Topic: Running slow and programs slow to respond
View Single Post
  #5  
Old August 11th, 2021, 10:15 PM
EDO EDO is offline
Senior Member
  
Join Date: May 2004
Posts: 464
Frst #2
System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8D94727F-5E8E-4696-80AD-4B68BD8A8F29} - System32\Tasks\PocketCloudVirtualChannel => C:\Program Files (x86)\Wyse\PocketCloud\WPCRDPVirtualChannelServer. exe [17200 2013-08-22] (Wyse Technology Inc -> )
Task: {8E40AD82-12A0-4523-8176-1B8813CB15A2} - System32\Tasks\Dell\Dell Product Registration Update => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [157216 2014-10-31] (Leader Technologies Inc -> Aviata Inc)
Task: {9457B8C0-784A-4C3E-88F0-602408251BF1} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1131992 2017-09-14] (Dell Inc. -> PC-Doctor, Inc.)
Task: {9682121B-D9B8-4A9D-BE6D-D1B942EA39F6} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistIns taller.exe [1060384 2021-07-17] (Dell Inc -> Dell Inc.)
Task: {B25F03A6-2C87-441A-B143-9059BAF1810F} - System32\Tasks\PocketCloudUpdater => C:\Program [Argument = Files (x86)\Wyse\PocketCloud\Updater.exe]
Task: {BDFDD787-F2C3-4AE7-ABFB-5C92BC1FBE0F} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => c:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\Backgro undConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D52DAD61-A9E8-4ECF-9D60-853313B44058} - System32\Tasks\PocketCloud => C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudDesktopApp.exe [713008 2013-08-22] (Wyse Technology Inc -> )
Task: {DF8AB0AC-9A2F-4B70-88C0-51FB02590D54} - System32\Tasks\Dell\Dell Product Registration => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [157216 2014-10-31] (Leader Technologies Inc -> Aviata Inc)
Task: {E605B462-C23B-4183-8A63-37305F10A57A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {FDE5167A-2CCF-4B65-B96B-E79860721AC6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{459d13af-9b75-4a43-b05f-855e141de95f}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{48adc69b-9fb3-4197-9efc-8e100029ad8d}: [DhcpNameServer] 192.168.1.1

Edge:
=======
DownloadDir: C:\Users\Ed\Downloads
Edge Notifications: HKU\S-1-5-21-218343863-661377091-144714471-1001 -> hxxps://www.aol.com; hxxps://www.facebook.com; hxxps://sugarfreelondoner.com; hxxps://www.instagram.com; hxxps://filmora.wondershare.net; hxxps://mail.google.com
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (Web Threat Shield) -> EdgeExtension_68D6D712WebrootWebThreatShieldUWPEdg e_3n9w82bea0x6e => C:\Program Files\WindowsApps\68D6D712.Webroot.WebThreatShield .UWP.Edge_1.10.20077.0_x64__3n9w82bea0x6e [2020-03-26]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Ed\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-11]
Edge DownloadDir: Default -> C:\Users\Ed\Downloads
Edge Notifications: Default -> hxxps://filmora.wondershare.net; hxxps://mail.google.com; hxxps://sugarfreelondoner.com; hxxps://www.aol.com; hxxps://www.calafiaairlines.com; hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www.shopcrush.com; hxxps://www.volaris.com
Edge Extension: (Web Threat Shield) - C:\Users\Ed\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fmkaflbamgddpjacdmjlkhbnpn lemaea [2021-03-05]
Edge Extension: (Capital One Shopping: Add to Edge for free) - C:\Users\Ed\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kiiaghlmeikbpmeabhilfphikf cefljn [2021-08-05]

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-10-17] (CANON INC.) [File not signed]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-09] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-09] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-23] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default [2021-08-10]
CHR Notifications: Default -> hxxps://drive.google.com; hxxps://www.facebook.com; hxxps://www.instagram.com
CHR HomePage: Default -> mysearch.avg.com
CHR DefaultSearchURL: Default -> hxxps://mysearch.avg.com/search?rvt=1&sap=dsp&q={searchTerms}
CHR DefaultSearchKeyword: Default -> hxxps://mysearch.avg.com
CHR Extension: (Slides) - C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhon fmgoek [2017-10-12]
CHR Extension: (Docs) - C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfi lokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf [2020-10-30]
CHR Extension: (YouTube) - C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljnie djpjpf [2015-10-28]
CHR Extension: (*******) - C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbangkleohkafngihneedemihg feikcl [2014-12-08]
CHR Extension: (Sheets) - C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpeb giejap [2017-10-12]
CHR Extension: (Full Screen Weather) - C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemep fehibg [2015-05-11]
CHR Extension: (Google Docs Offline) - C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdl olhkhi [2021-07-01]
CHR Extension: (Google Play Music) - C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcf okfdhg [2016-06-07]
CHR Extension: (Surfer Girl) - C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhajakjmgifbldiijjjldlebm jljoib [2019-05-16]
CHR Extension: (Google Maps) - C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbea pigfbh [2015-09-20]
CHR Extension: (AVG Secure Search) - C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadj fpblof [2020-01-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2021-02-01]
CHR Extension: (Gmail) - C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcj beemfm [2021-07-24]
CHR Profile: C:\Users\Ed\AppData\Local\Google\Chrome\User Data\System Profile [2018-10-10]
CHR HKLM-x32\...\Chrome\Extension: [kjeghcllfecehndceplomkocgfbklffd]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [323152 2015-06-07] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed]
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [625976 2021-06-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:\Program Files (x86)\AVG\Antivirus\avgToolsSvc.exe [374072 2021-06-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe [8297584 2021-06-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 AvgWscReporter; C:\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe [109480 2021-05-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [426528 2021-07-13] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3834400 2021-07-13] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [452640 2021-07-13] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Ds api.exe [1020584 2021-07-05] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 Dell WMI Service; C:\Program Files (x86)\Dell\DELLOSD\DellOSDService.exe [73728 2013-11-19] () [File not signed]
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38600 2021-05-27] (Dell Inc -> )
S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2573520 2015-05-22] (Techporch Incorporated -> Dell Inc.)
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [278568 2014-10-31] (Leader Technologies Inc -> Aviata, Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.e xe [299680 2021-07-24] (HP Inc. -> HP Inc.)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 iumsvc; c:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6933272 2020-04-29] (Malwarebytes Inc -> Malwarebytes)
R2 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64184 2018-03-20] (Rivet Networks LLC -> CloudBees, Inc.)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [2065808 2016-01-04] (Dell Inc. -> SoftThinks SAS)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2011848 2018-03-20] (Rivet Networks LLC -> Rivet Networks)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-11-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [919992 2020-11-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAge nt.exe [39968 2021-07-17] (Dell Inc -> Dell Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WRCoreService; C:\Program Files\Webroot\Core\WRCoreService.x64.exe [1776776 2021-05-14] (Webroot -> Webroot, Inc.)
R2 WRSkyClient; C:\Program Files\Webroot\Core\WRSkyClient.x64.exe [3115544 2021-05-14] (Webroot -> Webroot, Inc.)
R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [5555632 2021-06-29] (Webroot Inc. -> Webroot)
R2 WysePocketCloud; C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe [16176 2013-08-22] (Wyse Technology Inc -> )
R2 WyseRemoteAccess; C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe [1785344 2013-08-19] (DELL Inc.) [File not signed]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 anvsnddrv; C:\WINDOWS\system32\drivers\anvsnddrv.sys [34416 2017-06-20] (Anvsoft Inc. -> AnvSoft Inc.)
R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [35848 2021-08-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [219104 2021-08-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [367696 2021-08-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [250448 2021-08-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [99440 2021-08-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [17336 2021-08-11] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R3 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [41504 2021-08-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [184768 2021-08-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [559960 2021-08-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [108552 2021-08-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [83064 2021-08-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [851864 2021-08-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [472072 2021-08-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [215536 2021-06-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [328720 2021-08-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [42376 2020-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-09-29] (Martin Malik - REALiX -> REALiX(tm))
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-06-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-06-01] (Malwarebytes Inc -> Malwarebytes)
R2 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [119528 2018-03-20] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [168968 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 wanatw; C:\WINDOWS\System32\drivers\wanatw64.sys [24064 2006-11-29] (Microsoft Windows Hardware Compatibility Publisher -> America Online, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 WRBoot; C:\WINDOWS\System32\drivers\WRBoot.sys [15800 2021-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> )
R1 WRCore; C:\Program Files\Webroot\Core\WRCore.x64.sys [331200 2021-04-21] (Webroot, Inc -> Webroot, Inc.)
R0 WRkrn; C:\WINDOWS\System32\drivers\WRkrn.sys [149224 2020-01-22] (Webroot Inc. -> Webroot)
R3 wrUrlFlt; C:\Windows\system32\DRIVERS\wrUrlFlt.sys [58304 2020-05-27] (Webroot, Inc -> Webroot)
U3 avgbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-11 13:56 - 2021-08-11 14:00 - 000049110 _____ C:\Users\Ed\Downloads\FRST.txt
2021-08-11 13:52 - 2021-08-11 13:58 - 000000000 ____D C:\FRST
2021-08-11 13:50 - 2021-08-11 13:51 - 002300416 _____ (Farbar) C:\Users\Ed\Downloads\FRST64.exe
2021-08-11 13:49 - 2021-08-11 13:48 - 000184357 _____ C:\Users\Ed\Desktop\Pension Period.jpeg
2021-08-11 13:43 - 2021-08-11 13:43 - 000188818 _____ C:\Users\Ed\Desktop\Bank Statement.jpeg
2021-08-11 13:19 - 2021-08-11 13:17 - 000340280 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2021-08-11 13:18 - 2021-08-11 13:17 - 000215544 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\aswaba076af73e4403c.tm p
2021-08-11 12:48 - 2021-08-11 12:47 - 000652807 _____ C:\Users\Ed\Desktop\Insurance Declaration page.jpeg
2021-08-11 12:46 - 2021-08-11 13:48 - 000000000 ___RD C:\Users\Ed\Documents\Scanned Documents
2021-08-11 12:46 - 2021-08-11 12:46 - 000000000 ____D C:\Users\Ed\Documents\Fax
2021-08-11 12:01 - 2021-08-11 12:01 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-11 11:59 - 2021-08-11 11:59 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-11 11:59 - 2021-08-11 11:59 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-08-11 11:59 - 2021-08-11 11:59 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-08-11 11:58 - 2021-08-11 11:58 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-08-11 11:58 - 2021-08-11 11:58 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-08-11 11:57 - 2021-08-11 11:57 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjec ts.dll
2021-08-11 11:01 - 2021-08-11 11:01 - 000000000 ___HD C:\$WinREAgent
2021-08-07 10:57 - 2021-08-07 10:57 - 000013447 _____ C:\Users\Ed\Downloads\ed_osuna_transactions_7.9.xl sx
2021-08-06 09:20 - 2021-03-15 17:12 - 000832635 _____ C:\Users\Ed\Desktop\Eds 2019 Tax Return.pdf
2021-08-05 13:12 - 2021-08-05 13:12 - 000211220 _____ C:\Users\Ed\Downloads\davis brookline UO Review.pdf
2021-08-05 13:09 - 2021-08-05 13:09 - 000227877 _____ C:\Users\Ed\Downloads\davis brookline Buyer addendum Review.pdf
2021-08-05 13:08 - 2021-08-05 13:08 - 000243004 _____ C:\Users\Ed\Downloads\Davis P S Draft 3 Review.pdf
2021-08-03 12:20 - 2021-08-03 12:20 - 000237897 _____ C:\Users\Ed\Downloads\Schwab June 5501-Osuna.pdf
2021-08-03 11:03 - 2021-08-03 11:03 - 000241690 _____ C:\Users\Ed\Downloads\Davis P S Draft.pdf
2021-08-03 06:50 - 2021-08-03 06:50 - 000152352 _____ C:\Users\Ed\Downloads\Pension-Ed.pdf
2021-08-03 06:44 - 2021-08-03 06:44 - 000088780 _____ C:\Users\Ed\Downloads\Chase Bank Trust-Donna.pdf
2021-08-03 06:40 - 2021-07-09 08:55 - 000052029 _____ C:\Users\Ed\Downloads\Donnas Social Security.pdf
2021-08-03 06:31 - 2021-07-04 12:59 - 000683370 _____ C:\Users\Ed\Downloads\DonnaOsuna Est IRA Mass.pdf
2021-08-03 06:24 - 2021-08-03 06:24 - 000156501 _____ C:\Users\Ed\Downloads\Schwab IRA-Donna.pdf
2021-08-03 06:23 - 2021-08-03 06:23 - 000158981 _____ C:\Users\Ed\Downloads\Schwab Inherit IRA-Donna.pdf
2021-08-03 06:22 - 2021-08-03 06:22 - 000188236 _____ C:\Users\Ed\Downloads\Schwab Invest-Osuna.pdf
2021-08-03 06:21 - 2021-08-03 06:21 - 000163327 _____ C:\Users\Ed\Downloads\Schwab IRA-Ed.pdf
2021-08-03 06:19 - 2021-08-03 06:20 - 000282094 _____ C:\Users\Ed\Downloads\Royal Alliance-Osuna.pdf
2021-08-03 06:18 - 2021-08-03 06:18 - 000147391 _____ C:\Users\Ed\Downloads\Jackson IRA-Donna.pdf
2021-08-03 06:17 - 2021-08-03 06:17 - 000153169 _____ C:\Users\Ed\Downloads\Jackson IRA-Ed.pdf
2021-08-03 06:15 - 2021-08-03 06:15 - 000013797 _____ C:\Users\Ed\Downloads\Pentagon Credit Union-Osuna.PDF
2021-08-03 06:11 - 2021-08-03 06:11 - 002381032 _____ C:\Users\Ed\Downloads\Eagle Credit Union-DonnaPDF.PDF
2021-08-03 06:10 - 2021-08-03 06:10 - 002373012 _____ C:\Users\Ed\Downloads\Eagle Credit Union-Ed.PDF
2021-08-03 06:08 - 2021-08-03 06:08 - 000023799 _____ C:\Users\Ed\Downloads\Union Bank-Osuna.pdf
2021-08-01 23:59 - 2021-06-29 05:43 - 000159864 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus2.sys
2021-07-14 12:56 - 2021-07-14 12:56 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-07-14 12:56 - 2021-07-14 12:56 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-07-14 12:56 - 2021-07-14 12:56 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-07-14 12:56 - 2021-07-14 12:56 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-11 14:00 - 2019-12-07 02:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-11 13:43 - 2014-12-08 14:09 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-11 13:40 - 2014-09-01 17:36 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2021-08-11 13:33 - 2014-12-08 15:07 - 000000000 ___RD C:\Users\Ed\OneDrive
2021-08-11 13:32 - 2020-12-06 17:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-11 13:32 - 2020-03-24 17:14 - 000000000 ____D C:\Users\Ed\AppData\Local\Amazon Music
2021-08-11 13:30 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-11 13:30 - 2017-09-15 10:53 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-08-11 13:30 - 2016-03-14 09:23 - 000000000 __SHD C:\Users\Ed\IntelGraphicsProfiles
2021-08-11 13:20 - 2020-12-06 17:48 - 000004004 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2021-08-11 13:19 - 2019-12-07 02:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-08-11 13:17 - 2020-10-14 00:13 - 000184768 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2021-08-11 13:17 - 2020-06-19 17:15 - 000559960 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgNetHub.sys
2021-08-11 13:17 - 2019-01-06 09:57 - 000250448 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2021-08-11 13:17 - 2019-01-06 09:57 - 000099440 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2021-08-11 13:17 - 2018-11-03 12:58 - 000041504 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2021-08-11 13:17 - 2018-07-18 08:37 - 000017336 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgElam.sys
2021-08-11 13:17 - 2017-10-07 12:09 - 000472072 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2021-08-11 13:17 - 2017-10-07 12:09 - 000328720 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2021-08-11 13:17 - 2017-10-07 12:09 - 000108552 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2021-08-11 13:17 - 2017-10-07 12:09 - 000083064 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2021-08-11 13:16 - 2019-01-14 14:29 - 000367696 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2021-08-11 13:16 - 2019-01-06 09:57 - 000035848 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2021-08-11 13:16 - 2017-11-27 19:32 - 000219104 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2021-08-11 13:16 - 2017-10-07 12:09 - 000851864 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2021-08-11 13:13 - 2020-12-06 17:25 - 000842418 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-11 13:13 - 2019-12-07 02:13 - 000000000 ____D C:\WINDOWS\INF
2021-08-11 13:09 - 2017-10-07 12:04 - 000000000 ____D C:\ProgramData\Avg
2021-08-11 13:09 - 2015-06-09 18:08 - 000000000 ____D C:\ProgramData\WRData
2021-08-11 13:08 - 2020-12-06 17:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-11 13:08 - 2020-12-06 16:59 - 000445656 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-11 13:08 - 2017-09-15 11:10 - 000000790 _____ C:\Users\Public\Desktop\Webroot SecureAnywhere.lnk
2021-08-11 13:08 - 2015-06-09 18:09 - 000277528 _____ (Webroot) C:\WINDOWS\SysWOW64\WRusr.dll
2021-08-11 13:08 - 2015-06-09 18:09 - 000229008 _____ (Webroot) C:\WINDOWS\system32\WRusr.dll
2021-08-11 13:07 - 2020-12-06 16:59 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-11 13:06 - 2019-12-07 02:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-08-11 13:02 - 2019-12-07 02:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-08-11 13:02 - 2019-12-07 02:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-08-11 13:02 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-08-11 13:02 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-11 13:02 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-08-11 13:02 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-08-11 13:02 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-08-11 13:02 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-11 13:02 - 2019-12-07 02:03 - 000000000 ____D C:\WINDOWS\servicing
2021-08-11 12:51 - 2014-12-30 09:17 - 000000000 ____D C:\Users\Ed\AppData\Local\CrashDumps
2021-08-11 12:13 - 2019-12-07 02:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-11 10:56 - 2014-12-11 18:23 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-11 10:52 - 2014-12-11 18:23 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-11 08:47 - 2020-12-06 17:48 - 000004146 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronizatio n-{585E07E5-E9A4-4A12-ABCE-CD66CB4101FF}
2021-08-10 15:36 - 2014-12-15 19:30 - 000000000 ____D C:\Users\Ed\Documents\Donna's Documents
2021-08-09 15:51 - 2019-12-07 02:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-09 14:46 - 2018-02-28 20:03 - 000000000 ____D C:\Users\Ed\AppData\Local\Packages
2021-08-07 10:20 - 2020-07-08 19:56 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-07 10:20 - 2020-07-08 19:56 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-08-05 10:55 - 2017-03-07 12:58 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-08-05 10:55 - 2014-12-08 14:10 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-05 10:46 - 2020-12-06 17:48 - 000003358 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-218343863-661377091-144714471-1001
2021-08-05 10:46 - 2020-12-05 21:56 - 000002410 _____ C:\Users\Ed\AppData\Roaming\Microsoft\Windows\Star t Menu\Programs\OneDrive.lnk
2021-08-05 10:36 - 2020-12-06 17:48 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineU A
2021-08-05 10:36 - 2020-12-06 17:48 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineC ore
2021-08-03 12:40 - 2014-09-01 17:33 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2021-08-03 12:35 - 2020-12-06 17:48 - 000003914 _____ C:\WINDOWS\system32\Tasks\Dell SupportAssistAgent AutoUpdate
2021-08-02 05:59 - 2020-03-24 17:15 - 000001284 _____ C:\Users\Ed\Desktop\Amazon Music.lnk
2021-07-31 20:21 - 2017-12-13 15:44 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-07-31 20:16 - 2021-01-11 17:30 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskM achineCore1d6cc2f5e0ef5d5
2021-07-31 20:16 - 2020-12-06 17:48 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskM achineUA
2021-07-26 13:48 - 2021-05-13 16:32 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2021-07-24 11:32 - 2021-04-06 10:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2021-07-20 11:38 - 2018-06-21 10:05 - 000000000 ____D C:\Users\Ed\AppData\Local\PlaceholderTileLogoFolde r
2021-07-15 00:21 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-07-15 00:21 - 2019-12-07 02:14 - 000000000 ____D C:\Program Files\Common Files\System

==================== Files in the root of some directories ========

2015-01-07 18:40 - 2015-05-30 08:08 - 010395072 _____ (Webroot Software, Inc.) C:\Program Files (x86)\Common Files\wruninstall.exe
2015-02-06 16:48 - 2015-02-06 16:48 - 000000017 _____ () C:\Users\Ed\AppData\Local\resmon.resmoncfg

==================== FLock ==============================

2016-03-20 12:46 C:\System Recovery

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Reply With Quote