[RESOLVED] Dell Inspiron 17 running slow
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-04-2021
Ran by Kevin (administrator) on MAC (Dell Inc. Inspiron 17 7000 Series 7746) (14-04-2021 21:24:31)
Running from C:\Users\Kevin\Desktop
Loaded Profiles: Kevin
Platform: Windows 10 Home Version 2004 19041.867 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Autodesk, Inc. -> ) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Dassault Systèmes) [File not signed] C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
(Dell Inc -> Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc. -> SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRSync.exe
(Dell Inc. -> SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
(Dell Inc. -> SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dell Inc. -> SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\VSSX64.exe
(Dell Inc.) [File not signed] C:\Program Files\Dell\QuickSet\quickset.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Entertainment Experience LLC -> ) C:\Program Files\TrueColor\TrueColorALS.exe
(Entertainment Experience LLC -> Entertainment Experience) C:\Program Files\TrueColor\TrueColorUI.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.521.3093.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.521.3093.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <11>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe <3>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7240.285\DSAPI.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Provo Craft & Novelty, Inc. -> Cricut, Inc.) C:\Users\Kevin\AppData\Roaming\Cricut Design Space\Web\taskbar-application-win32\Release\CricutTaskbarApplication.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <4>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Rivet Networks LLC -> CloudBees, Inc.) C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe
(Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RNDBWM.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Support.com Inc -> SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Zoom Information Inc. -> ) C:\Users\Kevin\AppData\Local\ZoomInfoCEUtility\2214\coordinator.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-12-05] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-12-05] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322712 2014-10-09] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3859968 2014-10-07] (Dell Inc.) [File not signed]
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2461504 2014-09-17] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [2799784 2014-09-17] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
HKLM\...\Run: [TrueColor UI] => C:\Program Files\TrueColor\TrueColorUI.exe [19491792 2014-12-25] (Entertainment Experience LLC -> Entertainment Experience)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-06-01] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [605952 2014-07-30] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [DropboxOEM] => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [462160 2014-09-02] (Dropbox, Inc -> )
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [665568 2018-12-26] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [870368 2018-12-26] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare software CO., LIMITED -> Wondershare)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3840463180-259134987-2718017145-1001\...\Run: [ZoomInfo Contact Contributor] => C:\Users\Kevin\AppData\Local\ZoomInfoCEUtility\launch.bat [108 2020-08-04] () [File not signed]
HKU\S-1-5-21-3840463180-259134987-2718017145-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33169992 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3840463180-259134987-2718017145-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [90951544 2020-09-08] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-3840463180-259134987-2718017145-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [11221496 2021-03-09] (Support.com Inc -> SUPERAntiSpyware)
HKLM\...\Print\Monitors\EPSON WF-2650 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBMBE.DLL [179712 2013-12-06] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [493568 2014-03-18] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.114\Installer\chrmstp.exe [2021-04-02] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Cricut Taskbar Application.lnk [2019-04-20]
ShortcutTarget: Cricut Taskbar Application.lnk -> C:\Users\Kevin\AppData\Roaming\Cricut Design Space\Web\taskbar-application-win32\Release\CricutTaskbarApplication.exe (Provo Craft & Novelty, Inc. -> Cricut, Inc.)
Startup: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Cricut Taskbar Application.lnk [2020-01-19]
ShortcutTarget: Cricut Taskbar Application.lnk -> C:\Users\Kevin\AppData\Roaming\Cricut Design Space\Web\taskbar-application-win32\Release\CricutTaskbarApplication.exe (Provo Craft & Novelty, Inc. -> Cricut, Inc.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {02B0A2AD-0972-48F7-B1D4-928FC214D0E1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {06636855-088E-4EEC-8FDD-53DD6A2292FD} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {076B2C47-D697-427A-8ACF-6210770BF738} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-18] (Piriform Software Ltd -> Piriform)
Task: {07F11A6B-C394-4C83-8DB4-FC157D807B52} - System32\Tasks\Dell\Dell Product Registration => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [157216 2014-10-31] (Leader Technologies Inc -> Aviata Inc)
Task: {0FBFDA9F-BF15-43BB-8DB7-83E1CD356E85} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-06-18] (Google Inc -> Google Inc.)
Task: {13924255-5760-40F9-9A5A-E7B6F89940A7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248760 2021-04-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {154397B0-9E05-40FE-9C62-4FE214B53054} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {161A1EE0-1C9B-4381-9BC6-9609A3CE9B1C} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
Task: {19DA0505-3428-4A35-96E8-83E44288C770} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-06-18] (Google Inc -> Google Inc.)
Task: {1E2C9A91-8CD4-40AB-AA5D-E5711BAD4FB9} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {1E844678-5E4F-4B41-BD6B-6ACD96272D33} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27616328 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {231977FB-009F-4435-B6CB-12EBF6470F1E} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-12-05] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {2A216410-363F-4EDF-A2A9-8E9D05444620} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {358A93C4-976E-465A-BB3B-7F638C8CCEAB} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {35BF08C4-2CC6-4A27-82FB-26F475D74501} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {425E04B3-2738-4010-B96D-163B098EAF56} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {4FC1F1D0-1BA5-45EE-9160-0D69E1FFFAE5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {51132DE9-0467-4826-8444-FBD9DF001CE0} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {585FA7B3-65F7-4A8F-8EFD-337D74921ED8} - System32\Tasks\G2MUpdateTask-S-1-5-21-3840463180-259134987-2718017145-1001 => C:\Users\Kevin\AppData\Local\GoToMeeting\19598\g2mupdate.exe [31320 2021-04-13] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {5A5EFFBB-D0E7-453E-9025-DD9FCA23D8B4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {5E6EACA6-005E-407C-8728-F6A069C50503} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {6039EC3A-3DD8-49C2-9E66-900B8579A486} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248760 2021-04-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {61FE512B-D3A2-43EB-9870-8CF8DA62224A} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-09] (Adobe Inc. -> Adobe)
Task: {629BB22C-D7D0-43B6-8167-2D425AB83318} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {89BFFEC1-FA8B-4BD6-AE7C-F44C4A238C7A} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [32448 2018-12-04] (Rivet Networks LLC -> DELL)
Task: {96D00D1B-DA0F-4834-B64A-102FAAB01F5E} - System32\Tasks\Dell\Dell Product Registration Update => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [157216 2014-10-31] (Leader Technologies Inc -> Aviata Inc)
Task: {A2824CA7-A5E7-4855-B314-E4410D03DB52} - \WPD\SqmUpload_S-1-5-21-3840463180-259134987-2718017145-1001 -> No File <==== ATTENTION
Task: {A321898C-45BB-4F43-8DBD-0EA360F1BC54} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [340440 2013-03-22] (CyberLink Corp. -> CyberLink Corp.)
Task: {A329E17C-07A7-474F-BCFB-D970BA57A276} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110144 2013-03-04] (CyberLink Corp. -> CyberLink)
Task: {AB2497F9-9931-4214-98E0-8DBC70FE0A2C} - System32\Tasks\G2MUploadTask-S-1-5-21-3840463180-259134987-2718017145-1001 => C:\Users\Kevin\AppData\Local\GoToMeeting\19598\g2mupload.exe [31320 2021-04-13] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {ABF648AC-E34C-4DBD-9DDD-4B2830337DE6} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1059336 2021-01-09] (Dell Inc -> Dell Inc.)
Task: {AFA8A7A3-12CA-489F-B22F-E3B07E8FB137} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {B8798CE3-0559-46B6-A410-7089683C4889} - System32\Tasks\SUPERAntiSpyware Scheduled Task c7678fdf-6c0a-4904-a452-d3e0591d7f08 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [49944 2013-11-07] (SUPERAntiSpyware.com -> SUPERAdBlocker.com) -> "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:c7678fdf-6c0a-4904-a452-d3e0591d7f08
Task: {BF02F1ED-D196-4BFA-A8F9-5AB641A63471} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {C277A910-C35A-4DCA-9AF8-A82A3615441B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {C313DF04-EC4C-421C-A0BD-753CE89998CC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {C3343159-9DDB-43F7-97A1-B84399599042} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
Task: {C36EF305-15A6-4DC2-A51C-D458BBA69B44} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C456F1EA-4C6F-482D-933D-A4748021701C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D854E967-9B48-4010-BDFA-0EEF4B7C5BB4} - System32\Tasks\EPSON WF-2650 Series Update {8B305BCB-CE73-48EE-834D-3FFFF4261B0B} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMBE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {EE76F59F-3828-44AB-B65E-1C65AB694640} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114008 2021-04-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {EEBAD564-DD6E-441D-816F-04695485E731} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1120136 2021-04-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {F194A955-236A-418B-9C1C-AE9C0B2473E7} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1791712 2021-02-23] (Avast Software s.r.o. -> Avast Software)
Task: {F3F92DF4-4025-4098-AE1A-EC1F4840BF3F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {F40B4B6C-514F-49A6-97EE-3C2DB2F15665} - System32\Tasks\SUPERAntiSpyware Scheduled Task 7d8c551d-a8d8-4c08-8c28-c79634f187a2 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [49944 2013-11-07] (SUPERAntiSpyware.com -> SUPERAdBlocker.com) -> "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:7d8c551d-a8d8-4c08-8c28-c79634f187a2
Task: {F666CDF6-88B2-4B83-9F01-0CB7C9348154} - System32\Tasks\EPSON WF-2650 Series Update {4F616683-5A0C-4EB3-B6CE-41B7A160F1DC} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMBE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {F750B35F-EFCA-420D-8678-DC99BCBAAA58} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114008 2021-04-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {F95CBABA-3CF1-481D-B574-88FA556E587C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {FAEE8D0A-6CB9-48CB-94F6-B525763EA92C} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [696816 2021-03-25] (Mozilla Corporation -> Mozilla Foundation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\EPSON WF-2650 Series Update {4F616683-5A0C-4EB3-B6CE-41B7A160F1DC}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMBE.EXE:/EXE:{4F616683-5A0C-4EB3-B6CE-41B7A160F1DC} /F:UpdateWORKGROUP\MAC$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON WF-2650 Series Update {8B305BCB-CE73-48EE-834D-3FFFF4261B0B}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMBE.EXE:/EXE:{8B305BCB-CE73-48EE-834D-3FFFF4261B0B} /F:UpdateWORKGROUP\MAC$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3840463180-259134987-2718017145-1001.job => C:\Users\Kevin\AppData\Local\GoToMeeting\19598\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3840463180-259134987-2718017145-1001.job => C:\Users\Kevin\AppData\Local\GoToMeeting\19598\g2mupload.exe
Task: C:\WINDOWS\Tasks\RunDFS.job => cmd /c sc start Dell Foundation ServicesWORKGROUP MAC
Task: C:\WINDOWS\Tasks\RunDLC.job => cmd /c sc start My Dell Learning CenterWORKGROUP MAC /
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 7d8c551d-a8d8-4c08-8c28-c79634f187a2.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task c7678fdf-6c0a-4904-a452-d3e0591d7f08.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.62 209.18.47.61
Tcpip\..\Interfaces\{9b9ae6a9-73ad-4203-920f-f5fd08b78c76}: [DhcpNameServer] 209.18.47.62 209.18.47.61 209.18.47.63
Tcpip\..\Interfaces\{e3ae2b90-0690-4440-a72a-9cfe47a74652}: [DhcpNameServer] 209.18.47.62 209.18.47.61
Edge:
=======
Edge HomeButtonPage: HKU\S-1-5-21-3840463180-259134987-2718017145-1001 -> hxxp://www.yahoo.com/
Edge DefaultProfile: Default
Edge Profile: C:\Users\Kevin\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-14]
Edge Notifications: Default -> hxxps://www.tradingview.com
Edge HomePage: Default -> hxxp://www.yahoo.com/
FireFox:
========
FF DefaultProfile: bostehxn.default
FF ProfilePath: C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\bostehxn.default [2021-04-14]
FF Homepage: Mozilla\Firefox\Profiles\bostehxn.default -> www.yahoo.com
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\bostehxn.default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2021-04-13]
FF Extension: (Avast Online Security) - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\bostehxn.default\Extensions\wrc@avast.com.xpi [2021-02-17]
FF SearchPlugin: C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\bostehxn.default\searchplugins\search-provided-by-bing.xml [2015-12-13]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] (Apple Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-07-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-07-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [No File]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [No File]
FF Plugin HKU\S-1-5-21-3840463180-259134987-2718017145-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Kevin\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-11-04] (Citrix Online -> Citrix Online)
FF Plugin HKU\S-1-5-21-3840463180-259134987-2718017145-1001: tdameritrade.com/thinkorswim -> C:\Program Files\thinkorswim\npthinkorswim.dll [2021-04-05] (TD Ameritrade -> TD Ameritrade)
FF Plugin HKU\S-1-5-21-3840463180-259134987-2718017145-1001: tdameritrade.com/tossc -> C:\Program Files\thinkorswim\nptossc.dll [2021-04-05] (TD Ameritrade -> TD Ameritrade)
Chrome:
=======
CHR DefaultProfile: Profile 2
CHR Profile: C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default [2017-01-06]
CHR StartupUrls: Default -> "hxxp://www.drudgereport.com/","hxxps://weather.com/weather/radar/interactive/l/45323:4:US","hxxp://www.facebook.com/","hxxps://www.google.com/#q=speed+test","hxxp://www.youtube.com/","hxxp://www.twitter.com/","hxxp://www.foxnews.com/"
CHR Profile: C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-03-23]
CHR Profile: C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-01-06]
CHR Profile: C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Profile 2 [2021-04-14]
CHR Notifications: Profile 2 -> hxxps://mail.google.com; hxxps://twitter.com; hxxps://www.facebook.com; hxxps://www.reddit.com; hxxps://www.tradingview.com; hxxps://www.youtube.com
CHR StartupUrls: Profile 2 -> "hxxps://twitter.com/login?redirect_after_login=%2Fhome","hxxps://www.forexfactory.com/calendar.php?week","hxxps://www.youtube.com/","hxxps://www.cftc.gov/MarketReports/CommitmentsofTraders/index.htm","hxxps://www.reuters.tv/","hxxps://finance.yahoo.com/","hxxps://finviz.com/","hxxps://fred.stlouisfed.org/series/DBAA#","hxxps://www.otcmarkets.com/research/stock-screener"
CHR Extension: (Slides) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (Ledger Manager) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beimhnaefocolcplfimocfiaiefpkgbf [2020-07-24]
CHR Extension: (YouTube) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-03]
CHR Extension: (Sheets) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Google Docs Offline) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-21]
CHR Extension: (Grammarly for Chrome) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2021-04-14]
CHR Extension: (Ledger Wallet Bitcoin) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kkdpmhnladdopljabkgpacgpliggeeaf [2020-07-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Data Scraper - Easy Web Scraping) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nndknepjnldbdbepjfgmncbggmopgden [2021-03-06]
CHR Extension: (Gmail) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-17]
CHR Profile: C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\System Profile [2021-03-23]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc. -> Apple Inc.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] (Autodesk, Inc. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8788368 2021-03-29] (Microsoft Corporation -> Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [287776 2020-10-26] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3750944 2020-10-26] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [507936 2020-10-26] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2017-09-19] (Dell Inc -> Dell Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7240.285\DSAPI.exe [985584 2021-01-16] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
S2 Dell Help & Support; C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe [40976 2017-09-18] (Dell Inc -> Dell Inc.)
S2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38592 2020-10-29] (Dell Inc -> )
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [278568 2014-10-31] (Leader Technologies Inc -> Aviata, Inc.)
R2 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [125440 2016-03-17] (Dassault Systèmes) [File not signed]
R2 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [676336 2015-06-25] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-18] (Malwarebytes Inc -> Malwarebytes)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink Corp. -> CyberLink)
R2 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64184 2018-12-04] (Rivet Networks LLC -> CloudBees, Inc.)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [2065808 2016-01-04] (Dell Inc. -> SoftThinks SAS)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2114248 2018-12-04] (Rivet Networks LLC -> Rivet Networks)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39432 2021-01-09] (Dell Inc -> Dell Inc.)
R2 TrueColorALS; C:\Program Files\TrueColor\TrueColorALS.exe [94160 2014-12-25] (Entertainment Experience LLC -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe [2624104 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe [128376 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [42376 2020-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2013-01-24] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-04-11] (Malwarebytes Inc -> Malwarebytes)
R3 iaLPSS_UART2; C:\WINDOWS\System32\drivers\iaLPSS_UART2.sys [143864 2014-06-10] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220616 2021-04-11] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198248 2021-04-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-04-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-04-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [155360 2021-04-11] (Malwarebytes Inc -> Malwarebytes)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [120008 2018-12-04] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421088 2021-04-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72928 2021-04-11] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-04-14 20:57 - 2021-04-14 21:24 - 000081616 _____ C:\Users\Kevin\Desktop\Addition.txt
2021-04-14 20:16 - 2021-04-14 21:27 - 000040052 _____ C:\Users\Kevin\Desktop\FRST.txt
2021-04-14 20:11 - 2021-04-14 20:11 - 002298368 _____ (Farbar) C:\Users\Kevin\Desktop\FRST64.exe
2021-04-14 20:03 - 2021-04-14 20:04 - 000000000 ____D C:\WINDOWS\LastGood
2021-04-14 05:41 - 2021-04-14 19:55 - 000000000 ____D C:\Users\Kevin\AppData\Roaming\Ledger Live
2021-04-14 05:41 - 2021-04-14 05:41 - 000001902 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ledger Live.lnk
2021-04-14 05:41 - 2021-04-14 05:41 - 000001890 _____ C:\Users\Public\Desktop\Ledger Live.lnk
2021-04-14 05:41 - 2021-04-14 05:41 - 000001890 _____ C:\ProgramData\Desktop\Ledger Live.lnk
2021-04-14 05:41 - 2021-04-14 05:41 - 000000000 ____D C:\Users\Kevin\AppData\Local\ledger-live-desktop-updater
2021-04-14 05:41 - 2021-04-14 05:41 - 000000000 ____D C:\Program Files\Ledger Live
2021-04-14 05:40 - 2021-04-14 05:40 - 108584160 _____ (Ledger Live Team) C:\Users\Kevin\Downloads\ledger-live-desktop-2.25.1-win.exe
2021-04-13 21:09 - 2021-04-13 21:09 - 000000000 ____D C:\Users\Kevin\AppData\Local\exodus
2021-04-13 21:08 - 2021-04-13 21:08 - 113658680 _____ (Exodus Movement Inc) C:\Users\Kevin\Downloads\exodus-windows-x64-21.4.12.exe
2021-04-11 18:21 - 2021-04-11 18:21 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-04-11 18:20 - 2021-04-11 18:20 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-04-11 18:20 - 2021-04-11 18:20 - 000220616 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-04-11 18:20 - 2021-04-11 18:20 - 000198248 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-04-11 18:20 - 2021-04-11 18:20 - 000155360 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-04-07 18:39 - 2021-04-07 18:39 - 002543174 _____ C:\Users\Kevin\Downloads\My Career Story Workbook.pdf
2021-03-26 20:08 - 2021-03-26 20:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-03-25 19:35 - 2021-03-26 23:00 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-04-14 21:27 - 2016-06-19 09:09 - 000000000 ____D C:\FRST
2021-04-14 21:25 - 2015-09-09 18:18 - 000000000 ____D C:\Users\Kevin\Documents\Outlook Files
2021-04-14 21:24 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-14 21:16 - 2015-06-17 18:25 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2021-04-14 21:12 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-14 21:11 - 2020-06-16 22:44 - 000002423 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-14 21:11 - 2020-06-16 22:44 - 000002261 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-04-14 21:11 - 2020-06-16 22:44 - 000002261 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-04-14 21:11 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-14 20:34 - 2015-06-25 05:44 - 000000000 ____D C:\Program Files\CCleaner
2021-04-14 20:32 - 2020-08-28 00:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-14 20:19 - 2015-06-23 18:57 - 000000000 ____D C:\ProgramData\softthinks
2021-04-14 20:09 - 2020-08-28 00:27 - 000842418 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-14 20:09 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-14 20:07 - 2017-01-14 22:17 - 000000000 ____D C:\Users\Kevin\AppData\LocalLow\Mozilla
2021-04-14 20:07 - 2015-06-27 19:23 - 000000000 ____D C:\ProgramData\Mozilla
2021-04-14 20:04 - 2017-05-31 23:40 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-04-14 20:04 - 2015-06-23 18:50 - 000000000 __SHD C:\Users\Kevin\IntelGraphicsProfiles
2021-04-14 20:01 - 2020-08-28 01:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-14 20:01 - 2015-11-04 20:02 - 000000642 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3840463180-259134987-2718017145-1001.job
2021-04-14 20:01 - 2015-11-04 20:02 - 000000546 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3840463180-259134987-2718017145-1001.job
2021-04-14 20:00 - 2020-08-07 19:25 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-14 19:42 - 2020-08-28 01:12 - 000004142 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{887EED0E-162F-4F02-BDE0-20B26C8A305F}
2021-04-14 19:40 - 2017-12-31 16:15 - 000000000 ____D C:\Users\Kevin\AppData\Roaming\Exodus
2021-04-14 19:34 - 2020-08-28 01:12 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-04-13 21:09 - 2018-01-01 13:18 - 000002260 _____ C:\Users\Kevin\Desktop\Exodus.lnk
2021-04-13 21:09 - 2017-12-31 16:15 - 000000000 ____D C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Exodus Movement Inc
2021-04-13 21:09 - 2017-12-31 16:15 - 000000000 ____D C:\Users\Kevin\AppData\Local\SquirrelTemp
2021-04-13 20:56 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-04-13 01:17 - 2020-08-28 01:12 - 000003786 _____ C:\WINDOWS\system32\Tasks\G2MUploadTask-S-1-5-21-3840463180-259134987-2718017145-1001
2021-04-13 01:17 - 2020-08-28 01:12 - 000003690 _____ C:\WINDOWS\system32\Tasks\G2MUpdateTask-S-1-5-21-3840463180-259134987-2718017145-1001
2021-04-13 01:17 - 2017-07-09 04:41 - 000000000 ____D C:\Users\Kevin\AppData\Local\GoToMeeting
2021-04-12 20:51 - 2020-08-28 01:12 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-12 20:51 - 2020-08-28 01:12 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-04-12 05:19 - 2020-08-28 01:12 - 000003354 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3840463180-259134987-2718017145-1001
2021-04-12 05:18 - 2020-08-28 00:13 - 000002400 _____ C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-04-12 05:18 - 2015-06-23 18:53 - 000000000 ___RD C:\Users\Kevin\OneDrive
2021-04-11 20:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-04-11 20:17 - 2015-06-17 18:24 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-04-11 20:02 - 2015-12-11 22:33 - 000000000 ____D C:\Users\Kevin\.thinkorswim
2021-04-11 18:19 - 2020-12-18 22:35 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-04-11 17:13 - 2015-12-11 22:32 - 000000000 ____D C:\Program Files\thinkorswim
2021-04-11 06:07 - 2018-03-23 13:40 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-04-08 20:19 - 2017-10-16 22:24 - 000000000 ____D C:\Program Files (x86)\LMFX MetaTrader 4 Terminal
2021-04-02 04:22 - 2016-06-18 19:17 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-02 04:22 - 2016-06-18 19:17 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-04-02 04:22 - 2016-06-18 19:17 - 000002262 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-03-30 04:44 - 2018-07-07 20:34 - 000000000 ____D C:\Users\Kevin\AppData\Local\CrashDumps
2021-03-26 23:01 - 2020-08-28 01:12 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software
2021-03-26 23:00 - 2015-06-27 19:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-03-26 22:59 - 2019-12-07 05:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-03-26 20:08 - 2015-06-27 19:24 - 000001173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-03-23 20:38 - 2020-08-28 00:13 - 000000000 ____D C:\Users\Kevin
==================== Files in the root of some directories ========
2017-03-29 22:27 - 2017-03-29 22:41 - 000000132 _____ () C:\Users\Kevin\AppData\Roaming\Adobe GIF Format CS5 Prefs
2018-07-07 17:47 - 2018-07-07 18:56 - 000001137 _____ () C:\Users\Kevin\AppData\Roaming\apps.txt
2017-03-29 22:45 - 2017-03-30 18:25 - 000001456 _____ () C:\Users\Kevin\AppData\Local\Adobe Save for Web 12.0 Prefs
2018-01-01 13:28 - 2018-01-01 13:28 - 000000722 _____ () C:\Users\Kevin\AppData\Local\recently-used.xbel
2021-03-14 15:06 - 2021-03-14 15:06 - 000000017 _____ () C:\Users\Kevin\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================