Jump to content

All Activity

This stream auto-updates     

  1. Yesterday
  2. Last week
  3. kbradio

    Error when scanning

    Emailed this error several times and keep getting error. Also tried this http://cdn.superantispyware.com/SAS_ForceUpdate.exe and it didn't work. See attached error.
  4. Earlier
  5. kbradio

    Error when scanning

    The scan runs for 1 minute and get a pop-up stating an error occurred please submit your email with the error. Been doing this the last 4 months, my paid subscription is going to expire and can't use the program. TIA Frank.
  6. Hello, Just recently Fire Fox discontinued the Add-on extensions... I would like to know if the SAS Pro version can be setup to operate like Ghostery or Ublock Origin extensions?? I want to know if the SAS Pro version can stop all the Tracking cookies before they're saved on the computer..??? My system is WinXP and Fire Fox Thanks
  7. I have SAS set up to scan my computer every night sometime after midnight. If I don't exit out of my open Chrome windows at night, when I return in the morning, I will have lost my connection to the internet. When I try to reconnect to the internet via the Windows internet access interface, none of my available networks appear. When I try to reach the Network and Internet Settings via the Windows Settings route (ie, the gear button) I get a blue screen with a continual buffering symbol. My only recourse has been to restart Windows. (I am running Windows 10, btw.) This happens every time I forget to exit out of Chrome before leaving my computer for the evening. Obviously, the work-around for me is to exit out of Chrome every night, but I would prefer to fix whatever problem is happening so this isn't necessary. Any thoughts?
  8. NinaG

    Wi-Fi disappears after installing SAS

    I have a similar problem. I have SAS set up to scan my computer every night sometime after midnight. If I don't exit out of my open Chrome windows at night, when I return in the morning, I will have lost my connection to the internet. When I try to reconnect to the internet via the Windows internet access interface, none of my available networks appear. When I try to reach the Network and Internet Settings via the Windows Settings route (ie, the gear button) I get a blue screen with a continual buffering symbol. My only recourse has been to restart Windows. This happens every time I forget to exit out of Chrome before leaving my computer for the evening. Obviously, the work-around for me is to exit out of Chrome every night, but I would prefer to fix whatever problem is happening so this isn't necessary.
  9. My scheduled scan never automatically finishes? Always waiting for me to click on "continue" to finish it up, is there a way to fix this?
  10. geoff

    Tracking Cookies

    Hi BradEdit, Can you tell us what OS and version of Chrome ( chrome://settings/help or chrome://help )you are using? Also, what version of SAS do you have installed?
  11. BradEdit

    Tracking Cookies

    SuperAntiSpyware free addition has stopped finding tracking cookies. That's what I liked about this program. I haven't changed settings and tracking cookies are on in settings. Using Chrome. Why?
  12. Great. I thought is might have been a false positive, but wanted someone else's opinion. SAS kept pointing to an X86 HKCR/.bmp#content type[donman] registry entry. The key is still there, but now the SAS program is no longer registering a trojan warning.This has been happening off and on for the last few days. Unless anyone has any suggestions, I'm going to consider a false positive. Thanks for the help.
  13. GuiltySpark

    trojan.restore test in registry

    No outstanding issues that I can see.
  14. This one keeps reappearing. I've run farbar. Posting the FRST and ADDITION logs. Please look and let me know if this is a virus. Thanks. Kris Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-05.2019 Ran by Saye (administrator) on NEWCOMPUTER (Dell Inc. Inspiron 23 Model 5348) (03-05-2019 22:18:56) Running from C:\Users\Saye\Downloads Loaded Profiles: Saye & (Available Profiles: Saye) Platform: Windows 8.1 (Update) (X64) Language: English (United States) Default browser: FF Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () [File not signed] C:\Program Files (x86)\DELL\DELLOSD\DellOSDService.exe () [File not signed] C:\Program Files (x86)\DELL\DELLOSD\MediaButtons.exe () [File not signed] C:\Windows\SysWOW64\srvany.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Canon Inc. -> CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (Carbonite -> Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Carbonite -> Carbonite, Inc.) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (Dell Inc -> ) C:\Program Files (x86)\DELL\UpdateService\ServiceShell.exe (Dell Inc -> Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe (Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe (Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe (Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe (Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe (Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistUI.exe (DELL Inc.) [File not signed] C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation - pGFX -> ) C:\Windows\System32\igfxTray.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) Smart Connect software -> ) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe (Intel(R) Smart Connect software -> Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intuit, Inc. -> Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows Hardware Compatibility Publisher -> BayHubTech/O2Micro International) C:\Windows\System32\drivers\o2flash.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1542\DSAPI.exe (PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1542\pcdrwi.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Qualcomm Atheros -> ) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe (Support.com, Inc. -> SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe (TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (TODO: <公司名>) [File not signed] C:\Windows\SysWOW64\SDIOAssist.exe (Wyse Technology Inc -> ) C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7205592 2013-12-24] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1368792 2013-12-24] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286056 2013-09-24] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed] HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2782096 2010-07-25] (Canon Inc. -> CANON INC.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2019-04-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Carbonite Backup] => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [1278056 2019-02-08] (Carbonite -> Carbonite, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation) HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [134784 2014-04-29] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] HKU\S-1-5-21-4029162235-4123474821-1798796012-1001\...\Run: [HP Officejet Pro 8610 (NET)] => C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP) HKU\S-1-5-21-4029162235-4123474821-1798796012-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [9198512 2019-04-09] (Support.com, Inc. -> SUPERAntiSpyware) HKU\S-1-5-21-4029162235-4123474821-1798796012-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22515488 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-4029162235-4123474821-1798796012-1001\...\MountPoints2: {51c89a10-d0c9-11e4-8273-90489a859e1e} - "F:\LaunchU3.exe" HKU\S-1-5-21-4029162235-4123474821-1798796012-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282019090002682\...\Run: [HP Officejet Pro 8610 (NET)] => C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP) HKU\S-1-5-21-4029162235-4123474821-1798796012-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282019090002682\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [9198512 2019-04-09] (Support.com, Inc. -> SUPERAntiSpyware) HKU\S-1-5-21-4029162235-4123474821-1798796012-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282019090002682\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22515488 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-4029162235-4123474821-1798796012-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282019090002682\...\MountPoints2: {51c89a10-d0c9-11e4-8273-90489a859e1e} - "F:\LaunchU3.exe" HKLM\Software\...\AppCompatFlags\Custom\chrome.exe: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] -> HKLM\Software\...\AppCompatFlags\Custom\explorer.zza: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] -> HKLM\Software\...\AppCompatFlags\Custom\iexplore.exe: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] -> HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-10] (Google LLC -> Google Inc.) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2018-09-19] (Adobe Systems, Incorporated -> Adobe Systems, Inc.) HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-04-29] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-04-29] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk [2014-06-03] ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel(R) Smart Connect software -> Intel Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PHOTOfunSTUDIO 9.3 PE.lnk [2015-04-04] ShortcutTarget: PHOTOfunSTUDIO 9.3 PE.lnk -> C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe (Panasonic Corporation) [File not signed] Startup: C:\Users\Saye\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-06-24] ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0066D85E-CF98-4EAD-A106-3DE889AB17FA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Task: {17762800-6977-4ECA-B9EF-421079786732} - System32\Tasks\HP AR Program Upload - 9dc07e69cbf243ea8824e647f4f26e2eefa5e07fc45c44e082b1f3a0cf23a323 => C:\Program Files\HP\HP Officejet Pro 8610\bin\HPRewards.exe [3495944 2014-07-21] (Hewlett Packard -> TODO: <Company name>) Task: {1A9F6EFE-E862-4D7C-B4B6-ADAD2A84BC65} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd) Task: {3342D4F0-7027-45D3-B761-5A9FFD1622FD} - System32\Tasks\HP AR Program Upload - 950de00241fe4f5ba142f415f11a8c33b2e121c77f354d95bb2af61329b8714b => C:\Program Files\HP\HP Officejet Pro 8610\bin\HPRewards.exe [3495944 2014-07-21] (Hewlett Packard -> TODO: <Company name>) Task: {54B8AAC4-4BE3-4A73-9ACF-303110E9FE4E} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_171_Plugin.exe [1456696 2019-04-09] (Adobe Inc. -> Adobe) Task: {5E13DE77-161F-4B9F-9C18-4E674B2008C0} - System32\Tasks\Dell\Dell System Registration => C:\Program Files (x86)\System Registration\prodreg.exe [6762544 2012-07-09] (Dell Inc. -> Dell, Inc.) Task: {7259AF95-2CDD-4525-8245-33942DFADC05} - System32\Tasks\HP AR Program Upload - aa553d6b796342049626286156a02d4036973f13d7cd4e518f9b6013df9eee7d => C:\Program Files\HP\HP Officejet Pro 8610\bin\HPRewards.exe [3495944 2014-07-21] (Hewlett Packard -> TODO: <Company name>) Task: {730A553D-A051-4C8D-A2B7-E0885C704721} - System32\Tasks\HP AR Program Upload - 443587a738be410885dc074f5b5688cf273f2c4b707f4bd1966fadd75d62fac1 => C:\Program Files\HP\HP Officejet Pro 8610\bin\HPRewards.exe [3495944 2014-07-21] (Hewlett Packard -> TODO: <Company name>) Task: {75576785-EE5C-4DDF-A3AD-7097A72FD13F} - System32\Tasks\HPCustParticipation HP Officejet Pro 8610 => C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPCustPartic.exe [5745672 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP) Task: {7AE36F81-D455-4109-A682-C70C03365AB3} - System32\Tasks\SUPERAntiSpyware Scheduled Task a0bc6b90-785b-45f6-b233-6715d315d11e => C:\Program Files\SUPERAntiSpyware\SASTask.exe [49944 2013-11-07] (SUPERAntiSpyware.com -> SUPERAdBlocker.com) Task: {802E5BA4-261B-4A85-815E-8F85607DA89F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [979024 2019-02-13] (Microsoft Corporation -> Microsoft Corporation) Task: {8FE8EBAB-5AE0-4A7D-AB8E-A5FDE3B4DEBF} - System32\Tasks\PocketCloudVirtualChannel => C:\Program Files (x86)\Wyse\PocketCloud\WPCRDPVirtualChannelServer.exe [17200 2013-08-22] (Wyse Technology Inc -> ) Task: {92E030DD-1D18-4CCA-AEB8-F693FF37E40B} - System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4} => Powershell -noexit -command "&{$carbProgramDataPath = $env:ProgramData + '\Carbonite\Carbonite Backup\';$upgradeExe = 'CarboniteUpgrade.exe';$upgradeFullPath = $carbProgramDataPath + $upgradeExe;$logFile = 'CarboniteUpgrade.log';$logFileFullPath = $carbProgramDataPath + $logFile;$psversion = [string]$psversio (the data entry has 1818 more characters). Task: {971DA864-2CBE-4153-8B1C-E0F5B0440EDB} - System32\Tasks\PocketCloudUpdater => C:\Program [Argument = Files (x86)\Wyse\PocketCloud\Updater.exe] Task: {AC8B54F7-B1CE-4E83-BD47-6AD682B678FE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16509040 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd) Task: {BA3DB1B3-E61B-45FA-9734-6610DC2D5188} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.) Task: {BF888664-5728-4FF1-B176-2F24925B7A5F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.) Task: {C37B55F6-71E8-4596-B721-E22D9A43DEE8} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4029162235-4123474821-1798796012-1001 => C:\Users\Saye\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {C97EC7FB-91DD-45BC-A27D-F5E18E6A095B} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1512920 2019-04-10] (Dell Inc. -> Dell Inc.) Task: {D0E3FE01-E2EB-4C9B-8AC2-14BEABBAA042} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [340440 2013-03-22] (CyberLink Corp. -> CyberLink Corp.) Task: {E294DDED-49E5-4127-AA8B-52C12BECFE90} - System32\Tasks\PocketCloud => C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudDesktopApp.exe [713008 2013-08-22] (Wyse Technology Inc -> ) Task: {E9A8CAE8-A792-436C-9FF8-F2C0B65F9620} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-04-09] (Adobe Inc. -> Adobe) Task: {E9AEC766-B1EA-4B31-B86E-6C01F32FA02F} - System32\Tasks\HP AR Program Upload - e33f35af5b684a8aad195e3bf0a93634346f2462db9e4bf291710884bfa3be19 => C:\Program Files\HP\HP Officejet Pro 8610\bin\HPRewards.exe [3495944 2014-07-21] (Hewlett Packard -> TODO: <Company name>) Task: {EC6E6974-A545-44D0-AC74-050F56CE3F42} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [668464 2017-02-24] (Intel(R) Trust Services -> Intel(R) Corporation) Task: {ED12A92E-6FBC-4700-A524-EF28C3A61358} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [979024 2019-02-13] (Microsoft Corporation -> Microsoft Corporation) Task: {EE21F529-F7CB-4A8D-80B8-505B5C6B734A} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110144 2013-03-04] (CyberLink Corp. -> CyberLink) Task: {F00DB129-0347-48EC-95A1-98C4C852ABEC} - System32\Tasks\SUPERAntiSpyware Scheduled Task 0fd79c9c-29c6-4652-8553-9ce7bb369c73 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [49944 2013-11-07] (SUPERAntiSpyware.com -> SUPERAdBlocker.com) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 0fd79c9c-29c6-4652-8553-9ce7bb369c73.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task a0bc6b90-785b-45f6-b233-6715d315d11e.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{EE1D3EA7-F743-410D-8B55-09CE2EA954FF}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKU\S-1-5-21-4029162235-4123474821-1798796012-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.duckduckgo.com/ HKU\S-1-5-21-4029162235-4123474821-1798796012-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282019090002682\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.duckduckgo.com/ SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4029162235-4123474821-1798796012-1001 -> DefaultScope {16682772-DA2A-4AE2-BC04-EF3AA0074FCF} URL = hxxps://duckduckgo.com/?q={searchTerms}&atb=v158-3__ SearchScopes: HKU\S-1-5-21-4029162235-4123474821-1798796012-1001 -> {16682772-DA2A-4AE2-BC04-EF3AA0074FCF} URL = hxxps://duckduckgo.com/?q={searchTerms}&atb=v158-3__ SearchScopes: HKU\S-1-5-21-4029162235-4123474821-1798796012-1001 -> {1B20846F-136E-48A0-9F0A-0AE525A01970} URL = SearchScopes: HKU\S-1-5-21-4029162235-4123474821-1798796012-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282019090002682 -> DefaultScope {16682772-DA2A-4AE2-BC04-EF3AA0074FCF} URL = hxxps://duckduckgo.com/?q={searchTerms}&atb=v158-3__ SearchScopes: HKU\S-1-5-21-4029162235-4123474821-1798796012-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282019090002682 -> {16682772-DA2A-4AE2-BC04-EF3AA0074FCF} URL = hxxps://duckduckgo.com/?q={searchTerms}&atb=v158-3__ SearchScopes: HKU\S-1-5-21-4029162235-4123474821-1798796012-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282019090002682 -> {1B20846F-136E-48A0-9F0A-0AE525A01970} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2019-02-13] (Microsoft Corporation -> Microsoft Corporation) BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed] BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-02] (Google Inc -> Google Inc.) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2019-02-13] (Microsoft Corporation -> Microsoft Corporation) BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed] BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed] BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\ssv.dll [2019-04-17] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-02] (Google Inc -> Google Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-04-17] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed] Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed] Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-02] (Google Inc -> Google Inc.) Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed] Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-02] (Google Inc -> Google Inc.) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation -> Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Saye\AppData\Roaming\Mozilla\Firefox\Profiles\o3ypnvhb.default [2019-05-03] FF Homepage: Mozilla\Firefox\Profiles\o3ypnvhb.default -> hxxps://www.google.com/?gws_rd=ssl FF Extension: (Avira Browser Safety) - C:\Users\Saye\AppData\Roaming\Mozilla\Firefox\Profiles\o3ypnvhb.default\Extensions\abs@avira.com.xpi [2019-03-27] FF Extension: (NewTabURL) - C:\Users\Saye\AppData\Roaming\Mozilla\Firefox\Profiles\o3ypnvhb.default\Extensions\newtaburl@sogame.cat.xpi [2016-04-27] [Legacy] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_171.dll [2019-04-09] (Adobe Inc. -> ) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_171.dll [2019-04-09] (Adobe Inc. -> ) FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-04-14] (CANON INC.) [File not signed] FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) [File not signed] FF Plugin-x32: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-04-17] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-04-17] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-09-19] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-4029162235-4123474821-1798796012-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Saye\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-02-02] (Visan Industries -> RocketLife, LLP) FF Plugin HKU\S-1-5-21-4029162235-4123474821-1798796012-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282019090002682: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Saye\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-02-02] (Visan Industries -> RocketLife, LLP) Chrome: ======= CHR DefaultSearchURL: Default -> hxxps://search.avira.com/#web/result?source=omnibar&q={searchTerms} CHR DefaultSearchKeyword: Default -> Avira CHR DefaultSuggestURL: Default -> hxxps://search.avira.com/suggestions?q={searchTerms}&li=ff&hl=en CHR Profile: C:\Users\Saye\AppData\Local\Google\Chrome\User Data\Default [2019-05-03] CHR Extension: (Docs) - C:\Users\Saye\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-03] CHR Extension: (Google Drive) - C:\Users\Saye\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-11-16] CHR Extension: (Avira Browser Safety) - C:\Users\Saye\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2019-05-03] CHR Extension: (Google Docs Offline) - C:\Users\Saye\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-05-03] CHR Extension: (Avira SafeSearch Plus) - C:\Users\Saye\AppData\Local\Google\Chrome\User Data\Default\Extensions\khjilmcjipkeokomeekfnhkpbnhmgaje [2019-05-03] CHR Extension: (Chrome Web Store Payments) - C:\Users\Saye\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-05-03] CHR Extension: (Chrome Media Router) - C:\Users\Saye\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-03] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com) R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [319104 2014-04-29] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed] R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [466280 2019-04-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058256 2019-02-13] (Microsoft Corporation -> Microsoft Corporation) R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209392 2019-02-28] (Dell Inc -> Dell Inc.) R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3363824 2019-02-28] (Dell Inc -> Dell Inc.) R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218096 2019-02-28] (Dell Inc -> Dell Inc.) R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2017-09-19] (Dell Inc -> Dell Inc.) R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1542\DSAPI.exe [1038144 2019-04-24] (PC-Doctor, Inc. -> PC-Doctor, Inc.) R2 Dell WMI Service; C:\Program Files (x86)\DELL\DELLOSD\DellOSDService.exe [147456 2013-12-27] () [File not signed] R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [35976 2018-11-12] (Dell Inc -> ) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [14696 2013-09-24] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344184 2016-06-07] (Intel Corporation - pGFX -> Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [732448 2017-02-24] (Intel(R) Trust Services -> Intel(R) Corporation) S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [548648 2017-02-24] (Intel(R) Trust Services -> Intel(R) Corporation) R2 ISCTAgent; c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-20] (Intel(R) Smart Connect software -> ) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [197264 2017-06-26] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes) R2 O2FLASH; C:\Windows\System32\drivers\o2flash.exe [65536 2014-03-07] (Microsoft Windows Hardware Compatibility Publisher -> BayHubTech/O2Micro International) R2 O2SDIOAssist; C:\Windows\SysWOW64\srvany.exe [8192 2012-03-09] () [File not signed] R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-29] (CyberLink Corp. -> CyberLink) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2013-12-24] (Realtek Semiconductor Corp -> Realtek Semiconductor) R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39896 2019-04-10] (Dell Inc. -> Dell Inc.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11795800 2019-04-15] (TeamViewer GmbH -> TeamViewer GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) R2 WysePocketCloud; C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe [16176 2013-08-22] (Wyse Technology Inc -> ) R2 WyseRemoteAccess; C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe [1785344 2013-08-19] (DELL Inc.) [File not signed] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3893248 2014-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.) R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [41608 2018-05-08] (Techporch Incorporated -> Dell Inc.) R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation) R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [457496 2014-03-05] (Intel Corporation -> Intel Corporation) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153328 2019-03-26] (Malwarebytes Corporation -> Malwarebytes) R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-08] (Intel(R) Smart Connect software -> ) R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-08] (Intel(R) Smart Connect software -> ) R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-07] (Intel(R) Smart Connect software -> ) R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-07] (Intel(R) Smart Connect software -> ) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198512 2019-03-26] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [127136 2019-04-26] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73912 2019-04-26] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [274416 2019-04-26] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [114040 2019-04-26] (Malwarebytes Corporation -> Malwarebytes) R3 O2FJ2RDR; C:\Windows\System32\drivers\O2FJ2w8x64.sys [210616 2014-05-14] (O2Micro -> BayHubTech/O2Micro ) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation) R4 DBUtil_2_3; \??\C:\Windows\TEMP\DBUtil_2_3.Sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-05-03 22:18 - 2019-05-03 22:18 - 000001212 _____ C:\Users\Saye\Desktop\mwreport.txt 2019-05-03 19:01 - 2019-05-03 19:01 - 002430464 _____ (Farbar) C:\Users\Saye\Downloads\FRSTEnglish.exe 2019-05-03 19:01 - 2019-05-03 19:01 - 000000000 ____D C:\Users\Saye\Downloads\FRST-OlderVersion 2019-05-03 13:50 - 2019-05-03 13:50 - 000000000 ____D C:\Users\Saye\AppData\Local\TeamViewer 2019-05-03 13:44 - 2019-05-03 13:51 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2019-05-03 13:44 - 2019-05-03 13:44 - 000001065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk 2019-05-03 13:44 - 2019-05-03 13:44 - 000001053 _____ C:\Users\Public\Desktop\TeamViewer 14.lnk 2019-05-03 13:44 - 2019-05-03 13:44 - 000000000 ____D C:\Users\Saye\AppData\Roaming\TeamViewer 2019-05-03 13:41 - 2019-05-03 13:41 - 022796808 _____ (TeamViewer GmbH) C:\Users\Saye\Downloads\TeamViewer_Setup.exe 2019-05-03 12:56 - 2019-05-03 12:56 - 000000000 ___RD C:\Users\Saye\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2019-04-30 21:08 - 2019-04-30 21:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2019-04-30 08:42 - 2019-04-30 08:42 - 000000000 _____ C:\Windows\invcol.tmp 2019-04-29 13:01 - 2019-04-29 13:02 - 044443168 _____ (Microsoft Corporation) C:\Users\Saye\Downloads\Windows-KB890830-x64-V5.71 (1).exe 2019-04-29 12:52 - 2019-04-29 12:52 - 000002259 _____ C:\Windows\epplauncher.mif 2019-04-29 11:36 - 2019-04-29 11:37 - 015065792 _____ (Microsoft Corporation) C:\Users\Saye\Downloads\MSEInstall.exe 2019-04-29 11:10 - 2019-04-29 11:11 - 044443168 _____ (Microsoft Corporation) C:\Users\Saye\Downloads\Windows-KB890830-x64-V5.71.exe 2019-04-26 22:07 - 2019-04-26 22:07 - 000274416 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2019-04-26 22:07 - 2019-04-26 22:07 - 000127136 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2019-04-26 22:07 - 2019-04-26 22:07 - 000114040 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2019-04-26 22:07 - 2019-04-26 22:07 - 000073912 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2019-04-24 13:04 - 2019-04-24 13:04 - 000002147 _____ C:\Users\Public\Desktop\SupportAssist.lnk 2019-04-22 16:42 - 2019-04-22 16:42 - 000127022 _____ C:\Users\Saye\Downloads\Statement Dated 03_29_2019 2019-04-22 16:41 - 2019-04-22 16:42 - 000127009 _____ C:\Users\Saye\Downloads\Statement Dated 02_28_2019 2019-04-17 20:01 - 2019-04-17 20:01 - 031062947 _____ C:\Users\Saye\Downloads\Gut-Recovery-Recipes-1.pdf 2019-04-17 11:11 - 2019-04-17 11:10 - 000099192 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2019-04-14 19:12 - 2019-04-14 19:12 - 000002156 _____ C:\Users\Public\Desktop\Carbonite.lnk 2019-04-14 19:12 - 2019-04-14 19:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carbonite 2019-04-11 13:11 - 2019-04-11 13:11 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2019-04-10 16:17 - 2019-04-12 07:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2019-04-10 05:09 - 2019-03-29 13:07 - 000835480 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe 2019-04-10 05:09 - 2019-03-29 13:07 - 000179608 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2019-04-09 18:27 - 2019-05-03 08:30 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update 2019-04-09 18:26 - 2019-04-09 18:26 - 021254208 _____ (Piriform Software Ltd) C:\Users\Saye\Downloads\ccsetup556.exe 2019-04-09 11:32 - 2019-03-25 23:14 - 025736704 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2019-04-09 11:32 - 2019-03-25 22:12 - 020280832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2019-04-09 11:32 - 2019-03-25 22:05 - 015284736 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2019-04-09 11:32 - 2019-02-09 11:55 - 022373096 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2019-04-09 11:32 - 2019-02-09 11:23 - 019790664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2019-04-09 11:31 - 2019-04-01 18:16 - 004169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2019-04-09 11:31 - 2019-03-30 13:57 - 000126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys 2019-04-09 11:31 - 2019-03-26 09:11 - 007079936 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll 2019-04-09 11:31 - 2019-03-26 08:57 - 005276160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll 2019-04-09 11:31 - 2019-03-26 08:40 - 007798272 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll 2019-04-09 11:31 - 2019-03-26 08:35 - 005270528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll 2019-04-09 11:31 - 2019-03-26 01:16 - 001311976 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2019-04-09 11:31 - 2019-03-25 23:00 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\sxssrv.dll 2019-04-09 11:31 - 2019-03-25 22:52 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2019-04-09 11:31 - 2019-03-25 22:50 - 000577024 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2019-04-09 11:31 - 2019-03-25 22:40 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2019-04-09 11:31 - 2019-03-25 22:10 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2019-04-09 11:31 - 2019-03-25 22:09 - 000381440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2019-04-09 11:31 - 2019-03-25 22:08 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2019-04-09 11:31 - 2019-03-25 22:06 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2019-04-09 11:31 - 2019-03-25 22:00 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2019-04-09 11:31 - 2019-03-25 21:56 - 001040384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2019-04-09 11:31 - 2019-03-25 21:51 - 000498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2019-04-09 11:31 - 2019-03-25 21:48 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2019-04-09 11:31 - 2019-03-25 21:48 - 001556992 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2019-04-09 11:31 - 2019-03-25 21:24 - 013682176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2019-04-09 11:31 - 2019-03-25 21:23 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2019-04-09 11:31 - 2019-03-25 21:22 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2019-04-09 11:31 - 2019-03-25 21:22 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2019-04-09 11:31 - 2019-03-25 21:21 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2019-04-09 11:31 - 2019-03-25 21:08 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2019-04-09 11:31 - 2019-03-25 21:04 - 001332224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2019-04-09 11:31 - 2019-03-20 18:29 - 002452432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2019-04-09 11:31 - 2019-03-15 21:03 - 002535664 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2019-04-09 11:31 - 2019-03-15 20:46 - 000805176 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2019-04-09 11:31 - 2019-03-15 20:36 - 001902752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2019-04-09 11:31 - 2019-03-15 20:29 - 000611656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2019-04-09 11:31 - 2019-03-15 19:51 - 001755136 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll 2019-04-09 11:31 - 2019-03-15 19:49 - 001493504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2019-04-09 11:31 - 2019-03-15 19:48 - 003324416 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2019-04-09 11:31 - 2019-03-15 19:47 - 003617280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2019-04-09 11:31 - 2019-03-15 19:39 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll 2019-04-09 11:31 - 2019-03-15 19:39 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll 2019-04-09 11:31 - 2019-03-13 22:57 - 007368952 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2019-04-09 11:31 - 2019-03-13 22:56 - 001677024 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2019-04-09 11:31 - 2019-03-13 22:56 - 001537560 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2019-04-09 11:31 - 2019-03-13 12:13 - 001369096 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2019-04-09 11:31 - 2019-03-09 10:08 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\oleprn.dll 2019-04-09 11:31 - 2019-03-09 09:51 - 001115136 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2019-04-09 11:31 - 2019-03-09 09:47 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleprn.dll 2019-04-09 11:31 - 2019-03-09 09:43 - 003822080 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll 2019-04-09 11:31 - 2019-03-09 09:35 - 001085952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2019-04-09 11:31 - 2019-03-09 09:31 - 003274752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll 2019-04-09 11:31 - 2019-03-09 09:28 - 002348544 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2019-04-09 11:31 - 2019-03-09 09:19 - 001550848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2019-04-09 11:31 - 2019-03-09 09:01 - 003547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2019-04-09 11:31 - 2019-03-09 07:20 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll 2019-04-09 11:31 - 2019-03-09 07:20 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll 2019-04-09 11:31 - 2019-03-09 07:20 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll 2019-04-09 11:31 - 2019-03-09 07:20 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll 2019-04-09 11:31 - 2019-03-09 07:20 - 000340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll 2019-04-09 11:31 - 2019-02-24 07:43 - 001308456 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2019-04-09 11:31 - 2019-02-21 10:34 - 000281088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys 2019-04-09 11:31 - 2019-02-11 20:48 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll 2019-04-09 11:30 - 2019-03-25 22:40 - 005777920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2019-04-09 11:30 - 2019-03-25 22:22 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2019-04-09 11:30 - 2019-03-25 22:15 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2019-04-09 11:30 - 2019-03-25 21:43 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2019-04-09 11:30 - 2019-03-25 21:36 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2019-04-09 11:30 - 2019-03-25 21:29 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2019-04-09 11:30 - 2019-03-25 21:26 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2019-04-09 11:30 - 2019-03-25 21:02 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2019-04-09 11:30 - 2019-02-21 10:36 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys 2019-04-09 11:30 - 2019-02-21 10:35 - 000684032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2019-04-09 11:30 - 2019-02-21 10:34 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2019-04-09 11:30 - 2019-02-21 09:31 - 000747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2019-04-09 11:13 - 2019-04-09 11:13 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys ==================== One month (modified) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-05-03 22:19 - 2017-12-13 12:26 - 000036999 _____ C:\Users\Saye\Downloads\FRST.txt 2019-05-03 22:18 - 2017-12-13 12:25 - 000000000 ____D C:\FRST 2019-05-03 21:40 - 2014-09-03 13:22 - 000003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{0DE80B7F-EE8A-4248-9D44-F989C0CBA75B} 2019-05-03 18:58 - 2014-09-03 13:25 - 000000000 ____D C:\Users\Saye\AppData\Roaming\ClassicShell 2019-05-03 17:49 - 2016-11-20 17:05 - 000000000 ____D C:\Users\Saye\AppData\LocalLow\Mozilla 2019-05-03 15:03 - 2017-11-13 15:03 - 000000532 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 0fd79c9c-29c6-4652-8553-9ce7bb369c73.job 2019-05-03 12:55 - 2018-01-13 21:05 - 000000000 __SHD C:\Users\Saye\IntelGraphicsProfiles 2019-05-03 10:00 - 2017-11-13 15:03 - 000000532 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task a0bc6b90-785b-45f6-b233-6715d315d11e.job 2019-05-01 22:32 - 2016-03-23 12:44 - 000000000 ____D C:\ProgramData\CanonIJPLM 2019-04-30 21:16 - 2014-09-03 13:23 - 000003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4029162235-4123474821-1798796012-1001 2019-04-30 21:07 - 2014-06-03 20:48 - 000000000 ____D C:\ProgramData\Package Cache 2019-04-29 13:03 - 2014-09-03 14:21 - 131129288 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2019-04-29 11:38 - 2015-04-30 21:47 - 000300032 ___SH C:\Users\Saye\Downloads\Thumbs.db 2019-04-27 14:36 - 2013-08-22 08:36 - 000000000 ____D C:\Windows\AppReadiness 2019-04-26 22:09 - 2013-08-22 08:36 - 000000000 ____D C:\Windows\registration 2019-04-26 22:06 - 2013-08-22 07:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-04-26 21:58 - 2013-08-22 08:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-04-26 21:57 - 2014-09-09 10:58 - 000000000 ____D C:\Program Files\Microsoft Office 15 2019-04-26 19:33 - 2013-08-22 06:25 - 000262144 ___SH C:\Windows\system32\config\BBI 2019-04-26 19:04 - 2018-08-07 09:59 - 000391560 _____ C:\Windows\system32\FNTCACHE.DAT 2019-04-25 13:17 - 2014-06-03 21:04 - 000000000 ____D C:\ProgramData\PCDr 2019-04-24 13:04 - 2014-06-03 21:04 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell 2019-04-24 13:04 - 2013-08-22 06:36 - 000000000 ____D C:\Windows\Inf 2019-04-24 12:59 - 2017-06-26 11:05 - 000000000 ____D C:\ProgramData\SupportAssist 2019-04-17 11:11 - 2014-09-03 13:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2019-04-17 11:11 - 2014-09-03 13:28 - 000000000 ____D C:\Program Files (x86)\Java 2019-04-16 07:37 - 2013-08-22 08:36 - 000000000 ___HD C:\Program Files\WindowsApps 2019-04-14 20:35 - 2014-09-03 13:16 - 000000000 ____D C:\Users\Saye 2019-04-14 19:12 - 2015-04-09 16:25 - 000008234 _____ C:\Windows\System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4} 2019-04-13 02:37 - 2013-08-22 08:36 - 000000000 ____D C:\Windows\rescache 2019-04-12 07:13 - 2017-11-13 14:56 - 000000000 ____D C:\Program Files\SUPERAntiSpyware 2019-04-12 07:13 - 2014-09-03 13:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2019-04-12 07:08 - 2013-08-22 08:36 - 000000000 ___RD C:\Windows\ToastData 2019-04-10 19:57 - 2014-09-03 13:41 - 000001177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2019-04-10 18:07 - 2018-11-16 11:40 - 000002248 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-04-10 18:07 - 2018-11-16 11:40 - 000002207 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2019-04-10 05:16 - 2013-08-22 08:20 - 000000000 ____D C:\Windows\CbsTemp 2019-04-10 05:09 - 2014-09-03 14:22 - 000000000 ____D C:\Windows\system32\MRT 2019-04-09 18:27 - 2018-01-16 18:45 - 000000836 _____ C:\Users\Public\Desktop\CCleaner.lnk 2019-04-09 02:07 - 2018-03-13 09:31 - 000004466 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier 2019-04-09 02:07 - 2014-09-03 15:49 - 000004288 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2019-04-09 02:07 - 2013-08-22 08:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2019-04-09 02:07 - 2013-08-22 08:36 - 000000000 ____D C:\Windows\system32\Macromed 2019-04-03 12:07 - 2014-09-09 12:39 - 000000000 ____D C:\Users\Saye\Documents\TurboTax ==================== Files in the root of some directories ======= 2014-09-09 11:44 - 2014-09-09 11:44 - 000024013 _____ () C:\Users\Saye\AppData\Roaming\Comma Separated Values.ADR 2017-01-07 13:40 - 2017-01-07 14:01 - 000005632 _____ () C:\Users\Saye\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-04-09 16:31 - 2015-01-29 08:13 - 000009216 _____ () C:\Users\Saye\AppData\Local\Z@!-873faad9-44e0-4583-bc28-3c1a70da2243.tmp 2015-04-09 16:31 - 2015-01-29 08:13 - 000009216 _____ () C:\Users\Saye\AppData\Local\Z@!-97b4748c-1cd5-4c1b-8e70-db6bf0cb9526.tmp 2015-04-09 16:31 - 2015-01-29 08:13 - 000010240 _____ () C:\Users\Saye\AppData\Local\Z@S!-0a7c7c05-2100-409a-af70-8f87ecc5988f.tmp 2017-08-24 10:39 - 2017-08-24 10:39 - 000000000 _____ () C:\Users\Saye\AppData\Local\{517D1DED-B9BA-4D12-BB02-1D309510F866} 2017-02-03 14:14 - 2017-02-03 14:14 - 000000000 _____ () C:\Users\Saye\AppData\Local\{78AD3714-C198-4AC0-A4A4-96636991DF81} ==================== SigCheck =============================== (There is no automatic fix for files that do not pass verification.) LastRegBack: 2019-04-28 04:04 ==================== End of FRST.txt ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-05.2019 Ran by Saye (03-05-2019 22:20:05) Running from C:\Users\Saye\Downloads Windows 8.1 (Update) (X64) (2014-09-03 20:16:53) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-4029162235-4123474821-1798796012-500 - Administrator - Disabled) Guest (S-1-5-21-4029162235-4123474821-1798796012-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-4029162235-4123474821-1798796012-1003 - Limited - Enabled) Saye (S-1-5-21-4029162235-4123474821-1798796012-1001 - Administrator - Enabled) => C:\Users\Saye ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 123 Free Solitaire v10.0 (HKLM-x32\...\123 Free Solitaire_is1) (Version: - TreeCardGames) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.010.20099 - Adobe Systems Incorporated) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.171 - Adobe) Avira (HKLM-x32\...\{2504137A-5E42-4340-8F34-2086B49FBD1A}) (Version: 1.2.133.21088 - Avira Operations GmbH & Co. KG) Hidden Avira (HKLM-x32\...\{33789076-9ec9-4866-b174-19596d6375c1}) (Version: 1.2.131.15242 - Avira Operations GmbH & Co. KG) Avira (HKLM-x32\...\{9c4627af-2a2f-4e06-aa50-e0d70979e4b6}) (Version: 1.2.132.16752 - Avira Operations GmbH & Co. KG) Avira (HKLM-x32\...\{b3f1f775-e558-4660-a503-9129ae9d7310}) (Version: 1.2.133.21088 - Avira Operations GmbH & Co. KG) Avira (HKLM-x32\...\{c5838bf4-7a0d-488e-b1b8-a233ec3e436b}) (Version: 1.2.128.15911 - Avira Operations GmbH & Co. KG) Avira (HKLM-x32\...\{fd422d82-916c-4aca-bc42-67b7eb9925c4}) (Version: 1.2.129.13789 - Avira Operations GmbH & Co. KG) Camera Support Core Library (HKLM-x32\...\{A1D0D14A-B776-4907-BC00-5149F2298086}) (Version: 7.3.0.4 - Canon) Hidden Camera Window DS (HKLM-x32\...\{6B8BDABA-6737-4998-AEE4-E218EDE5FC7A}) (Version: 5.2 - Canon) Hidden Camera Window DVC (HKLM-x32\...\{001AB29C-5468-4972-8D24-2EBDB2B12133}) (Version: 5.4 - Canon) Hidden Camera Window MC (HKLM-x32\...\{89EB3ED7-225A-412E-B048-623D502C000F}) (Version: 5.4 - Canon) Hidden Canon Camera Support Core Library (HKLM-x32\...\InstallShield_{A1D0D14A-B776-4907-BC00-5149F2298086}) (Version: 7.3.0.4 - Canon) Canon Camera Window DC_DV 5 for ZoomBrowser EX (HKLM-x32\...\InstallShield_{001AB29C-5468-4972-8D24-2EBDB2B12133}) (Version: 5.4 - Canon) Canon Camera Window DS for ZoomBrowser EX (HKLM-x32\...\InstallShield_{6B8BDABA-6737-4998-AEE4-E218EDE5FC7A}) (Version: 5.2 - Canon) Canon Camera Window MC 5 for ZoomBrowser EX (HKLM-x32\...\InstallShield_{89EB3ED7-225A-412E-B048-623D502C000F}) (Version: 5.4 - Canon) Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - ) Canon MP Navigator EX 4.1 (HKLM-x32\...\MP Navigator EX 4.1) (Version: - ) Canon MX880 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX880_series) (Version: - ) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - ) Canon PhotoRecord (HKLM-x32\...\{6693BD7C-CB4E-43AC-A0D6-10D1A1B88DCF}) (Version: 02.02.02000 - Cisra) Canon RAW Image Task for ZoomBrowser EX (HKLM-x32\...\InstallShield_{001EB665-D9EC-415E-9E13-AD2125B2B992}) (Version: 2.1 - Canon) Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version: - ) Canon Utilities PhotoStitch 3.1 (HKLM-x32\...\InstallShield_{218BBBE3-FE63-4BB2-81A8-7435575A84FA}) (Version: 3.1.14 - Canon) Canon ZoomBrowser EX (HKLM-x32\...\{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}) (Version: 5.02.0100 - Canon) Carbonite (HKLM-x32\...\{129A37E4-7280-429B-B2C6-FF2EA057F239}) (Version: 6.3.4 build 7957 (Feb-08-2019) - Carbonite) CCleaner (HKLM\...\CCleaner) (Version: 5.56 - Piriform) Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft) CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform) Dell Customer Connect (HKLM-x32\...\{04A41EBC-AB30-4574-A14D-E0CDFE31AB70}) (Version: 1.5.1.0 - Dell Inc.) Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP) Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.16.1 - Dell Inc.) Dell SupportAssist (HKLM\...\{0309AC01-330F-494C-B27D-58E297E4674F}) (Version: 3.2.1.94 - Dell Inc.) Dell Update (HKLM-x32\...\{5EBBC1DA-975F-44A0-B438-F325BCD45577}) (Version: 3.0.1 - Dell Inc.) Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.) DELLOSD (HKLM-x32\...\{AC950530-9F3B-4D94-8BEF-C84A77869AF4}) (Version: 1.0.0.0 - DELL) Free Spider Solitaire v5.0 (HKLM-x32\...\Free Spider_is1) (Version: - TreeCardGames) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.) Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden Hoyle Slots & Video Poker (HKLM-x32\...\{03BB469D-4533-49D9-9D87-C69EC1BE380C}) (Version: 1.0.0.2 - Encore, Inc.) HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard) HP Officejet Pro 8610 Basic Device Software (HKLM\...\{39DA3F40-0B9E-4002-8E01-108FEC9EFE43}) (Version: 32.3.198.49673 - Hewlett-Packard Co.) HP Officejet Pro 8610 Help (HKLM-x32\...\{F9569D00-4576-46C8-B6C7-207A4FD39745}) (Version: 32.0.0 - Hewlett Packard) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1035 - Intel Corporation) Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 19.0 - Intel) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4414 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.5.1000 - Intel Corporation) Intel(R) Smart Connect Technology (HKLM\...\{E968D0B8-D9BC-4916-AC40-D667BDD5A1D1}) (Version: 4.2.41.2459 - Intel Corporation) Java 8 Update 211 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180211F0}) (Version: 8.0.2110.12 - Oracle Corporation) Malwarebytes version 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes) Microsoft Office Home and Business 2013 - en-us (HKLM\...\HomeBusinessRetail - en-us) (Version: 15.0.5127.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-4029162235-4123474821-1798796012-1001\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-4029162235-4123474821-1798796012-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282019090002682\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Movie Maker (HKLM-x32\...\{5BABDA39-61CF-41EE-992D-4054B6649A9B}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden MovieEdit Task (HKLM-x32\...\{68D27126-BF6A-457D-8DD0-5F35E8D41310}) (Version: 1.3.1.21 - Canon) Hidden Mozilla Firefox 66.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 66.0.3 (x64 en-US)) (Version: 66.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 66.0.3.7038 - Mozilla) O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\{C834E5DF-AB21-4142-8234-0C4FA77F3A04}) (Version: 3.0.08.38 - O2Micro International LTD.) Hidden O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\InstallShield_{C834E5DF-AB21-4142-8234-0C4FA77F3A04}) (Version: 3.0.08.38 - O2Micro International LTD.) Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5127.1000 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5127.1000 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.5127.1000 - Microsoft Corporation) Hidden OLYMPUS CAMEDIA Master 4.0 (HKLM-x32\...\{30BB4D60-81DB-11D5-BB77-00400536ABAC}) (Version: - ) PHOTOfunSTUDIO 9.3 PE (HKLM-x32\...\{E33B3B6C-5712-4A39-B30D-1391918D920D}) (Version: 9.03.703 - Panasonic Corporation) PhotoStitch (HKLM-x32\...\{218BBBE3-FE63-4BB2-81A8-7435575A84FA}) (Version: 3.1.14 - Canon) Hidden PocketCloud (HKLM-x32\...\{D9752C7D-A595-4687-A0D5-362E9C311C55}) (Version: 2.7.14 - Wyse Technology) Product Improvement Study for HP Officejet Pro 8610 (HKLM\...\{D2064264-3162-4DB1-AFE0-167BEFBBCD9C}) (Version: 32.3.198.49673 - Hewlett-Packard Co.) Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.322 - Qualcomm Atheros Communications) QuickTime (HKLM-x32\...\QuickTime) (Version: - ) RAW Image Task 2.1 (HKLM-x32\...\{001EB665-D9EC-415E-9E13-AD2125B2B992}) (Version: 2.1 - Canon) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7106 - Realtek Semiconductor Corp.) SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1250 - SUPERAntiSpyware.com) TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.2.8352 - TeamViewer) TurboTax 2014 (HKLM-x32\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc) TurboTax 2015 (HKLM-x32\...\TurboTax 2015) (Version: 2015.0 - Intuit, Inc) TurboTax 2016 (HKLM-x32\...\TurboTax 2016) (Version: 2016.0 - Intuit, Inc) TurboTax 2017 (HKLM-x32\...\TurboTax 2017) (Version: 2017.0 - Intuit, Inc) TurboTax 2018 (HKLM-x32\...\TurboTax 2018) (Version: 2018.0 - Intuit, Inc) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellIconOverlayIdentifiers: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.) ShellIconOverlayIdentifiers: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.) ShellIconOverlayIdentifiers: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.) ShellIconOverlayIdentifiers: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.) ShellIconOverlayIdentifiers: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.) ShellIconOverlayIdentifiers: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => -> No File ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => -> No File ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed] ShellIconOverlayIdentifiers-x32: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.) ShellIconOverlayIdentifiers-x32: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.) ShellIconOverlayIdentifiers-x32: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.) ShellIconOverlayIdentifiers-x32: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.) ShellIconOverlayIdentifiers-x32: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.) ShellIconOverlayIdentifiers-x32: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.) ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed] ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvAppExt.dll [2014-04-29] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] ContextMenuHandlers1: [Carbonite] -> {FE8BD682-9A64-4740-A92B-EE7E5F7FA0A5} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.) ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-06] (CyberLink Corp. -> Cyberlink) ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd) ContextMenuHandlers2: [Carbonite] -> {FE8BD682-9A64-4740-A92B-EE7E5F7FA0A5} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.) ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-06] (CyberLink Corp. -> Cyberlink) ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ShellContextExt.dll [2014-04-29] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [Carbonite] -> {FE8BD682-9A64-4740-A92B-EE7E5F7FA0A5} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2016-06-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed] ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2018-01-13 20:53 - 2014-02-26 23:39 - 000440320 _____ (Atheros) [File not signed] C:\Windows\system32\athihvs.dll 2016-03-23 12:24 - 2010-09-08 09:27 - 000328192 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNMN6PPM.DLL 2014-04-29 03:31 - 2014-04-29 03:31 - 000319104 _____ (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe 2014-06-03 20:57 - 2013-12-27 14:12 - 000147456 _____ () [File not signed] C:\Program Files (x86)\DELL\DELLOSD\DellOSDService.exe 2018-10-04 21:04 - 2012-03-09 09:27 - 000008192 _____ () [File not signed] C:\Windows\SysWOW64\srvany.exe 2018-10-04 21:04 - 2014-05-20 12:53 - 002701824 _____ (TODO: <公司名>) [File not signed] C:\Windows\sysWOW64\SDIOAssist.exe 2013-08-19 04:29 - 2013-08-19 04:29 - 001785344 _____ (DELL Inc.) [File not signed] C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe 2014-06-03 20:57 - 2013-12-27 14:00 - 000540672 _____ () [File not signed] C:\Program Files (x86)\DELL\DELLOSD\MediaButtons.exe 2014-04-29 03:32 - 2014-04-29 03:32 - 000203392 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\FolderViewImpl.dll 2014-04-29 03:33 - 2014-04-29 03:33 - 000116352 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\utils.dll 2014-04-29 03:32 - 2014-04-29 03:32 - 000033408 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\CommApi.dll 2014-04-29 03:32 - 2014-04-29 03:32 - 000034432 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ipc.dll 2014-04-29 03:33 - 2014-04-29 03:33 - 000027264 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\TCPConnection.dll 2014-04-20 10:17 - 2014-04-20 10:17 - 003374272 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll 2014-04-29 03:33 - 2014-04-29 03:33 - 000291456 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ShellContextExt.dll 2014-04-29 03:32 - 2014-04-29 03:32 - 000107648 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvAppExt.dll 2014-04-29 03:33 - 2014-04-29 03:33 - 001067648 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\OutLookLib.dll 2014-04-20 10:17 - 2014-04-20 10:17 - 000284864 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Windows\system32\StartMenuHelper64.dll 2014-04-20 10:17 - 2014-04-20 10:17 - 000803520 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicExplorer64.dll 2014-04-20 10:17 - 2014-04-20 10:17 - 000161984 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe 2014-04-29 03:32 - 2014-04-29 03:32 - 000134784 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe 2014-04-29 03:33 - 2014-04-29 03:33 - 000063104 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ModuleManager.dll 2014-04-29 03:28 - 2014-04-29 03:28 - 000011264 _____ () [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll 2014-04-29 03:28 - 2014-04-29 03:28 - 000063488 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\RfcommLib\rfcommlib.dll 2014-04-29 03:25 - 2014-04-29 03:25 - 000210432 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Audio\audio.dll 2014-04-29 03:32 - 2014-04-29 03:32 - 000083072 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Handsfree.dll 2014-04-29 03:28 - 2014-04-29 03:28 - 000091136 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\L2capLib\l2caplib.dll 2014-04-29 03:27 - 2014-04-29 03:27 - 000087552 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\SesMgr\sesmgr.dll 2014-04-29 03:20 - 2014-04-29 03:20 - 000097792 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\goep\goep.dll 2014-04-29 03:27 - 2014-04-29 03:27 - 000177152 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\BIP\BIP.dll 2014-04-29 03:23 - 2014-04-29 03:23 - 000035840 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\FAX\Fax.dll 2014-04-29 03:24 - 2014-04-29 03:24 - 000018432 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\DID\DId.dll 2014-04-29 03:27 - 2014-04-29 03:27 - 000162304 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\BasicPrintProfile\BPP.dll 2014-04-29 03:24 - 2014-04-29 03:24 - 000308224 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\LE\LE.dll 2014-04-29 03:32 - 2014-04-29 03:32 - 000126592 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\gatts.DLL 2014-04-29 03:32 - 2014-04-29 03:32 - 000085632 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\GattI.dll 2014-04-29 03:26 - 2014-04-29 03:26 - 000421888 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\FileTransfer\FileTransfer.dll 2014-04-29 03:23 - 2014-04-29 03:23 - 000086016 _____ () [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Map\MAP.dll 2014-04-29 03:27 - 2014-04-29 03:27 - 000066048 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\OppOperation\OppOperation.dll 2014-04-29 03:26 - 2014-04-29 03:26 - 000067072 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\pbap\pbap.dll 2014-04-29 03:26 - 2014-04-29 03:26 - 000097280 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\sap\sap.dll 2014-04-29 03:26 - 2014-04-29 03:26 - 000055296 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\spp\spp.dll 2014-04-29 03:27 - 2014-04-29 03:27 - 000096256 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\GapSdp\GapSdp.dll 2014-04-29 03:23 - 2014-04-29 03:23 - 000029696 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\HCRP\Hcrp.dll 2014-04-29 03:25 - 2014-04-29 03:25 - 000064512 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Sync\Sync.dll 2014-04-29 03:20 - 2014-04-29 03:20 - 000181248 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\OppOperation\ObjPush.dll 2014-04-29 03:33 - 2014-04-29 03:33 - 000130176 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\skypeagent.dll 2014-04-29 03:31 - 2014-04-29 03:31 - 000012928 _____ (Qualcomm Atheros -> ) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe 2016-03-23 12:26 - 2010-07-25 19:08 - 000136704 _____ (CANON INC.) [File not signed] C:\Program Files\Canon\MyPrinter\cnmpu.dll 2016-03-23 12:26 - 2010-07-25 19:08 - 000067584 _____ (CANON INC.) [File not signed] C:\Program Files\Canon\MyPrinter\BJMyRes.dll 2013-09-24 09:25 - 2013-09-24 09:25 - 000286720 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll 2013-09-24 09:25 - 2013-09-24 09:25 - 000499200 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll 2019-03-09 02:51 - 2019-03-09 02:51 - 001078784 _____ (Intuit) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_32\Intuit.Spc.fecc593b#\9abc7fc57289c68fa3bf32e7dd6e5f47\Intuit.Spc.Map.WindowsFirewallUtilities.ni.dll 2019-02-11 12:58 - 2019-03-26 23:58 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll 2019-02-11 12:58 - 2019-03-26 23:58 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll 2019-02-11 12:58 - 2019-03-26 23:58 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll 2019-02-11 12:58 - 2019-03-26 23:58 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll 2019-02-11 12:58 - 2019-03-26 23:58 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll 2019-02-11 12:58 - 2019-03-26 23:58 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll 2019-02-11 12:58 - 2019-03-26 23:58 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll 2019-02-11 12:58 - 2019-03-26 23:58 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll 2019-02-11 12:58 - 2019-03-26 23:58 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll 2019-03-26 23:58 - 2019-03-26 23:58 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll 2019-03-26 23:58 - 2019-03-26 23:58 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll 2019-02-11 12:58 - 2019-03-26 23:58 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll 2019-03-26 23:58 - 2019-03-26 23:58 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll 2019-03-26 23:58 - 2019-03-26 23:58 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll 2019-03-26 23:58 - 2019-03-26 23:58 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll 2019-03-26 23:58 - 2019-03-26 23:58 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll 2019-03-26 23:58 - 2019-03-26 23:58 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll 2019-03-26 23:58 - 2019-03-26 23:58 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll 2019-03-26 23:58 - 2019-03-26 23:58 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll 2019-02-11 12:58 - 2019-03-26 23:58 - 000035328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\.DEFAULT\...\dell.com -> dell.com ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 06:25 - 2013-08-22 06:25 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Intel\UCRT\;C:\Program Files\Intel\UCRT\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT HKU\S-1-5-21-4029162235-4123474821-1798796012-1001\Control Panel\Desktop\\Wallpaper -> HKU\S-1-5-21-4029162235-4123474821-1798796012-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282019090002682\Control Panel\Desktop\\Wallpaper -> C:\Users\Saye\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{03AAF855-D6D4-4691-BAC6-227DB706C5A5}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudDesktopApp.exe (Wyse Technology Inc -> ) FirewallRules: [{8E350BE6-A1DC-4B90-AFBF-98232B820B0C}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe (DELL Inc.) [File not signed] FirewallRules: [{18052168-857B-49CA-9F7A-643251AD4F34}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{D0E9B7D6-A366-4E10-9E60-926FE41385DA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{AEB7334F-3F31-4362-ADFA-A8FCD4CAB19A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{19F5D832-3829-4EA8-BC51-B81602E679FD}] => (Allow) LPort=2869 FirewallRules: [{FC535E9A-F6F8-4BCA-9EB8-9AC3038ECC18}] => (Allow) LPort=1900 FirewallRules: [{9ED5A40D-D91E-42F7-9904-AFAFC42569FA}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{5FE6390E-FBC1-47A1-92FF-42D4A0194B88}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{2646E604-5C4E-4E88-B54F-2717778A1F5F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{ADEF3F48-49BF-4819-BE62-2A9D1B0C9324}] => (Allow) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Carbonite -> Carbonite, Inc. (www.carbonite.com)) FirewallRules: [{61618048-CC4B-48D9-B9F9-26BF46BA04ED}] => (Allow) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Carbonite -> Carbonite, Inc. (www.carbonite.com)) FirewallRules: [{BFCBEC2E-22FF-4AFF-91F1-FEC7DFA8F6EC}] => (Allow) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Carbonite -> Carbonite, Inc. (www.carbonite.com)) FirewallRules: [{767D0C9D-1AB3-4CD7-8995-22AF4BF91BCA}] => (Allow) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Carbonite -> Carbonite, Inc. (www.carbonite.com)) FirewallRules: [{94617445-1942-477C-B848-3052A2526F58}] => (Allow) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite -> Carbonite, Inc.) FirewallRules: [{1409B95A-D584-4006-BB7D-8BF62E52B2D7}] => (Allow) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite -> Carbonite, Inc.) FirewallRules: [{2789C986-0918-4440-87EE-A615EEBBF71E}] => (Allow) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite -> Carbonite, Inc.) FirewallRules: [{A5E32FD5-904A-47BB-B54A-53887F375ADE}] => (Allow) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite -> Carbonite, Inc.) FirewallRules: [{1573201E-FE63-40B8-957B-2B5A23B0F6D5}] => (Allow) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteSetup.exe (Carbonite -> Carbonite, Inc.) FirewallRules: [{0F9D130D-6B7A-4BFB-AB30-A859A8C79DB3}] => (Allow) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteSetup.exe (Carbonite -> Carbonite, Inc.) FirewallRules: [{B85D2D20-E58E-4778-952D-4D9AE5A8BF14}] => (Allow) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteSetup.exe (Carbonite -> Carbonite, Inc.) FirewallRules: [{5AEA6C35-14CF-4643-B6F4-FE6E487F1793}] => (Allow) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteSetup.exe (Carbonite -> Carbonite, Inc.) FirewallRules: [{18D5D07B-229B-4D5B-A9C0-63A9FD72D1C3}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP) FirewallRules: [{461DDFF8-9822-4495-A21C-47496B89C1F9}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP) FirewallRules: [{5A2B86C7-7BBB-49A8-B72E-FD3FA3D34CF9}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP) FirewallRules: [{B9D7C80B-0158-404A-82DA-A64E1F5618C3}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP) FirewallRules: [{9B6394AE-4D8C-456B-BB76-75536D52B84E}] => (Allow) LPort=5357 FirewallRules: [{AD5F599F-97FB-46D4-83ED-7A71210A470D}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP) FirewallRules: [{3A405F12-6DE3-4EA6-B1CC-4764AA485415}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{43768EA6-0064-45B7-9359-137975F8B3D8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{F49DC1A5-9FD9-4BC1-B877-199CCD16BBF4}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{253AC614-5E3C-45C4-BA69-A1E651E9E2FC}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{4F1EC1A3-27A8-49A5-9B30-D8AE286E4756}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe (Intuit, Inc. -> Intuit Inc.) FirewallRules: [{3EBAB283-4C66-434F-A8FA-C86163AAB766}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.) FirewallRules: [{C8264E9E-BA2F-4FFF-8825-931427614BC4}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.) FirewallRules: [{1E8B2E97-FBFB-4B78-9984-67F36EAEF448}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.) FirewallRules: [{899C049C-2DEC-4035-8378-76BA8138CDB2}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.) FirewallRules: [{5719A264-6BA0-41C6-A3EE-4C0D27453CFC}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.) FirewallRules: [{A59F148B-B4D8-4EBB-94E3-5D53F175275B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) FirewallRules: [{C5746BA6-DC63-498F-8489-BF155053E639}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{D329AE21-F8CD-4B26-B1BA-F62AF4D616C4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{B411D5D0-DBA5-4BE0-933C-11EFCB8F3A1E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{C886E30E-7502-4CE1-B3B9-784ECF577D23}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) ==================== Restore Points ========================= 29-04-2019 08:58:28 Scheduled Checkpoint ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (05/03/2019 11:22:00 AM) (Source: SupportAssistAgent) (EventID: 0) (User: ) Description: An exception occurred in session change of service start: System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.MissingMethodException: Method not found: 'Windows.UI.Notifications.ToastNotificationHistory Windows.UI.Notifications.ToastNotificationManager.get_History()'. at Dell.Services.SupportAssist.Notification.Command.NotificationCommand.<DeleteNotificationWhileUninstall>d__23.MoveNext() at System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start[TStateMachine](TStateMachine& stateMachine) at Dell.Services.SupportAssist.Notification.Command.NotificationCommand.DeleteNotificationWhileUninstall() at Dell.Services.SupportAssist.Notification.Command.NotificationCommand.ShowNotificationsOnSessionUnlock(SessionChangeDescription changeDescription) --- End of inner exception stack trace --- at System.RuntimeMethodHandle.InvokeMethod(Object target, Object[] arguments, Signature sig, Boolean constructor) at System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(Object obj, Object[] parameters, Object[] arguments) at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) at Dell.Services.SupportAssist.SupportAssistAgent.BootStrapperMinimized.SessionChangeAction(SessionChangeDescription changeDescription) at Dell.Services.SupportAssist.SupportAssistAgent.SupportAssistAgent.OnSessionChange(SessionChangeDescription changeDescription) Error: (05/03/2019 01:22:03 AM) (Source: SupportAssistAgent) (EventID: 0) (User: ) Description: An exception occurred in session change of service start: System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.MissingMethodException: Method not found: 'Windows.UI.Notifications.ToastNotificationHistory Windows.UI.Notifications.ToastNotificationManager.get_History()'. at Dell.Services.SupportAssist.Notification.Command.NotificationCommand.<DeleteNotificationWhileUninstall>d__23.MoveNext() at System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start[TStateMachine](TStateMachine& stateMachine) at Dell.Services.SupportAssist.Notification.Command.NotificationCommand.DeleteNotificationWhileUninstall() at Dell.Services.SupportAssist.Notification.Command.NotificationCommand.ShowNotificationsOnSessionUnlock(SessionChangeDescription changeDescription) --- End of inner exception stack trace --- at System.RuntimeMethodHandle.InvokeMethod(Object target, Object[] arguments, Signature sig, Boolean constructor) at System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(Object obj, Object[] parameters, Object[] arguments) at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) at Dell.Services.SupportAssist.SupportAssistAgent.BootStrapperMinimized.SessionChangeAction(SessionChangeDescription changeDescription) at Dell.Services.SupportAssist.SupportAssistAgent.SupportAssistAgent.OnSessionChange(SessionChangeDescription changeDescription) Error: (05/01/2019 10:32:51 PM) (Source: SupportAssistAgent) (EventID: 0) (User: ) Description: An exception occurred in session change of service start: System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.MissingMethodException: Method not found: 'Windows.UI.Notifications.ToastNotificationHistory Windows.UI.Notifications.ToastNotificationManager.get_History()'. at Dell.Services.SupportAssist.Notification.Command.NotificationCommand.<DeleteNotificationWhileUninstall>d__23.MoveNext() at System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start[TStateMachine](TStateMachine& stateMachine) at Dell.Services.SupportAssist.Notification.Command.NotificationCommand.DeleteNotificationWhileUninstall() at Dell.Services.SupportAssist.Notification.Command.NotificationCommand.ShowNotificationsOnSessionUnlock(SessionChangeDescription changeDescription) --- End of inner exception stack trace --- at System.RuntimeMethodHandle.InvokeMethod(Object target, Object[] arguments, Signature sig, Boolean constructor) at System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(Object obj, Object[] parameters, Object[] arguments) at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) at Dell.Services.SupportAssist.SupportAssistAgent.BootStrapperMinimized.SessionChangeAction(SessionChangeDescription changeDescription) at Dell.Services.SupportAssist.SupportAssistAgent.SupportAssistAgent.OnSessionChange(SessionChangeDescription changeDescription) Error: (04/30/2019 11:22:12 PM) (Source: SupportAssistAgent) (EventID: 0) (User: ) Description: An exception occurred in session change of service start: System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.MissingMethodException: Method not found: 'Windows.UI.Notifications.ToastNotificationHistory Windows.UI.Notifications.ToastNotificationManager.get_History()'. at Dell.Services.SupportAssist.Notification.Command.NotificationCommand.<DeleteNotificationWhileUninstall>d__23.MoveNext() at System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start[TStateMachine](TStateMachine& stateMachine) at Dell.Services.SupportAssist.Notification.Command.NotificationCommand.DeleteNotificationWhileUninstall() at Dell.Services.SupportAssist.Notification.Command.NotificationCommand.ShowNotificationsOnSessionUnlock(SessionChangeDescription changeDescription) --- End of inner exception stack trace --- at System.RuntimeMethodHandle.InvokeMethod(Object target, Object[] arguments, Signature sig, Boolean constructor) at System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(Object obj, Object[] parameters, Object[] arguments) at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) at Dell.Services.SupportAssist.SupportAssistAgent.BootStrapperMinimized.SessionChangeAction(SessionChangeDescription changeDescription) at Dell.Services.SupportAssist.SupportAssistAgent.SupportAssistAgent.OnSessionChange(SessionChangeDescription changeDescription) Error: (04/30/2019 05:39:14 PM) (Source: SupportAssistAgent) (EventID: 0) (User: ) Description: An exception occurred in session change of service start: System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.MissingMethodException: Method not found: 'Windows.UI.Notifications.ToastNotificationHistory Windows.UI.Notifications.ToastNotificationManager.get_History()'. at Dell.Services.SupportAssist.Notification.Command.NotificationCommand.<DeleteNotificationWhileUninstall>d__23.MoveNext() at System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start[TStateMachine](TStateMachine& stateMachine) at Dell.Services.SupportAssist.Notification.Command.NotificationCommand.DeleteNotificationWhileUninstall() at Dell.Services.SupportAssist.Notification.Command.NotificationCommand.ShowNotificationsOnSessionUnlock(SessionChangeDescription changeDescription) --- End of inner exception stack trace --- at System.RuntimeMethodHandle.InvokeMethod(Object target, Object[] arguments, Signature sig, Boolean constructor) at System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(Object obj, Object[] parameters, Object[] arguments) at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) at Dell.Services.SupportAssist.SupportAssistAgent.BootStrapperMinimized.SessionChangeAction(SessionChangeDescription changeDescription) at Dell.Services.SupportAssist.SupportAssistAgent.SupportAssistAgent.OnSessionChange(SessionChangeDescription changeDescription) Error: (04/30/2019 01:01:32 AM) (Source: SupportAssistAgent) (EventID: 0) (User: ) Description: An exception occurred in session change of service start: System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.MissingMethodException: Method not found: 'Windows.UI.Notifications.ToastNotificationHistory Windows.UI.Notifications.ToastNotificationManager.get_History()'. at Dell.Services.SupportAssist.Notification.Command.NotificationCommand.<DeleteNotificationWhileUninstall>d__23.MoveNext() at System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start[TStateMachine](TStateMachine& stateMachine) at Dell.Services.SupportAssist.Notification.Command.NotificationCommand.DeleteNotificationWhileUninstall() at Dell.Services.SupportAssist.Notification.Command.NotificationCommand.ShowNotificationsOnSessionUnlock(SessionChangeDescription changeDescription) --- End of inner exception stack trace --- at System.RuntimeMethodHandle.InvokeMethod(Object target, Object[] arguments, Signature sig, Boolean constructor) at System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(Object obj, Object[] parameters, Object[] arguments) at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) at Dell.Services.SupportAssist.SupportAssistAgent.BootStrapperMinimized.SessionChangeAction(SessionChangeDescription changeDescription) at Dell.Services.SupportAssist.SupportAssistAgent.SupportAssistAgent.OnSessionChange(SessionChangeDescription changeDescription) Error: (04/29/2019 06:16:35 PM) (Source: SupportAssistAgent) (EventID: 0) (User: ) Description: An exception occurred in session change of service start: System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.MissingMethodException: Method not found: 'Windows.UI.Notifications.ToastNotificationHistory Windows.UI.Notifications.ToastNotificationManager.get_History()'. at Dell.Services.SupportAssist.Notification.Command.NotificationCommand.<DeleteNotificationWhileUninstall>d__23.MoveNext() at System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start[TStateMachine](TStateMachine& stateMachine) at Dell.Services.SupportAssist.Notification.Command.NotificationCommand.DeleteNotificationWhileUninstall() at Dell.Services.SupportAssist.Notification.Command.NotificationCommand.ShowNotificationsOnSessionUnlock(SessionChangeDescription changeDescription) --- End of inner exception stack trace --- at System.RuntimeMethodHandle.InvokeMethod(Object target, Object[] arguments, Signature sig, Boolean constructor) at System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(Object obj, Object[] parameters, Object[] arguments) at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) at Dell.Services.SupportAssist.SupportAssistAgent.BootStrapperMinimized.SessionChangeAction(SessionChangeDescription changeDescription) at Dell.Services.SupportAssist.SupportAssistAgent.SupportAssistAgent.OnSessionChange(SessionChangeDescription changeDescription) Error: (04/29/2019 03:42:21 PM) (Source: SupportAssistAgent) (EventID: 0) (User: ) Description: An exception occurred in session change of service start: System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.MissingMethodException: Method not found: 'Windows.UI.Notifications.ToastNotificationHistory Windows.UI.Notifications.ToastNotificationManager.get_History()'. at Dell.Services.SupportAssist.Notification.Command.NotificationCommand.<DeleteNotificationWhileUninstall>d__23.MoveNext() at System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start[TStateMachine](TStateMachine& stateMachine) at Dell.Services.SupportAssist.Notification.Command.NotificationCommand.DeleteNotificationWhileUninstall() at Dell.Services.SupportAssist.Notification.Command.NotificationCommand.ShowNotificationsOnSessionUnlock(SessionChangeDescription changeDescription) --- End of inner exception stack trace --- at System.RuntimeMethodHandle.InvokeMethod(Object target, Object[] arguments, Signature sig, Boolean constructor) at System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(Object obj, Object[] parameters, Object[] arguments) at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) at Dell.Services.SupportAssist.SupportAssistAgent.BootStrapperMinimized.SessionChangeAction(SessionChangeDescription changeDescription) at Dell.Services.SupportAssist.SupportAssistAgent.SupportAssistAgent.OnSessionChange(SessionChangeDescription changeDescription) System errors: ============= Error: (05/03/2019 10:16:23 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY) Description: 0x8000002a119\??\C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-4029162235-4123474821-1798796012-1001-05032019221622384-ntuser.dat Error: (05/03/2019 10:13:26 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY) Description: 0x8000002a119\??\C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-4029162235-4123474821-1798796012-1001-05032019221326068-ntuser.dat Error: (05/03/2019 10:01:06 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY) Description: 0x8000002a119\??\C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-4029162235-4123474821-1798796012-1001-05032019220105586-ntuser.dat Error: (05/03/2019 08:01:05 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY) Description: 0x8000002a119\??\C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-4029162235-4123474821-1798796012-1001-05032019200104942-ntuser.dat Error: (05/03/2019 06:01:07 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY) Description: 0x8000002a119\??\C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-4029162235-4123474821-1798796012-1001-05032019180106446-ntuser.dat Error: (05/03/2019 03:01:06 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY) Description: 0x8000002a119\??\C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-4029162235-4123474821-1798796012-1001-05032019150105826-ntuser.dat Error: (05/03/2019 01:01:08 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY) Description: 0x8000002a119\??\C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-4029162235-4123474821-1798796012-1001-05032019130107457-ntuser.dat Error: (05/03/2019 10:53:59 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY) Description: 0x8000002a119\??\C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-4029162235-4123474821-1798796012-1001-05032019105358804-ntuser.dat Windows Defender: =================================== Date: 2019-02-11 12:55:55.152 Description: Windows Defender has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.281.118.0 Update Source: Microsoft Update Server Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.15400.5 Error code: 0x8024001e Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Date: 2019-02-11 12:55:55.027 Description: Windows Defender has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.281.118.0 Update Source: Microsoft Update Server Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.15400.5 Error code: 0x8024001e Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Date: 2018-11-14 19:44:17.719 Description: Windows Defender has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.267.423.0 Update Source: Microsoft Update Server Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.14800.3 Error code: 0x8024001e Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Date: 2018-11-14 19:44:17.719 Description: Windows Defender has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.267.423.0 Update Source: Microsoft Update Server Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.14800.3 Error code: 0x8024001e Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Date: 2018-10-05 23:22:38.867 Description: Windows Defender has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.267.423.0 Update Source: Microsoft Update Server Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.14800.3 Error code: 0x8024001e Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. CodeIntegrity: =================================== Date: 2019-03-02 20:25:44.841 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system. Date: 2019-03-02 20:25:44.552 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system. Date: 2019-02-12 20:58:12.032 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system. Date: 2019-02-12 20:58:11.602 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== BIOS: Dell Inc. A10 01/31/2018 Motherboard: Dell Inc. 0XHYJF Processor: Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz Percentage of memory in use: 51% Total physical RAM: 8092.45 MB Available physical RAM: 3930.43 MB Total Virtual: 16284.64 MB Available Virtual: 11482.54 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:921.73 GB) (Free:823.56 GB) NTFS \\?\Volume{bf46ccd3-8699-4344-adaf-a98d5ef1c047}\ (WINRETOOLS) (Fixed) (Total:0.73 GB) (Free:0.44 GB) NTFS \\?\Volume{17427eab-ad4a-4c51-a0ed-9360dedc8e62}\ (PBR Image) (Fixed) (Total:8.4 GB) (Free:0.73 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: B14CF434) Partition: GPT. ==================== End of Addition.txt ============================
  15. Thanks for the update Buffalo4. I got a note from the operations guys just a bit ago and they said they were done with the database maintenance and that everything was working normally. So I think we can hopefully call this event closed.
  16. Thanks for that info. It came back on for me yesterday (Friday) and it is now working just fine. While waiting, I did the total uninstall of SAS and installed it again, but my license wasn't recognized, most likely due to the datacenter problem. Later in the day everything was back up to snuff, including my license and latest definitions. All is well. Buffalo4
  17. Hi Everybody, Quick update -- we had a major failure at the datacenter that houses our databases. We've been working continuously to get it back up and running and I think we're getting close but as you've seen, there are still periods of downtime. We're trying to get it all resolved this evening (Friday 5/3 PDT). Thanks again for your patience! Geoff
  18. Same here with my Lifetime License. Started yesterday. Thanks, I haven't tried manual updating off the SAS site itself. Ver: 8.0.1038 Database Ver 15487 ( 05/02/2019) Curious? Where do you find the 'trace' number installed? Thanks, Buffalo4 PS: Running Win 10 Home 64 bit on a Desktop and Avast Free Edition and Windows Firewall PPS: Also allowed through Windows Firewall--only firewall I use
  19. Same problem here....can't connect to server
  20. I'm able to reach the site and manually download and install the definitions file (https://www.superantispyware.com/definitions.html), but the program has suddenly decided that it cannot connect to the update server. This happens every now and then, but it's usually a short-lived problem. I have exclusions in Malwarebytes and in Norton to exclude SAS, but neither of those programs have caused problems in a long time. I ran netsh winsock reset and a couple of other commands, then rebooted, but the error is still occurring. I haven't uninstalled and reinstalled SAS, although, if this keeps up, I might. What is the IP of the update servers so I can see if I can ping them?
  21. please disregard...it just now is picking up some tracking cookies ! Would like to remove the screen print image I posted above if possible but can't seem to do it.
  22. I ran a scan yesterday, finally stopped it at about 6 hours...it was finding nothing which one site in particular I usually go to, it picks up tracking cookies from there at least. I unistalled SAS and reinstalled to see if that would fix the problem, doesn't seem to have worked for am running a scan now, going on a little over an hour , and it still has not found anything. Normally it stops at about 1-1.5 hours or so. Memory scan complete, registry scan complete but it seems to just keep running under " total items scanned" screen shot below ( am blocking out my computer name ) any help greatly appreciated for a fix , am stopping the scan now so I may not have a log to post here if needed.
  23. MagicalHitican

    False Amazon emails

    A week ago I've received an email from Amazon telling me about some discounts available if I give some details of my payment card. I've nearly done so but I noticed that email address was not @amazon.com, but @amazon.gmail.com. So I started surfing and found wonderful article https://www.safetydetective.com/blog/what-is-phishing-and-how-to-protect-against-it/ telling me it was a kind of hacker attack. I'm really curious if SAS could protect me from all this ****.
  24. jadinolf

    Hello!

    You did good. Congrats.
  25. kbradio

    Scan is stopping

    Here is where the program is stopping when error occurred.
  26. kbradio

    Scan is stopping

    The software updates fine, but after 2 minutes in the scan I get the error popup to report it to Superantispyware and I've been doing this for over 2 months and still getting an error. I'm a Pro user. Please advise.
  27. Hoping for any direction. Tried updating today (15457) within program and via forced update (exe) download. Failed on both - tried several times - rebooted - still same. On the forced definition update it says Download def data > Complete - then Download unexpectedly large > Failure On regular updates > download incomplete Thanks for any help. (Windows 7 x64) - Using Avast AV (I did exclude sas and sas update exe files in Avast - no change)
  28. Hello. In my old updated 64-bit W7 HPE SP1 PC, SUPERAntiSpyware v8.0.1838 (free) says these downloaded files are infected with Trojan.Agent/Gen-Dropper: https://the.earth.li/~sgtatham/putty/latest/w64/putty.exe ftp://ftp.chiark.greenend.org.uk/users/sgtatham/putty-latest/w64/putty.exe https://the.earth.li/~sgtatham/putty/latest/w32/putty.exe ftp://ftp.chiark.greenend.org.uk/users/sgtatham/putty-latest/w32/putty.exe They were from https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html web page to download. Are these false positives? I hope so! Thank you for reading and hopefully answering soon.
  1. Load more activity
×