Salut, au cours des deux dernières semaines.cootlogix.com
J'ai aussi eu deux fausses notifications Macafee apparaître la semaine dernière.Y a-t-il une sorte de logiciels malveillants sur mon ordinateur?
Voici mes journaux
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-12-2021Ran by Karl (administrator) on DESKTOP-16K24BG (Dell Inc. Inspiron 3847) (03-01-2022 12:13:03)Running from C:\Users\Karl\DesktopLoaded Profiles: KarlPlatform: Microsoft Windows 10 Home Version 21H1 19043.1415 (X64) Language: English (United States)Default browser: EdgeBoot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2>(Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe(Bose Corporation -> Bose Corporation) C:\Program Files (x86)\Bose Updater\BOSEUPDATER.EXE(CyberLink Corp. -> ) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe(Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe(Dell Inc -> Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe(Dell Inc -> Dell Inc.) C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <15>(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe(Intel® pGFX -> ) C:\Windows\System32\igfxTray.exe(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe(McGraw-Hill Global Education Holdings, LLC -> McGraw-Hill Education.) C:\Program Files (x86)\Tegrity\Recorder\TegrityTray.exe(McGraw-Hill Global Education Holdings, LLC -> McGraw-Hill Education.) C:\Program Files (x86)\Tegrity\Recorder\TegSrv.exe(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2110.13603.0_x64__8wekyb3d8bbwe\Cortana.exe(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.21102.11411.0_x64__8wekyb3d8bbwe\Music.UI.exe(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe(Qualcomm Atheros -> Windows ® Win 7 DDK provider) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <4>(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-03] (Realtek Semiconductor Corp -> Realtek Semiconductor)HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-03] (Realtek Semiconductor Corp -> Realtek Semiconductor)HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [323040 2015-11-17] (Intel® Rapid Storage Technology -> Intel Corporation)HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [157464 2021-12-15] (Avast Software s.r.o. -> AVAST Software)HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [610048 2015-01-20] (Waves Inc -> Waves Audio Ltd.)HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [339000 2021-10-26] (Apple Inc. -> Apple Inc.)HKLM-x32\...\Run: [] => [X]HKLM-x32\...\Run: [Tegrity Recorder] => C:\Program Files (x86)\Tegrity\Recorder\TegrityTray.exe [3497096 2021-04-29] (McGraw-Hill Global Education Holdings, LLC -> McGraw-Hill Education.)HKU\S-1-5-21-2734807341-1840022031-4114434489-1001\...\Run: [9D39648BBF76274FA8F096F63620B916EB70D428._service_run] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service /prefetch:8HKU\S-1-5-21-2734807341-1840022031-4114434489-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Karl\AppData\Local\Microsoft\Teams\Update.exe [2459280 2021-10-30] (Microsoft 3rd Party Application Component -> Microsoft Corporation)HKU\S-1-5-21-2734807341-1840022031-4114434489-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5397216 2021-10-05] (Adobe Inc. -> Adobe Systems Incorporated)HKU\S-1-5-21-2734807341-1840022031-4114434489-1001\...\Run: [CEEC4A44D38ACE3E288170E090228E2B93A1D86A._service_run] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=service /prefetch:8HKU\S-1-5-21-2734807341-1840022031-4114434489-1001\...\Run: [Bose Updater] => C:\Program Files (x86)\Bose Updater\BOSEUPDATER.EXE [414552 2021-04-22] (Bose Corporation -> Bose Corporation)HKU\S-1-5-21-2734807341-1840022031-4114434489-1001\...\Run: [MicrosoftEdgeAutoLaunch_89FA64FC532004CF774213CDEE737028] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5HKLM\...\Windows x64\Print Processors\Canon MG3100 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAR.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\92.2.11577.159\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-levelHKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.110\Installer\chrmstp.exe [2021-12-14] (Google LLC -> Google LLC)HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\96.1.13589.111\Installer\chrmstp.exe [2021-12-16] (Avast Software s.r.o. -> AVAST Software)HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\86.1.6782.183\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-levelHKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTIONHKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0101B5E3-59D3-43FB-ABB7-2A1AC65BC146} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Karl\Desktop\esetonlinescanner.exe [11697056 2021-05-30] (ESET, spol. s r.o. -> ESET)Task: {06814E3C-3188-4C28-B776-2E3AAC47B09C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1171352 2021-12-26] (Microsoft Corporation -> Microsoft Corporation)Task: {07124A2F-66A6-4032-A47C-89BD72BDB4A2} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108872 2021-12-26] (Microsoft Corporation -> Microsoft Corporation)Task: {1037381A-48DC-4F3C-B9A0-CEBCFD1AE1C1} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)Task: {120EFA7B-3EF0-4D53-A6EF-5ACEBC9663CD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)Task: {135A314F-F66B-4C0E-B7F2-8691A62DC183} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [41432 2017-09-22] (Dell Inc. -> Dell Inc.)Task: {148D6A67-6138-4501-82C5-037A9CC6BC1A} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe [110008 2015-08-18] (CyberLink Corp. -> CyberLink)Task: {1A44E1E3-7E34-4C7F-B275-E02F1CAC928D} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1131992 2017-09-14] (Dell Inc. -> PC-Doctor, Inc.)Task: {1B6E9850-2561-4676-84D1-88FAD7CBE01C} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLVDLauncher.exe [340440 2015-01-28] (CyberLink Corp. -> CyberLink Corp.)Task: {1D7A8C6C-7059-4EF9-B7E3-2F45B17BEB42} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-29] (Avast Software s.r.o. -> Avast Software)Task: {4EDE343F-8FFF-437D-88C8-AA16E90B47E8} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-03] (Realtek Semiconductor Corp -> Realtek Semiconductor)Task: {5B6BF415-CEE3-4107-A9BA-0085F0AD82B6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)Task: {6986C940-CDCE-47B6-B847-58801BBB64CB} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2502336 2021-12-15] (Avast Software s.r.o. -> AVAST Software)Task: {712D8BA1-9366-42D9-870B-8ECAC9830D0D} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (No File)Task: {825CB9F6-DB1D-4F56-94B0-53A57E188B26} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-07-31] (Google Inc -> Google Inc.)Task: {83D6C469-88CF-4967-BBDD-326AA357F08B} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)Task: {83EA4A2F-0643-4009-B36B-654DD9C9A3FE} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4188240 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)Task: {85C86558-5F39-4307-A9EC-54CD371A40EF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-07-31] (Google Inc -> Google Inc.)Task: {8623ED4D-5264-4687-8F8D-2BCF83A1AFFA} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1131992 2017-09-14] (Dell Inc. -> PC-Doctor, Inc.)Task: {8F03115B-5809-408D-8200-91D640002831} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)Task: {904C1360-CC43-46CA-8025-30886A1D92B1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6332312 2021-12-26] (Microsoft Corporation -> Microsoft Corporation)Task: {94EDBE26-0213-49BF-BAE7-3AA8DE402B50} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Karl\Desktop\esetonlinescanner.exe [11697056 2021-05-30] (ESET, spol. s r.o. -> ESET)Task: {99851DBE-74CC-4F9A-ADA1-9400D99AC6D7} - System32\Tasks\PCDDataUploadTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1131992 2017-09-14] (Dell Inc. -> PC-Doctor, Inc.)Task: {A85256DF-D6BC-4FAA-8548-34AC31FD5AC4} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4969240 2021-12-15] (Avast Software s.r.o. -> AVAST Software)Task: {AE8A7F01-9D51-4680-87D1-37ABCA5DEA2A} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2502336 2021-12-15] (Avast Software s.r.o. -> AVAST Software)Task: {B17CD37E-60AC-4505-A8C7-38961B380D9C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)Task: {B2B3177C-A62C-441F-BDF2-FA63EBD6931C} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [435672 2017-09-14] (Dell Inc. -> PC-Doctor, Inc.)Task: {BB5ACDD7-E97C-489B-8093-B5C92BDA46F7} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECKTask: {D8E1F00F-1A6F-4FA3-AC08-299CFF10B17B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6332312 2021-12-26] (Microsoft Corporation -> Microsoft Corporation)Task: {E3766173-F85F-4FAD-B3DC-5389A271006E} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [585000 2016-09-21] (Dropbox, Inc -> )Task: {E9D45A14-3D02-4954-8DD9-92AB3D19423B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108872 2021-12-26] (Microsoft Corporation -> Microsoft Corporation)Task: {E9D5FAEC-398F-46C9-811B-F177311BCCEB} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)Task: {F5F4AFF0-CDE4-467A-9BE6-191C2C6760F7} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exeTask: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\..\Interfaces\{68187fba-e276-4c35-a6e8-eee4dfee52d2}: [DhcpNameServer] 192.168.1.254Tcpip\..\Interfaces\{d13e5ed1-bc2a-4889-954e-8178ef121991}: [DhcpNameServer] 172.20.10.1Tcpip\..\Interfaces\{dd3db322-99a2-4290-acc4-c00bbd23a51c}: [NameServer] 68.94.156.1,68.94.157.1 Edge: =======DownloadDir: C:\Users\Karl\DownloadsEdge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]Edge DefaultProfile: DefaultEdge Profile: C:\Users\Karl\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-03]Edge DownloadDir: Default -> C:\Users\Karl\DownloadsEdge StartupUrls: Default -> "hxxps://foxnews.com/"Edge Extension: (Outlook) - C:\Users\Karl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2020-10-18]Edge Extension: (Word) - C:\Users\Karl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2020-10-18]Edge Extension: (Excel) - C:\Users\Karl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2020-10-18]Edge Extension: (PowerPoint) - C:\Users\Karl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2020-10-18] FireFox:========FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel® Identity Protection Technology Software -> Intel Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel® Identity Protection Technology Software -> Intel Corporation)FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)FF Plugin HKU\S-1-5-21-2734807341-1840022031-4114434489-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Karl\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-05-14] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)FF Plugin HKU\S-1-5-21-2734807341-1840022031-4114434489-1001: SkypeForBusinessPlugin-16.2 -> C:\Users\Karl\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)FF Plugin HKU\S-1-5-21-2734807341-1840022031-4114434489-1001: SkypeForBusinessPlugin64-16.2 -> C:\Users\Karl\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi-x64.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)FF Plugin ProgramFiles/Appdata: C:\Users\Karl\AppData\Roaming\mozilla\plugins\npatgpc.dll [2019-01-14] Chrome: =======CHR DefaultProfile: DefaultCHR Profile: C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Default [2022-01-03]CHR Notifications: Default -> hxxps://humana.secure.force.com; hxxps://mail.yahoo.com; hxxps://www.pcmag.com; hxxps://www.reddit.comCHR HomePage: Default -> hxxps://www.google.com/CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxp://www.ighome.com/"CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}CHR DefaultSearchKeyword: Default -> duckduckgo.comCHR DefaultNewTabURL: Default -> hxxps://duckduckgo.com/chrome_newtabCHR DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=listCHR Extension: (Slides) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]CHR Extension: (Docs) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]CHR Extension: (Google Drive) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21]CHR Extension: (DuckDuckGo) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2021-10-04]CHR Extension: (YouTube) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-31]CHR Extension: (uBlock Origin) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-01-03]CHR Extension: (Adobe Acrobat) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-11-21]CHR Extension: (Sheets) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]CHR Extension: (Google Docs Offline) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-16]CHR Extension: (Cisco Webex Extension) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2021-11-30]CHR Extension: (Chrome Web Store Payments) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]CHR Extension: (Gmail) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]CHR Profile: C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-01-03]CHR Profile: C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-09-25]CHR Extension: (Slides) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-09-19]CHR Extension: (Docs) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-09-19]CHR Extension: (Google Drive) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-09-19]CHR Extension: (YouTube) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-09-19]CHR Extension: (Adobe Acrobat) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-09-19]CHR Extension: (Sheets) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-09-19]CHR Extension: (Google Docs Offline) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-19]CHR Extension: (Chrome Web Store Payments) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-19]CHR Extension: (Gmail) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-09-19]CHR Profile: C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Profile 2 [2022-01-03]CHR Extension: (Slides) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-09-22]CHR Extension: (Docs) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2021-09-22]CHR Extension: (Google Drive) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-09-22]CHR Extension: (YouTube) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-09-22]CHR Extension: (Adobe Acrobat) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-11-30]CHR Extension: (Sheets) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-09-22]CHR Extension: (Google Docs Offline) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-02]CHR Extension: (Chrome Web Store Payments) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-22]CHR Extension: (Gmail) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-09-22]CHR Profile: C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Profile 3 [2021-12-02]CHR Extension: (Slides) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-10-17]CHR Extension: (Docs) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2021-10-17]CHR Extension: (Google Drive) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-10-17]CHR Extension: (YouTube) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-10-17]CHR Extension: (Adobe Acrobat) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-12-02]CHR Extension: (Sheets) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-10-17]CHR Extension: (Google Docs Offline) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-02]CHR Extension: (Chrome Web Store Payments) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-17]CHR Extension: (Gmail) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-10-17]CHR Profile: C:\Users\Karl\AppData\Local\Google\Chrome\User Data\System Profile [2022-01-03]CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-08-20] (Apple Inc. -> Apple Inc.)R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8480848 2021-12-15] (Avast Software s.r.o. -> AVAST Software)R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [323152 2015-06-07] (Qualcomm Atheros -> Windows ® Win 7 DDK provider) [File not signed]S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [452888 2021-12-15] (Avast Software s.r.o. -> AVAST Software)R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [452888 2021-12-15] (Avast Software s.r.o. -> AVAST Software)S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\96.1.13589.111\elevation_service.exe [1721904 2021-12-15] (Avast Software s.r.o. -> AVAST Software)R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-29] (Avast Software s.r.o. -> AVAST Software)R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12129128 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208760 2017-07-27] (Dell Inc -> Dell Inc.)R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3294584 2017-07-27] (Dell Inc -> Dell Inc.)R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217464 2017-07-27] (Dell Inc -> Dell Inc.)R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2016-12-21] (Dell Inc -> Dell Inc.)R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [50888 2021-06-24] (Dell Inc -> )R2 Dell Help & Support; C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe [41008 2018-01-15] (Dell Inc -> Dell Inc.)R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38592 2021-01-19] (Dell Inc -> )R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7901368 2021-11-30] (Malwarebytes Inc -> Malwarebytes)S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2020-10-17] (Microsoft Windows -> Microsoft Corporation)R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2014-04-14] (CyberLink Corp. -> )R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [53208 2017-09-22] (Dell Inc. -> Dell Inc.)R2 TegSrv; C:\Program Files (x86)\Tegrity\Recorder\TegSrv.exe [172376 2021-04-29] (McGraw-Hill Global Education Holdings, LLC -> McGraw-Hill Education.)S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2018-03-06] (AnchorFree Inc -> The OpenVPN Project)S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36784 2021-12-15] (Avast Software s.r.o. -> AVAST Software)R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [223176 2021-12-15] (Avast Software s.r.o. -> AVAST Software)R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [369216 2021-12-15] (Avast Software s.r.o. -> AVAST Software)R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [252992 2021-12-15] (Avast Software s.r.o. -> AVAST Software)R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [100416 2021-12-15] (Avast Software s.r.o. -> AVAST Software)R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-09-27] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42416 2021-12-15] (Avast Software s.r.o. -> AVAST Software)R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [186280 2021-12-15] (Avast Software s.r.o. -> AVAST Software)R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [540056 2021-12-15] (Avast Software s.r.o. -> AVAST Software)R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108912 2021-12-15] (Avast Software s.r.o. -> AVAST Software)R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83976 2021-12-15] (Avast Software s.r.o. -> AVAST Software)R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [853800 2021-12-15] (Avast Software s.r.o. -> AVAST Software)R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [545176 2021-12-15] (Avast Software s.r.o. -> AVAST Software)R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215432 2021-12-15] (Avast Software s.r.o. -> AVAST Software)R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318760 2021-12-15] (Avast Software s.r.o. -> AVAST Software)S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]R3 DBUtilDrv2; C:\WINDOWS\System32\drivers\DBUtilDrv2.sys [24968 2022-01-03] (Microsoft Windows Hardware Compatibility Publisher -> Dell)R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [32960 2017-07-27] (Techporch Incorporated -> Dell Inc.)R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [32568 2017-07-27] (Techporch Incorporated -> Dell Computer Corporation)R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210352 2021-12-31] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-11-11] (Malwarebytes Inc -> Malwarebytes)S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [25608 2018-12-01] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.)S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2022-01-03 07:53 - 2022-01-03 07:53 - 000024968 _____ (Dell) C:\WINDOWS\system32\Drivers\DBUtilDrv2.sys2021-12-31 10:14 - 2021-12-31 10:14 - 000210352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys2021-12-28 05:37 - 2021-12-28 05:37 - 000000166 _____ C:\Users\Karl\Desktop\ss-AAS48jX.url2021-12-15 23:12 - 2021-12-15 23:12 - 000000000 ____D C:\WINDOWS\SystemTemp2021-12-15 22:24 - 2021-12-15 22:24 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe2021-12-15 22:24 - 2021-12-15 22:24 - 000011979 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim2021-12-15 22:22 - 2021-12-15 22:22 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe2021-12-15 22:22 - 2021-12-15 22:22 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe2021-12-15 21:42 - 2021-12-15 21:42 - 000000000 ___HD C:\$WinREAgent2021-12-15 07:05 - 2021-12-15 07:05 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys2021-12-15 06:59 - 2021-12-15 06:58 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe2021-12-15 06:59 - 2021-12-15 06:58 - 000215432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys2021-12-11 08:36 - 2022-01-03 11:17 - 000003066 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2734807341-1840022031-4114434489-10012021-12-05 15:57 - 2021-12-05 15:57 - 000017335 _____ C:\Users\Karl\Documents\SN S1-5(AutoRecovered).xlsx2021-12-04 09:57 - 2022-01-03 11:21 - 000128268 _____ C:\Users\Karl\Documents\TV Series(AutoRecovered)(AutoRecovered) (version 1)(AutoRecovered) (version 1) (version 1) (version 1) (version 1).xlsb.xlsx ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2022-01-03 12:15 - 2017-12-08 14:57 - 000037841 _____ C:\Users\Karl\Desktop\FRST.txt2022-01-03 12:15 - 2017-12-08 14:56 - 000000000 ____D C:\FRST2022-01-03 12:10 - 2020-09-14 20:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy2022-01-03 12:10 - 2019-12-07 03:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft2022-01-03 11:38 - 2016-05-13 19:50 - 000000000 ____D C:\Program Files (x86)\Google2022-01-03 11:20 - 2020-08-13 11:29 - 002311168 _____ (Farbar) C:\Users\Karl\Desktop\FRST64.exe2022-01-03 11:17 - 2020-12-30 20:08 - 000002962 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn2022-01-03 11:17 - 2020-12-30 20:08 - 000002582 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime2022-01-03 11:17 - 2020-09-14 20:47 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task2022-01-03 11:17 - 2020-09-14 20:47 - 000003408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA2022-01-03 11:17 - 2020-09-14 20:47 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA2022-01-03 11:17 - 2020-09-14 20:47 - 000003184 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore2022-01-03 11:17 - 2020-09-14 20:47 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore2022-01-03 11:17 - 2020-09-14 20:47 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2734807341-1840022031-4114434489-10012022-01-03 11:17 - 2020-09-14 20:47 - 000002304 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_PushButton2022-01-03 11:17 - 2020-09-14 20:47 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software2022-01-03 11:15 - 2019-05-24 08:14 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services2022-01-03 07:53 - 2019-12-07 03:13 - 000000000 ____D C:\WINDOWS\INF2022-01-01 15:46 - 2017-10-03 21:53 - 000029478 _____ C:\Users\Karl\Documents\portfol.xlsx2022-01-01 07:20 - 2020-09-14 20:47 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update2021-12-31 11:02 - 2018-08-04 09:45 - 000000000 ____D C:\Users\Karl\AppData\Local\CrashDumps2021-12-31 10:21 - 2020-09-14 20:30 - 000842418 _____ C:\WINDOWS\system32\PerfStringBackup.INI2021-12-31 10:16 - 2016-05-13 16:30 - 000000000 __SHD C:\Users\Karl\IntelGraphicsProfiles2021-12-31 10:15 - 2017-05-17 07:32 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat2021-12-31 10:14 - 2020-09-14 20:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT2021-12-31 10:14 - 2020-09-14 20:16 - 000008192 ___SH C:\DumpStack.log.tmp2021-12-31 10:14 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\ServiceState2021-12-31 10:14 - 2017-05-13 05:18 - 000000000 ____D C:\ProgramData\AVAST Software2021-12-31 10:13 - 2019-12-07 03:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI2021-12-26 12:47 - 2020-12-24 20:58 - 000094368 _____ C:\Users\Karl\Documents\2010s (version 1).xlsb.xlsx2021-12-26 08:32 - 2019-12-07 03:14 - 000000000 ___HD C:\Program Files\WindowsApps2021-12-26 08:32 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\AppReadiness2021-12-26 07:22 - 2016-05-06 03:49 - 000000000 ____D C:\Program Files (x86)\Microsoft Office2021-12-26 07:18 - 2018-07-16 05:59 - 000000000 ____D C:\Users\Karl\AppData\Local\PlaceholderTileLogoFolder2021-12-17 19:23 - 2020-08-23 04:56 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk2021-12-17 19:23 - 2020-08-23 04:56 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk2021-12-16 15:44 - 2018-05-17 05:29 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk2021-12-16 15:44 - 2018-05-17 05:29 - 000002465 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk2021-12-15 23:15 - 2020-09-14 20:16 - 000443496 _____ C:\WINDOWS\system32\FNTCACHE.DAT2021-12-15 23:12 - 2019-12-07 03:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel2021-12-15 23:12 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SystemResources2021-12-15 23:12 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\setup2021-12-15 23:12 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\oobe2021-12-15 23:12 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV2021-12-15 23:12 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT2021-12-15 23:12 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\et-EE2021-12-15 23:12 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\es-MX2021-12-15 23:12 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\Provisioning2021-12-15 23:12 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\bcastdvr2021-12-15 22:34 - 2019-12-07 03:03 - 000000000 ____D C:\WINDOWS\CbsTemp2021-12-15 21:41 - 2016-05-13 18:48 - 000000000 ____D C:\WINDOWS\system32\MRT2021-12-15 21:36 - 2016-05-13 18:48 - 137938848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe2021-12-15 06:59 - 2019-12-07 03:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP2021-12-15 06:58 - 2020-10-15 04:56 - 000186280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys2021-12-15 06:58 - 2020-04-15 10:35 - 000540056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys2021-12-15 06:58 - 2019-01-06 07:13 - 000252992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys2021-12-15 06:58 - 2019-01-06 07:13 - 000100416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys2021-12-15 06:58 - 2018-10-20 16:35 - 000042416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys2021-12-15 06:58 - 2018-05-14 07:37 - 000545176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys2021-12-15 06:58 - 2018-05-14 07:37 - 000318760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys2021-12-15 06:58 - 2018-05-14 07:37 - 000108912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys2021-12-15 06:58 - 2018-05-14 07:37 - 000083976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys2021-12-15 06:57 - 2019-01-14 11:13 - 000369216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys2021-12-15 06:57 - 2019-01-06 07:13 - 000036784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys2021-12-15 06:57 - 2018-05-14 07:37 - 000853800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys2021-12-15 06:57 - 2018-05-14 07:37 - 000223176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys2021-12-14 17:43 - 2016-07-31 15:39 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk2021-12-14 17:43 - 2016-07-31 15:39 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk2021-12-14 17:29 - 2020-09-14 09:27 - 000000000 ____D C:\Users\Karl2021-12-08 17:56 - 2020-09-14 09:27 - 000002382 _____ C:\Users\Karl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk2021-12-05 13:17 - 2020-06-24 17:32 - 000256283 _____ C:\Users\Karl\Documents\IHP.xlsb.xlsx ==================== Files in the root of some directories ======== 2020-04-19 17:25 - 2020-04-19 17:37 - 000001393 _____ () C:\Program Files (x86)\2020 FootballFbRules2020-04-19 17:37 - 2020-04-19 17:37 - 000000000 _____ () C:\Program Files (x86)\2020 FootballSKED ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ======================== Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-12-2021Ran by Karl (03-01-2022 12:17:27)Running from C:\Users\Karl\DesktopMicrosoft Windows 10 Home Version 21H1 19043.1415 (X64) (2020-09-15 02:49:08)Boot Mode: Normal============================================================================== Accounts: =============================(If an entry is included in the fixlist, it will be removed.) Administrator (S-1-5-21-2734807341-1840022031-4114434489-500 - Administrator - Disabled)DefaultAccount (S-1-5-21-2734807341-1840022031-4114434489-503 - Limited - Disabled)Guest (S-1-5-21-2734807341-1840022031-4114434489-501 - Limited - Disabled)Karl (S-1-5-21-2734807341-1840022031-4114434489-1001 - Administrator - Enabled) => C:\Users\KarlWDAGUtilityAccount (S-1-5-21-2734807341-1840022031-4114434489-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Action! PC Football 2015 (HKLM-x32\...\ST6UNST #1) (Version:- )Action! PC Football 2016 (HKLM-x32\...\ST6UNST #2) (Version:- )Action! PC Football 2017 (HKLM-x32\...\ST6UNST #3) (Version:- )Action! PC Football 2018 (HKLM-x32\...\ST6UNST #4) (Version:- )Action! PC Football 2019 (HKLM-x32\...\ST6UNST #5) (Version:- )Action! PC Football 2020 (HKLM-x32\...\ST6UNST #6) (Version:- )Action! PC Football 2021 (HKLM-x32\...\ST6UNST #7) (Version:- )Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)Adobe Connect 9 Add-in (HKU\S-1-5-21-2734807341-1840022031-4114434489-1001\...\Adobe Connect 9 Add-in) (Version: 11.9.980.387 - Adobe Systems Incorporated)Apple Application Support (32-bit) (HKLM-x32\...\{9738288C-21BC-4F54-AB4F-72F059339376}) (Version: 8.6 - Apple Inc.)Apple Application Support (64-bit) (HKLM\...\{DEB339C1-2687-43AB-816A-8714F3E26846}) (Version: 8.6 - Apple Inc.)Apple Mobile Device Support (HKLM\...\{527DD209-8A66-482F-8779-C7B3BACCA8F1}) (Version: 15.0.0.16 - Apple Inc.)Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)Audacity 2.3.3 (HKLM-x32\...\Audacity_is1) (Version: 2.3.3 - Audacity Team)Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.11.2500 - Avast Software)Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 96.1.13589.111 - AVAST Software)Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) HiddenBlueJ (HKLM-x32\...\{423AD5E6-58A1-4EDE-AB87-AFD951847AA5}) (Version: 4.1.1 - BlueJ Team)Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)Bose Updater (HKLM-x32\...\Bose Updater) (Version: 7.0.27.4971 - Bose Corporation)Canon MG3100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3100_series) (Version:- Canon Inc.)Cisco Webex Meetings (HKU\S-1-5-21-2734807341-1840022031-4114434489-1001\...\ActiveTouchMeetingClient) (Version: 40.6.4 - Cisco Webex LLC)CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 12 - CyberLink Corp.)Dell Customer Connect (HKLM-x32\...\{4FA72FF9-DD64-43A8-8704-6380A11F11D5}) (Version: 1.4.15.0 - Dell Inc.)Dell Digital Delivery Services (HKLM-x32\...\{560DFD4A-23E2-45DD-A223-A4B3FA356913}) (Version: 4.0.92.0 - Dell Inc.)Dell Help & Support (HKLM\...\{8917AEA5-01A5-476F-AA27-A52EA6C94212}) (Version: 2.6.1.0 - Dell Inc.) HiddenDell Help & Support (HKLM-x32\...\InstallShield_{8917AEA5-01A5-476F-AA27-A52EA6C94212}) (Version: 2.6.1.0 - Dell Inc.)Dell Product Registration (HKLM-x32\...\InstallShield_{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Dell Inc.)Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 2.0.6875.668 - Dell)Dell SupportAssistAgent (HKLM\...\{18EF001B-B005-46CB-917B-112BA69ED85E}) (Version: 2.0.3.10 - Dell)Dell Update - SupportAssist Update Plugin (HKLM\...\{6DE68941-66DE-48DE-9C80-FE60C9DE0AD4}) (Version: 4.0.1.5857 - Dell Inc.) HiddenDell Update - SupportAssist Update Plugin (HKLM-x32\...\{1dbe752f-b00e-4567-9276-141812b20d28}) (Version: 4.0.1.5857 - Dell Inc.)Dell Update (HKLM-x32\...\{944FB5B0-9588-45FD-ABE8-73FC879801ED}) (Version: 4.1.0 - Dell Inc.)Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)Dropbox 20 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.)Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.541.1 - Dropbox, Inc.) HiddenExcel (HKU\S-1-5-21-2734807341-1840022031-4114434489-1001\...\1fc5b090eab9aa41f8a2f5987367e6da) (Version: 1.0 - Excel)Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.110 - Google LLC)ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)Intel® Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel® Corporation) HiddenIntel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.1.1043 - Intel Corporation)Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)iTunes (HKLM\...\{0B3CC856-3A62-443A-B6CE-DED2D4495D56}) (Version: 12.12.2.2 - Apple Inc.)Malwarebytes version 4.4.11.149 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.11.149 - Malwarebytes)Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 1.6.5073.107 - Waves Audio Ltd.) HiddenMicrosoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.14701.20262 - Microsoft Corporation)Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.14701.20262 - Microsoft Corporation)Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.62 - Microsoft Corporation)Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 96.0.1054.62 - Microsoft Corporation)Microsoft OneDrive (HKU\S-1-5-21-2734807341-1840022031-4114434489-1001\...\OneDriveSetup.exe) (Version: 21.230.1107.0004 - Microsoft Corporation)Microsoft Teams (HKU\S-1-5-21-2734807341-1840022031-4114434489-1001\...\Teams) (Version: 1.4.00.29469 - Microsoft Corporation)Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14701.20262 - Microsoft Corporation) HiddenOffice 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20248 - Microsoft Corporation) HiddenOffice 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20262 - Microsoft Corporation) HiddenOffice 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) HiddenOutlook (HKU\S-1-5-21-2734807341-1840022031-4114434489-1001\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)PowerPoint (HKU\S-1-5-21-2734807341-1840022031-4114434489-1001\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)Product Registration (HKLM\...\{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Dell Inc.) HiddenRealtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 10.1.505.2015 - Realtek)Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)Screencast-O-Matic v2 (HKU\S-1-5-21-2734807341-1840022031-4114434489-1001\...\Screencast-O-Matic v2) (Version:- Screencast-O-Matic)Screencast-O-Matic v2.0 (HKLM-x32\...\Screencast-O-Matic v2.0) (Version: v2.0 - Screencast-O-Matic)Skype Meetings App (HKLM-x32\...\{BC1D9E47-8927-4AA1-A891-7763BC2475B7}) (Version: 16.2.0.511 - Microsoft Corporation)Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.8.0 - Sophos Limited)Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.19260 - Microsoft Corporation)Tegrity Download Manager (HKU\S-1-5-21-2734807341-1840022031-4114434489-1001\...\Tegrity Download Manager) (Version: 3.1.9.0 - Tegrity)Tegrity Recorder (HKLM-x32\...\{709f9647-e6f5-4444-b734-7576cef98d2b}) (Version: 7.5.2568 - Tegrity)Tegrity video podcasting utils (HKLM-x32\...\{5E0B80FA-6B72-42BB-85AA-4680DD6B6613}) (Version: 1.3.3 - Tegrity)Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)Windows PC Health Check (HKLM\...\{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 - Microsoft Corporation)Zoom (HKU\S-1-5-21-2734807341-1840022031-4114434489-1001\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.) Packages:=========Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.208.400.0_x86__kgqvnymyfvs32 [2021-12-09] (king.com)Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-02-18] (Canon Inc.)Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0.92.0_x64__htrsf667h5kn2 [2021-09-12] (Dell Inc)Dell Shop -> C:\Program Files\WindowsApps\DellInc.DellShop_2.2.1.0_neutral__htrsf667h5kn2 [2016-06-28] (Dell Inc)Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.11.12160.0_x64__8wekyb3d8bbwe [2021-12-26] (Microsoft Studios) [MS Ad]Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-04-22] (Microsoft Corporation)Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-10-01] (Adobe Systems Incorporated)SupportAssist Driver Update -> C:\Program Files\WindowsApps\DriverToaster_1.3.0.0_x86__rqs2nt378nwsp [2017-10-08] (Dell Inc.)Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-12] (Twitter Inc.)Word -> C:\Program Files\WindowsApps\word.office.com-CECA1A7F_1.0.0.5_neutral__jc2kecmnkxwqc [2021-09-29] (word.office.com)Yahoo Mail -> C:\Program Files\WindowsApps\YahooInc.54977BD360724_1.1.14.0_x64__xvnatx83ncrvj [2018-07-16] (Yahoo Inc) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2734807341-1840022031-4114434489-1001_Classes\CLSID\{1019ADC7-17CB-4489-AFD5-6642C7400ACE}\localserver32 -> C:\Users\Karl\AppData\Local\Webex\Webex\Applications\ptOIEx64.exe (Cisco WebEx LLC -> Cisco WebEx LLC)CustomCLSID: HKU\S-1-5-21-2734807341-1840022031-4114434489-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Karl\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21209.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)CustomCLSID: HKU\S-1-5-21-2734807341-1840022031-4114434489-1001_Classes\CLSID\{3E3AD4BD-346A-460A-80E8-90699B75C00B}\InprocServer32 -> C:\Users\Karl\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\GatewayActiveX-x64.dll (Microsoft Corporation -> Microsoft Corporation)CustomCLSID: HKU\S-1-5-21-2734807341-1840022031-4114434489-1001_Classes\CLSID\{AEECE333-8900-4915-9697-7A0B4034B3D8}\InprocServer32 -> C:\Users\Karl\AppData\Local\Webex\Webex\Applications\ptWbxMS64.dll (Cisco WebEx LLC -> Cisco WebEx LLC)CustomCLSID: HKU\S-1-5-21-2734807341-1840022031-4114434489-1001_Classes\CLSID\{BAEE998A-9C95-4966-8E52-DBCA67D8482A}\InprocServer32 -> C:\Users\Karl\AppData\Local\Webex\Webex\Applications\ptoiEnt64.dll (Cisco WebEx LLC -> Cisco WebEx LLC)CustomCLSID: HKU\S-1-5-21-2734807341-1840022031-4114434489-1001_Classes\CLSID\{C3741FD4-FABE-4C36-88E7-40C0C09FCE8D}\InprocServer32 -> C:\Users\Karl\AppData\Local\Webex\Webex\Applications\ptWbxMS64.dll (Cisco WebEx LLC -> Cisco WebEx LLC)CustomCLSID: HKU\S-1-5-21-2734807341-1840022031-4114434489-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Karl\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No FileCustomCLSID: HKU\S-1-5-21-2734807341-1840022031-4114434489-1001_Classes\CLSID\{E8D0CE8D-BC70-4025-978F-E86068362730}\InprocServer32 -> C:\Users\Karl\AppData\Local\Webex\Webex\Applications\ptusredt64.dll (Cisco WebEx LLC -> Cisco WebEx LLC)CustomCLSID: HKU\S-1-5-21-2734807341-1840022031-4114434489-1001_Classes\CLSID\{EA47D2DE-76CC-4138-97FF-A62F9D28A341}\InprocServer32 -> C:\Users\Karl\AppData\Local\Webex\Webex\Applications\ptolkadd64.dll (Cisco WebEx LLC -> Cisco WebEx LLC)CustomCLSID: HKU\S-1-5-21-2734807341-1840022031-4114434489-1001_Classes\CLSID\{F6E0DEDD-F6D5-4195-BE2D-AB628A0BBDF4}\InprocServer32 -> C:\Users\Karl\AppData\Local\Webex\Webex\Applications\ptWbxMS64.dll (Cisco WebEx LLC -> Cisco WebEx LLC)ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-15] (Avast Software s.r.o. -> AVAST Software)ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-15] (Avast Software s.r.o. -> AVAST Software)ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>-> No FileContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>-> No FileContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-15] (Avast Software s.r.o. -> AVAST Software)ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>-> No FileContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-08-19] (CyberLink Corp. -> Cyberlink)ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-08-19] (CyberLink Corp. -> Cyberlink)ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-15] (Avast Software s.r.o. -> AVAST Software)ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>-> No FileContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>-> No FileContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>-> No FileContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>-> No FileContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-03-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-15] (Avast Software s.r.o. -> AVAST Software)ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>-> No FileContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>-> No File ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\Karl\Desktop\Karl (Person 2) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"ShortcutWithArgument: C:\Users\Karl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->--profile-directory=Default --app-id=leffmjdabcgaflkikcefahmlgpodjkdm --app-url=hxxps://excel.office.com/ShortcutWithArgument: C:\Users\Karl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->--profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb --app-url=hxxps://outlook.com/ShortcutWithArgument: C:\Users\Karl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->--profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf --app-url=hxxps://powerpoint.office.com/ ==================== Loaded Modules (Whitelisted) ============= 2021-04-22 12:11 - 2021-04-22 12:11 - 000783360 _____ () [File not signed] C:\Program Files (x86)\Bose Updater\aws-cpp-sdk-core.dll2021-04-22 12:11 - 2021-04-22 12:11 - 002565632 _____ () [File not signed] C:\Program Files (x86)\Bose Updater\aws-cpp-sdk-s3.dll2021-04-29 06:25 - 2021-04-29 06:25 - 000039936 _____ () [File not signed] C:\Program Files (x86)\Tegrity\Recorder\LiteZip.dll2021-04-29 06:30 - 2021-04-29 06:30 - 000136704 _____ (McGraw-Hill Education.) [File not signed] C:\Program Files (x86)\Tegrity\Recorder\AsfUtils.dll2021-04-29 06:34 - 2021-04-29 06:34 - 000813568 _____ (McGraw-Hill Education.) [File not signed] C:\Program Files (x86)\Tegrity\Recorder\ConfigManager.dll2021-04-29 06:32 - 2021-04-29 06:32 - 000204800 _____ (McGraw-Hill Education.) [File not signed] C:\Program Files (x86)\Tegrity\Recorder\NetworkUtils.dll2021-04-29 06:35 - 2021-04-29 06:35 - 000644608 _____ (McGraw-Hill Education.) [File not signed] C:\Program Files (x86)\Tegrity\Recorder\postProcDLL.dll2021-04-29 06:33 - 2021-04-29 06:33 - 000260608 _____ (McGraw-Hill Education.) [File not signed] C:\Program Files (x86)\Tegrity\Recorder\SessionVerifier.dll2021-04-29 06:33 - 2021-04-29 06:33 - 000093184 _____ (McGraw-Hill Education.) [File not signed] C:\Program Files (x86)\Tegrity\Recorder\SpeechSource.dll2021-04-29 06:32 - 2021-04-29 06:32 - 000078336 _____ (McGraw-Hill Education.) [File not signed] C:\Program Files (x86)\Tegrity\Recorder\TDbg.dll2021-04-29 06:33 - 2021-04-29 06:33 - 000361984 _____ (McGraw-Hill Education.) [File not signed] C:\Program Files (x86)\Tegrity\Recorder\TEventLog.dll2021-04-29 06:30 - 2021-04-29 06:30 - 000124416 _____ (McGraw-Hill Education.) [File not signed] C:\Program Files (x86)\Tegrity\Recorder\TLog.dll2021-04-29 06:30 - 2021-04-29 06:30 - 000340992 _____ (McGraw-Hill Education.) [File not signed] C:\Program Files (x86)\Tegrity\Recorder\Utils.dll2021-04-29 06:30 - 2021-04-29 06:30 - 000214528 _____ (McGraw-Hill Education.) [File not signed] C:\Program Files (x86)\Tegrity\Recorder\WMFUtils.dll2021-04-22 12:11 - 2021-04-22 12:11 - 001192960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Bose Updater\platforms\QWINDOWS.DLL2021-04-22 12:11 - 2021-04-22 12:11 - 005087232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Bose Updater\Qt5Core.dll2021-04-22 12:11 - 2021-04-22 12:11 - 005353984 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Bose Updater\Qt5Gui.dll2021-04-22 12:11 - 2021-04-22 12:11 - 001042944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Bose Updater\Qt5Network.dll2021-04-22 12:11 - 2021-04-22 12:11 - 000065536 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Bose Updater\Qt5SerialPort.dll2021-04-22 12:11 - 2021-04-22 12:11 - 004532224 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Bose Updater\Qt5Widgets.dll2021-04-22 12:11 - 2021-04-22 12:11 - 000147456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Bose Updater\Qt5Xml.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankHKU\S-1-5-21-2734807341-1840022031-4114434489-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell15.msn.com/?pc=DCTEBHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation) (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-2734807341-1840022031-4114434489-1001\...\sharepoint.com -> hxxps://studentsuwc-files.sharepoint.com ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-10-30 01:24 - 2019-01-04 06:26 - 000000830 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\HKU\S-1-5-21-2734807341-1840022031-4114434489-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Karl\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaperDNS Servers: 68.94.156.1 - 68.94.157.1HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) HKU\S-1-5-21-2734807341-1840022031-4114434489-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{3E374083-9A3D-44DD-BA6A-2AC84CADAB1C}] => (Allow) C:\Program Files (x86)\Action! PC Football 2020\Football2020.exe (Dave Koch Sports) [File not signed]FirewallRules: [{A91BEA14-F156-4FFE-A231-327187E5B8DD}] => (Allow) C:\Program Files (x86)\Action! PC Football 2020\Football2020.exe (Dave Koch Sports) [File not signed]FirewallRules: [{35351255-8D37-4256-BFB8-D4D7425949A8}] => (Allow) C:\Program Files (x86)\Action! PC Football 2020\Football2020.exe (Dave Koch Sports) [File not signed]FirewallRules: [{FF42B7AA-EFA8-4489-BB70-71A646FD5A9B}] => (Allow) C:\Program Files (x86)\Action! PC Football 2020\Football2020.exe (Dave Koch Sports) [File not signed]FirewallRules: [{8F2201E4-F85E-4BE0-9B87-3F0B20659BA0}] => (Allow) C:\Program Files (x86)\Action! PC Football 2020\Football2020.exe (Dave Koch Sports) [File not signed]FirewallRules: [UDP Query User{7DFE3DF2-B955-4D74-8F0D-69C20753E0C0}C:\users\karl\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\karl\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)FirewallRules: [TCP Query User{708F2A8B-5D1E-46B0-9221-951F90F9E195}C:\users\karl\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\karl\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)FirewallRules: [UDP Query User{010566D5-0410-4D21-8782-874C19C3A311}C:\users\karl\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe] => (Block) C:\users\karl\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation)FirewallRules: [TCP Query User{EEA319C9-191C-462D-B562-D3708C2B7D1C}C:\users\karl\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe] => (Block) C:\users\karl\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation)FirewallRules: [UDP Query User{2474DB59-5566-43FD-8F16-D68A0E228A31}C:\program files (x86)\action! pc football 2017\football2018.exe] => (Allow) C:\program files (x86)\action! pc football 2017\football2018.exe (Dave Koch Sports Inc.) [File not signed]FirewallRules: [TCP Query User{40631C74-0A16-48D3-AEAA-A21E54A16B52}C:\program files (x86)\action! pc football 2017\football2018.exe] => (Allow) C:\program files (x86)\action! pc football 2017\football2018.exe (Dave Koch Sports Inc.) [File not signed]FirewallRules: [{8B6CFFA2-ECF6-4207-B567-A17404FDA595}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)FirewallRules: [{67B21346-E160-4719-9712-7F299F4D9A79}] => (Allow) C:\Program Files (x86)\CyberLink\CyberLink Media Suite\PowerDirector12\PDR10.EXE => No FileFirewallRules: [{39EDFBD7-E5C7-45C6-8ADC-DBB5FA7F150E}] => (Allow) C:\Program Files (x86)\CyberLink\CyberLink Media Suite\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe (CyberLink Corp. -> CyberLink Corp.)FirewallRules: [{886DAAB3-3F80-4ED1-A86F-2D7292783BDA}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe => No FileFirewallRules: [{E73C3853-BA4E-43BD-87EE-B5826126F85D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)FirewallRules: [{313ACC46-18A0-4247-847A-A16D0C07EBD5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)FirewallRules: [{89F905F5-CF57-4885-A21D-9132F71613C0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)FirewallRules: [{CC26BCBF-B28F-4058-BFDE-9FCF47A93CBB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)FirewallRules: [{0DE9CA67-8947-4BC3-AC60-B7750866B291}] => (Allow) C:\Program Files (x86)\Action! PC Football 2015\Football2015.exe (Dave Koch Sports) [File not signed]FirewallRules: [{64166165-CF14-46E6-B6A2-FEE40D2BE011}] => (Allow) C:\Program Files (x86)\Action! PC Football 2015\Football2015.exe (Dave Koch Sports) [File not signed]FirewallRules: [{4468730D-5937-443C-ACB0-B0BE2B8F06F5}] => (Allow) C:\Program Files (x86)\Action! PC Football 2015\Football2015.exe (Dave Koch Sports) [File not signed]FirewallRules: [{8561F567-AE47-4110-BB0C-9D565796A3DB}] => (Allow) C:\Program Files (x86)\Action! PC Football 2015\Football2015.exe (Dave Koch Sports) [File not signed]FirewallRules: [{0BAE6A2D-74C6-4D47-A591-FEBC16C27B04}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)FirewallRules: [{B6CEFCD1-8C76-4240-85D9-449C5DA44A4B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)FirewallRules: [{D14C3B13-C653-4BE3-A428-23C454FF854D}] => (Allow) C:\Users\Karl\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)FirewallRules: [TCP Query User{3FB02F90-A0CD-4989-9A44-E5DBB18A35D2}C:\program files (x86)\action! pc football 2018\football2019.exe] => (Allow) C:\program files (x86)\action! pc football 2018\football2019.exe (Dave Koch Sports Inc.) [File not signed]FirewallRules: [UDP Query User{0D6BCF23-B522-4F51-B4CC-C1FCF431F578}C:\program files (x86)\action! pc football 2018\football2019.exe] => (Allow) C:\program files (x86)\action! pc football 2018\football2019.exe (Dave Koch Sports Inc.) [File not signed]FirewallRules: [TCP Query User{3DB926B3-A92C-495E-A556-6B3625189C41}C:\program files (x86)\action! pc football 2019\football2019.exe] => (Allow) C:\program files (x86)\action! pc football 2019\football2019.exe (Dave Koch Sports Inc.) [File not signed]FirewallRules: [UDP Query User{CF5F8900-CB16-42DB-8B1F-18E4AA143CC3}C:\program files (x86)\action! pc football 2019\football2019.exe] => (Allow) C:\program files (x86)\action! pc football 2019\football2019.exe (Dave Koch Sports Inc.) [File not signed]FirewallRules: [{D96D5010-29AE-4CE7-99CF-DC3F694E103C}] => (Allow) C:\program files (x86)\action! pc football 2019\football2019.exe (Dave Koch Sports Inc.) [File not signed]FirewallRules: [{BBCB0A02-F171-437F-AF1F-AC43235A9B6D}] => (Allow) C:\program files (x86)\action! pc football 2019\football2019.exe (Dave Koch Sports Inc.) [File not signed]FirewallRules: [TCP Query User{D86AAF22-A0EF-4236-A9ED-7EB409E5F5E3}C:\program files (x86)\2020 football\football2020.exe] => (Allow) C:\program files (x86)\2020 football\football2020.exe (Dave Koch Sports) [File not signed]FirewallRules: [UDP Query User{70ECAB99-D146-42E9-AAF0-04E4C6D61BB8}C:\program files (x86)\2020 football\football2020.exe] => (Allow) C:\program files (x86)\2020 football\football2020.exe (Dave Koch Sports) [File not signed]FirewallRules: [TCP Query User{02F87890-2E3B-40CA-93AB-5610E1BA71E2}C:\program files (x86)\action! pc football 2021\football2021.exe] => (Allow) C:\program files (x86)\action! pc football 2021\football2021.exe (Dave Koch Sports www.dksports.com) [File not signed]FirewallRules: [UDP Query User{420F3F0B-71F5-49EE-AC75-CEF9C9EA5E78}C:\program files (x86)\action! pc football 2021\football2021.exe] => (Allow) C:\program files (x86)\action! pc football 2021\football2021.exe (Dave Koch Sports www.dksports.com) [File not signed]FirewallRules: [{2DE20903-9687-4B43-B986-B0305351E7BF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)FirewallRules: [{E828D472-6F9B-4300-A0CC-6344311B19F6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)FirewallRules: [{85CFD857-3D4A-47AF-86A0-EE4C340BFA55}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)FirewallRules: [{EEA5CE87-882E-48B4-876D-6968DE4A1766}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)FirewallRules: [{A60981B5-1FDA-4956-BECD-AFB5C0983D10}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)FirewallRules: [{FEDC6AF1-E6AB-434B-A524-DBFA9F17B42F}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)FirewallRules: [{78B0E995-08DE-4144-AA87-9AA042A85C47}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)FirewallRules: [{9A085C92-C3B2-4270-BA77-65383EB0108A}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)FirewallRules: [{CF14C86C-3AFF-4198-81D3-96BAA4728892}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)FirewallRules: [{50BDD901-5D33-4266-B735-F608D436AE03}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)FirewallRules: [{6C1C2183-F6AB-4F81-9937-879026BAA13E}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)FirewallRules: [{44B430AE-2020-4266-980B-6A7FB2B03111}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)FirewallRules: [{48039454-96A1-4D55-B312-17E215EE3DA3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)FirewallRules: [{C9D2E588-D881-42B7-A50F-9133FC1D3D46}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)FirewallRules: [{BCCDCFBE-A60E-4CFF-B92D-2982761D91F2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)FirewallRules: [{DBD12EC6-6118-4F2A-BB4F-17766BA6B5B5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)FirewallRules: [{3DF0471D-B52D-4097-8154-A19533CA85AB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)FirewallRules: [{830D2C83-EA23-4B08-8C44-E2D64C3CDA9D}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)FirewallRules: [{AD5F2C18-2B81-41BF-A9B6-2EFB9C58FEB6}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)FirewallRules: [{4D4A1392-DE5A-472D-8525-2878965F56F6}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)FirewallRules: [{16B2A957-4B71-425A-8954-CF74AFF1539F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\96.0.1054.62\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Restore Points ========================= 15-12-2021 21:51:05 Windows Modules Installer26-12-2021 08:34:49 Scheduled Checkpoint ==================== Faulty Device Manager Devices ================================ Event log errors: ======================== Application errors:==================Error: (01/03/2022 11:24:56 AM) (Source: .NET Runtime) (EventID: 1024) (User: )Description: .NET Runtime version : 4.0.30319.0 - This application could not be started.This application could not be started. Do you want to view information about this issue? Error: (01/03/2022 11:24:56 AM) (Source: .NET Runtime) (EventID: 1024) (User: )Description: .NET Runtime version : 4.0.30319.0 - This application could not be started.This application could not be started. Do you want to view information about this issue? Error: (01/02/2022 03:52:35 PM) (Source: Application Hang) (EventID: 1002) (User: )Description: The program SearchApp.exe version 10.0.19041.1387 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 3af4 Start Time: 01d7ffd239b6c2b3 Termination Time: 4294967295 Application Path: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe Report Id: 65168f17-a3da-4e1b-a267-d86f30eecb6e Faulting package full name: Microsoft.Windows.Search_1.14.2.19041_neutral_neutral_cw5n1h2txyewy Faulting package-relative application ID: CortanaUI Hang type: Quiesce Error: (01/02/2022 09:29:26 AM) (Source: .NET Runtime) (EventID: 1024) (User: )Description: .NET Runtime version : 4.0.30319.0 - This application could not be started.This application could not be started. Do you want to view information about this issue? Error: (01/02/2022 09:29:26 AM) (Source: .NET Runtime) (EventID: 1024) (User: )Description: .NET Runtime version : 4.0.30319.0 - This application could not be started.This application could not be started. Do you want to view information about this issue? Error: (01/01/2022 09:18:50 AM) (Source: .NET Runtime) (EventID: 1024) (User: )Description: .NET Runtime version : 4.0.30319.0 - This application could not be started.This application could not be started. Do you want to view information about this issue? Error: (01/01/2022 09:18:50 AM) (Source: .NET Runtime) (EventID: 1024) (User: )Description: .NET Runtime version : 4.0.30319.0 - This application could not be started.This application could not be started. Do you want to view information about this issue? Error: (12/31/2021 11:02:11 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: SearchApp.exe, version: 10.0.19041.1387, time stamp: 0xa2342d13Faulting module name: KERNELBASE.dll, version: 10.0.19041.1387, time stamp: 0x0b9a844aException code: 0xc0000409Fault offset: 0x000000000010b302Faulting process id: 0x1c48Faulting application start time: 0x01d7fe655377e6d8Faulting application path: C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exeFaulting module path: C:\WINDOWS\System32\KERNELBASE.dllReport Id: 5253da1e-4e77-4e8c-a598-2c7662e314bbFaulting package full name: Microsoft.Windows.Search_1.14.2.19041_neutral_neutral_cw5n1h2txyewyFaulting package-relative application ID: CortanaUISystem errors:=============Error: (01/02/2022 10:58:06 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-16K24BG)Description: The server Microsoft.MicrosoftOfficeHub_18.2110.13110.0_x64__8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub.AppXt4mh7c9swwc5cmd5jgmtmwcfmvkddpn1.mca did not register with DCOM within the required timeout. Error: (01/02/2022 10:58:06 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-16K24BG)Description: The server Microsoft.Windows.ContentDeliveryManager_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy!App.AppX76q4xtxwbj16z0zkyp0pnwtt6m850rvk.mca did not register with DCOM within the required timeout. Error: (12/31/2021 10:15:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (12/31/2021 10:15:51 AM) (Source: Service Control Manager) (EventID: 7009) (User: )Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect. Error: (12/31/2021 10:12:54 AM) (Source: Service Control Manager) (EventID: 7043) (User: )Description: The Avast Antivirus service did not shut down properly after receiving a preshutdown control. Error: (12/31/2021 08:32:44 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-16K24BG)Description: The server Microsoft.MicrosoftOfficeHub_18.2110.13110.0_x64__8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub.AppXt4mh7c9swwc5cmd5jgmtmwcfmvkddpn1.mca did not register with DCOM within the required timeout. Error: (12/30/2021 05:56:55 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-16K24BG)Description: The server Microsoft.MicrosoftOfficeHub_18.2110.13110.0_x64__8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub.AppXt4mh7c9swwc5cmd5jgmtmwcfmvkddpn1.mca did not register with DCOM within the required timeout. Error: (12/30/2021 05:56:55 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-16K24BG)Description: The server microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout.CodeIntegrity:===============Date: 2022-01-03 11:17:22Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\setup\uat_3240.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2022-01-03 11:17:18Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2022-01-03 06:15:09Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.==================== Memory info ===========================BIOS: Dell Inc. A08 06/29/2015Motherboard: Dell Inc. 088DT1Processor: Intel® Core i5-4460 CPU @ 3.20GHzPercentage of memory in use: 36%Total physical RAM: 12204.93 MBAvailable physical RAM: 7694.37 MBTotal Virtual: 16812.93 MBAvailable Virtual: 11120.08 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:1850.4 GB) (Free:913.34 GB) NTFS \\?\Volume{28918f16-c330-46c1-bb22-059781161927}\ () (Fixed) (Total:0.5 GB) (Free:0.07 GB) NTFS\\?\Volume{e850e851-065f-4373-8e5c-dd512fc2f402}\ (Image) (Fixed) (Total:11.5 GB) (Free:0.64 GB) NTFS\\?\Volume{041f121b-6fcc-4190-b285-d884c941710a}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.46 GB) FAT32 ==================== MBR & Partition Table ==================== ==========================================================Disk: 0 (Size: 1863 GB) (Disk ID: 13B99F53) Partition: GPT. ==================== End of Addition.txt =======================