-A8BB-048A3FB755D7}) (Version:  - Microsoft)
Viber (HKLM-x32\...\{EAF077BA-8EA4-4CEC-A215-4ACAE713A8BF}) (Version: 6.9.0.1048 - Viber Media Inc.) Hidden
Viber (HKU\S-1-5-21-3848644748-4105553010-2298354658-1001\...\{a85cbe05-cc32-4419-ad8f-7ff7bc41bc05}) (Version: 6.9.0.1048 - Viber Media Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.8 - VideoLAN)
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinZip 22.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24115}) (Version: 22.0.12670 - Corel Corporation)
Zinio Reader 4 (HKLM-x32\...\{7FB00B6B-6843-97EC-EED6-78BD6D35370A}) (Version: 4.2.4164 - Zinio LLC) Hidden
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Εργαλεία γλωσσικού ελέγχου του Microsoft Office 2013 - Ελληνικά (HKLM\...\{90150000-001F-0408-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Εργαλεία γλωσσικού ελέγχου του Microsoft Office 2013 - Ελληνικά (HKLM-x32\...\{90150000-001F-0408-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Πακέτο συμβατότητας για το 2007 Microsoft Office system (HKLM-x32\...\{90120000-0020-0408-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Πρόσθετο αποθήκευσης ως PDF ή XPS της Microsoft για προγράμματα του Microsoft Office 2007 (HKLM-x32\...\{90120000-00B2-0408-0000-0000000FF1CE}) (Version: 12.0.4518.1029 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKU\S-1-5-21-3848644748-4105553010-2298354658-1001\...\ChromeHTML: ->  <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-3848644748-4105553010-2298354658-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.WinZipExpressForOffice.dll () [File not signed]
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [BTMSentToExt] -> {0A7D34C2-E9DA-48A1-9E34-0CDFC2DE3B44} =>  -> No File
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-03-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-11-01] (Corel Corporation -> WinZip Computing, S.L.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-11-01] (Corel Corporation -> WinZip Computing, S.L.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-24] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-07-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2011-04-22] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-03-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-11-01] (Corel Corporation -> WinZip Computing, S.L.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Dell\Desktop\Andy - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\Dell\Desktop\Kleanthis (Maria) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\Dell\Desktop\Natalia (Nat) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2011-10-23 01:14 - 2010-12-20 16:49 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2009-05-21 19:21 - 2009-05-21 19:21 - 000248832 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll
2009-09-20 11:24 - 2009-09-20 11:24 - 000213504 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqddcmn.dll
2009-09-20 11:24 - 2009-09-20 11:24 - 000133120 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqddsvc.dll
2010-08-06 10:15 - 2010-08-06 10:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-08-06 10:15 - 2010-08-06 10:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2019-02-11 23:30 - 2018-12-30 09:00 - 000077824 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2011-05-19 08:16 - 2011-05-19 08:16 - 000054784 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Bluetooth\vdpsrca.dll
2011-10-23 01:14 - 2010-12-20 16:45 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2012-04-23 16:21 - 2012-04-23 16:21 - 000333312 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\BluetoothHS\BTHSSupplicant.dll
2012-03-15 05:00 - 2012-03-15 05:00 - 000105472 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\BluetoothHS\UsR3IoPort.dll
2017-04-21 12:26 - 2017-04-21 12:26 - 000126976 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\WINDOWS\Microsoft.Net\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2020-01-13 07:04 - 2020-01-13 07:04 - 001899008 _____ (SQLite Development Team) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\sqlite3.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Dell\IMG_3942.MOV:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Dell\Documents\8015 installation instruction's vedio .avi:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Dell\Documents\8015 installation instruction's vedio .avi:com.dropbox.attrs [54]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

HKU\S-1-5-21-3848644748-4105553010-2298354658-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www1.euro.dell.com/content/default.aspx?c=cy&l=en&s=gen
HKU\S-1-5-21-3848644748-4105553010-2298354658-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www1.euro.dell.com/content/default.aspx?c=cy&l=en&s=gen
SearchScopes: HKLM -> DefaultScope {B6382810-6500-4DDC-8000-1AA99DF65EBD} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {B6382810-6500-4DDC-8000-1AA99DF65EBD} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {B6382810-6500-4DDC-8000-1AA99DF65EBD} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {B6382810-6500-4DDC-8000-1AA99DF65EBD} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3848644748-4105553010-2298354658-1001 -> DefaultScope {B6382810-6500-4DDC-8000-1AA99DF65EBD} URL = 
SearchScopes: HKU\S-1-5-21-3848644748-4105553010-2298354658-1001 -> {B6382810-6500-4DDC-8000-1AA99DF65EBD} URL = 
BHO: No Name -> {037C06D5-3893-49E8-9AC0-41F7524AFBF5} -> No File
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2017-09-12] (Microsoft Corporation -> Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-23] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Company -> Hewlett-Packard Co.)
BHO-x32: No Name -> {037C06D5-3893-49E8-9AC0-41F7524AFBF5} -> No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-08-24] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-07-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Bing Bar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll [2010-08-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-23] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Company -> Hewlett-Packard Co.)
Toolbar: HKLM-x32 - @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll [2010-08-13] (Microsoft Corporation -> Microsoft Corporation)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://files.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\dell.com -> dell.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2017-11-20 16:01 - 2021-01-15 19:30 - 000000435 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 Dell-PC.mshome.net # 2025 1 1 27 11 56 50 333

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\DLLShared\;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\DLLShared\;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\DLLShared\;C:\Program Files (x86)\Roxio\OEM\AudioCore\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-3848644748-4105553010-2298354658-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.140.209.239 - 213.140.213.232
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupreg: Agile1pAgent => C:\Program Files (x86)\1Password 4\Agile1pAgent.exe
MSCONFIG\startupreg: Avira Safe Shopping => "C:\Program Files (x86)\Avira\Safe Shopping\Avira Safe Shopping.exe"
MSCONFIG\startupreg: CTFMON => C:\Windows\System32\ctfmon.exe
MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3 
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: WinZip FAH => C:\Program Files\WinZip\FAHConsole.exe
MSCONFIG\startupreg: WinZip PreLoader => C:\Program Files\WinZip\WzPreloader.exe
MSCONFIG\startupreg: WinZip UN => C:\Program Files\WinZip\WZUpdateNotifier.exe

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{051C0788-CA48-4A94-BACB-7AF283F5E9C0}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{34FD4BAC-D077-44A6-A98B-B76B75146E36}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{A497B582-C6A4-4983-8420-CB2A23A9BCC2}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{8C10E689-DBE6-4ECA-9F6E-C1418645B9AB}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{45C3289F-A2FC-4A2F-AFC1-849E2233DDC2}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{DD6C75B1-36BF-4BD6-9D00-C3626024B59F}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{589C7F37-6E8A-48EF-9411-65A89D91D7E2}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{F88DD30F-A59A-4615-9E37-151637334267}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Mobile Wireless Group -> )
FirewallRules: [{FE0DB2DC-4791-459E-A54C-86E3CA20ABCD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FB16B56D-6894-4B22-B9E3-5CA4928DFA3F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{4CEA560C-9570-42A4-9A65-18298E95F24A}C:\program files\microsoft office\office15\lync.exe] => (Block) C:\program files\microsoft office\office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{D942451C-C914-49BA-8F89-010784F8AC4C}C:\program files\microsoft office\office15\lync.exe] => (Block) C:\program files\microsoft office\office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{ABFFDE26-491C-44CC-B2DB-436F339EA85B}C:\program files (x86)\1password 4\1password.exe] => (Allow) C:\program files (x86)\1password 4\1password.exe (AgileBits Inc. -> AgileBits)
FirewallRules: [UDP Query User{BC65A468-0CA8-4A70-AB0A-8921866324A7}C:\program files (x86)\1password 4\1password.exe] => (Allow) C:\program files (x86)\1password 4\1password.exe (AgileBits Inc. -> AgileBits)
FirewallRules: [TCP Query User{0B0D3DAD-9C33-4240-B3F8-A5BCC27935F9}C:\users\dell\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\dell\appdata\local\popcorn-time\popcorn-time.exe (The NW.js Community) [File not signed]
FirewallRules: [UDP Query User{9F4FCB2E-9DE1-457F-9415-8ECC43CA54C0}C:\users\dell\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\dell\appdata\local\popcorn-time\popcorn-time.exe (The NW.js Community) [File not signed]
FirewallRules: [{4DCE8E8D-56EA-4A8E-88F9-0A05873766AD}] => (Block) C:\users\dell\appdata\local\popcorn-time\popcorn-time.exe (The NW.js Community) [File not signed]
FirewallRules: [{35E835DA-409B-4D75-B65D-F0D2C35F6FBC}] => (Block) C:\users\dell\appdata\local\popcorn-time\popcorn-time.exe (The NW.js Community) [File not signed]
FirewallRules: [TCP Query User{9C212D17-E539-45C2-A889-C67F3B029D83}C:\users\dell\appdata\local\viber\qtwebengineprocess.exe] => (Block) C:\users\dell\appdata\local\viber\qtwebengineprocess.exe (Viber Media S.à r.l. -> The Qt Company Ltd.)
FirewallRules: [UDP Query User{CFEE9295-CAE6-49E2-A7D1-B848F8BE0EEB}C:\users\dell\appdata\local\viber\qtwebengineprocess.exe] => (Block) C:\users\dell\appdata\local\viber\qtwebengineprocess.exe (Viber Media S.à r.l. -> The Qt Company Ltd.)
FirewallRules: [TCP Query User{734275E1-CAFF-4F13-98B4-C6B59EBC2EDB}C:\users\dell\appdata\local\viber\qtwebengineprocess.exe] => (Block) C:\users\dell\appdata\local\viber\qtwebengineprocess.exe (Viber Media S.à r.l. -> The Qt Company Ltd.)
FirewallRules: [UDP Query User{DB2C8C3E-B4D0-4915-8EE1-C169DE16B0DD}C:\users\dell\appdata\local\viber\qtwebengineprocess.exe] => (Block) C:\users\dell\appdata\local\viber\qtwebengineprocess.exe (Viber Media S.à r.l. -> The Qt Company Ltd.)
FirewallRules: [TCP Query User{9810121D-C4E3-444C-99AE-833A7F90657D}C:\users\dell\appdata\local\viber\viber.exe] => (Allow) C:\users\dell\appdata\local\viber\viber.exe (Viber Media S.à r.l. -> Viber Media S.à r.l.)
FirewallRules: [UDP Query User{E3B0BF19-87D6-4955-A46F-DD8950068937}C:\users\dell\appdata\local\viber\viber.exe] => (Allow) C:\users\dell\appdata\local\viber\viber.exe (Viber Media S.à r.l. -> Viber Media S.à r.l.)
FirewallRules: [{B1975469-63F0-423C-9048-2A1685F11B3A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A219160A-61E5-4CFF-B4AE-06B90C0BAFF5}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

==================== Restore Points =========================

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (01/15/2021 07:33:36 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2021-01-20T08:19:36Z. Error Code: 0x80041321.

Error: (01/15/2021 07:31:05 PM) (Source: COM+) (EventID: 4691) (User: )
Description: The run-time environment was unable to initialize for transactions required to support transactional components. Make sure that MS-DTC is running. (DtcGetTransactionManagerEx(): hr = 0x8004d01b)

Error: (01/15/2021 07:31:05 PM) (Source: MSDTC) (EventID: 4441) (User: )
Description: A MS DTC component has encountered an internal error. The process is being terminated. Error Specifics: DtcSystemShutdown (d:\w7rtm\com\complus\dtc\dtc\msdtc\src\msdtc.cpp@2539): Shutting down with an error

Error: (01/15/2021 07:31:05 PM) (Source: MSDTC) (EventID: 4112) (User: )
Description: Could not start the MS DTC Transaction Manager.

Error: (01/15/2021 07:31:05 PM) (Source: MSDTC) (EventID: 4185) (User: )
Description: MS DTC Transaction Manager start failed. LogInit returned error 0x2. This is expected if the corresponding volume has been restored (search for kb article regarding the issue). In all other cases, contact product support.

Error: (01/15/2021 07:31:05 PM) (Source: MSDTC) (EventID: 4163) (User: )
Description: MS DTC log file not found. After ensuring that all Resource Managers coordinated by MS DTC have no indoubt transactions, please run msdtc -resetlog to create the log file.

Error: (01/15/2021 07:28:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/15/2021 07:28:35 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe".Error in manifest or policy file "C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe.Config" on line 0.
Invalid Xml syntax.

System errors:
=============
Error: (01/15/2021 07:31:05 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Distributed Transaction Coordinator service terminated with service-specific error %%-1073737712.

Error: (01/15/2021 07:30:08 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Dell Client Management Service service hung on starting.

Error: (01/15/2021 07:29:22 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (01/15/2021 07:28:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WinZip Compression Smart Monitor Service service failed to start due to the following error: 
The system cannot find the file specified.

Error: (01/15/2021 07:28:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The TunMirror service failed to start due to the following error: 
The system cannot find the file specified.

Error: (01/15/2021 07:28:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Avira System Speedup service failed to start due to the following error: 
The system cannot find the file specified.

Error: (01/15/2021 07:27:45 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\WINDOWS\System32\IWMSSvc.dll

Error: (01/15/2021 07:27:45 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\WINDOWS\System32\IWMSSvc.dll

==================== Memory info =========================== 

BIOS: Dell Inc. A12 09/07/2012
Motherboard: Dell Inc. 0NJT03
Processor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz
Percentage of memory in use: 91%
Total physical RAM: 8086.17 MB
Available physical RAM: 712.26 MB
Total Virtual: 16170.52 MB
Available Virtual: 6868.09 MB

==================== Drives ================================

Drive 😄 (OS) (Fixed) (Total:911.88 GB) (Free:776.11 GB) NTFS
Drive h: () (Removable) (Total:1.84 GB) (Free:1.5 GB) FAT

\\?\Volume{b4274ec4-4091-11e7-96f8-806e6f6e6963}\ (RECOVERY) (Fixed) (Total:19.53 GB) (Free:10.53 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 3984C600)
Partition 1: (Not Active) - (Size=102 MB) - (Type=DE)
Partition 2: (Active) - (Size=19.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=911.9 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Protective MBR) (Size: 1.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

[kevinf80]

Hiya AndyCY,

Thanks for those logs, continue:

Please download the attached fixlist.txt file and save it to the Desktop or location where you ran FRST from. NOTE. It's important that both files, FRST or FRSTEnglish, and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system that cannot be undone. Run FRST or FRST64 and press the Fix button just once and wait. If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart. The tool will make a log on the Desktop (Fixlog.txt) or wherever you ran FRST from. Please attach or post it to your next reply. Note: If the tool warned you about an outdated version please download and run the updated version. NOTE-1: This fix will run a scan to check that all Microsoft operating system files are valid and not corrupt and attempt to correct any invalid files. It will also run a disk check on the restart to ensure disk integrity. Depending on the speed of your computer this fix may take 30 minutes or more. NOTE-2: As part of this fix all temporary files will be removed. If you have any open web pages that have not been bookmarked please make sure you bookmark them now as all open applications will be automatically closed. Also, make sure you know the passwords for all websites as cookies will also be removed. The following directories are emptied:   Windows Temp Users Temp folders Edge, IE, FF, Chrome and Opera caches, HTML5 storages, Cookies and History Recently opened files cache Flash Player cache Java cache Steam HTML cache Explorer thumbnail and icon cache BITS transfer queue (qmgr*.dat files) Recycle Bin Important: items are permanently deleted. They are not moved to quarantine. If you have any questions or concerns please ask before running this fix. The system will be rebooted after the fix has run. Next, Download Sophos Free Virus Removal Tool and save it to your desktop. If your security alerts to this scan either accept the alert or turn off your security to allow Sophos to run and complete..... Please Do Not use your PC whilst the scan is in progress.... This scan is very thorough so may take several hours...   Double click the icon and select Run Click Next Select I accept the terms in this license agreement, then click Next twice Click Install Click Finish to launch the program Once the virus database has been updated click Start Scanning If any threats are found click Details, then View log file... (bottom left hand corner) Copy and paste the results in your reply Close the Notepad document, close the Threat Details screen, then click Start cleanup Click Exit to close the program If no threats were found please confirm that result.... The Virus Removal Tool scans the following areas of your computer: Memory, including system memory on 32-bit (x86) versions of Windows The Windows registry All local hard drives, fixed and removable Mapped network drives are not scanned. Note: If threats are found in the computer memory, the scan stops. This is because further scanning could enable the threat to spread. You will be asked to click Start Cleanup to remove the threats before continuing the scan. Saved logs are found here: C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs Let me see those logs in your reply.. Thank you, Kevin..

 

fixlist.txt

[AndyCY]

Kevin, When trying to download fixlist.txt I get "This file is dangerous, so Chrome has blocked it."

Why is this so?

[kevinf80]

Hiya AndyCY,

The file is not dangerous, do you not get an option to accept the download...

Thanks,

Kevin..

[kevinf80]

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Tips to help protect from infection

Thanks