Jump to content


Photo

Surface Pro started to slow down big time


  • Please log in to reply
3 replies to this topic

#1 Carlgrus

Carlgrus

    Advanced Member

  • Full Member
  • PipPipPip
  • 151 posts

Posted 29 March 2021 - 09:04 AM

I've noticed in the last week, what was an extremely fast Surface Pro, is now starting to slow way down.  Outlook takes time to open, whereas before it was almost instant.  And other programs, like ACT, are sluggish...I'm posting the logs from Malwarebytes, Farbar and Security Analysis... Thank you.  

 

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 3/29/21
Scan Time: 10:16 AM
Log File: 52ca3e06-9099-11eb-920f-c8348e022bf6.json

-Software Information-
Version: 4.3.0.98
Components Version: 1.0.1130
Update Package Version: 1.0.38859
License: Premium

-System Information-
OS: Windows 10 (Build 19041.870)
CPU: x64
File System: NTFS
User: DESKTOP-RA8BHB0\cruss

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 316610
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 7 min, 52 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-03-2021
Ran by cruss (administrator) on DESKTOP-RA8BHB0 (Microsoft Corporation Surface Laptop 3) (29-03-2021 09:58:52)
Running from C:\Users\cruss\Downloads
Loaded Profiles: cruss
Platform: Windows 10 Pro Version 20H2 19042.870 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\ActConnectLink\nssm-x64.exe
() [File not signed] C:\Program Files (x86)\ACT\Act.Web.API\bin\act.web.api.hosting.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Driver Updater\DriverUpdSvc.exe
(Cisco WebEx LLC -> Cisco WebEx LLC) C:\Windows\SysWOW64\atashost.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\118.4.460\QtWebEngineProcess.exe <3>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Remote Desktop\89.0.4389.25\remoting_host.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Heimdal Security A/S -> Heimdal Security) C:\Program Files (x86)\Heimdal\Heimdal.ClientHost.exe
(Heimdal Security A/S -> Heimdal Security) C:\Program Files (x86)\Heimdal\Heimdal.UpdateService.exe
(Heimdal Security A/S -> Heimdal Security) C:\Program Files (x86)\Heimdal\Heimdal.UptimeChecker.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
(Informer Technologies, Inc.) [File not signed] C:\Program Files\Software Informer\softinfo.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxCUIServiceN.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxEMN.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_e3868713e3d137ef\esif_uf.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_dc16e5f1dbf8051f\IntelCpHDCPSvc.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Driver Booster\8.3.0\Pub\PubPlatform.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\GoToAssist Remote Support Customer\1692\g2ax_comm_customer.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\GoToAssist Remote Support Customer\1692\g2ax_service.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\GoToAssist Remote Support Customer\1692\g2ax_system_customer.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\GoToAssist Remote Support Customer\1692\g2ax_user_customer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.ACT7\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\cruss\AppData\Local\Microsoft\OneDrive\21.030.0211.0002\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\cruss\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.20122.11121.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Studios) C:\Program Files\WindowsApps\Microsoft.MicrosoftSudoku_2.2.10190.0_x64__8wekyb3d8bbwe\MicrosoftSudoku.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft) [File not signed] C:\Program Files (x86)\ACT\Act for Windows\Act.Server.Host.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <7>
(PDFescape -> Red Software) C:\Program Files\PDFescape Desktop\updater-ws.exe
(PDFescape -> Red Software) C:\Program Files\PDFescape Desktop\ws.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\hdxsstm2.inf_amd64_c35d55c7be468679\RtkAudUService64.exe <2>
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Sanford, L.P. -> Sanford, L.P.) C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe
(Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\IAS\IntelAudioService.exe
(Swiftpage ACT! LLC -> Swiftpage ACT! LLC) C:\Program Files (x86)\ACT\Act for Windows\Act!.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\hdxsstm2.inf_amd64_c35d55c7be468679\RtkAudUService64.exe [835680 2020-12-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [116960 2021-03-02] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [TechSmithSnagit] => C:\Program Files\TechSmith\Snagit 2020\Snagit32.exe [9487328 2020-09-29] (TechSmith Corporation -> TechSmith Corporation)
HKLM\...\Run: [DriverUpdUI.exe] => C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe [2874592 2021-03-17] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7992040 2021-03-16] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKLM-x32\...\Run: [Act! Preloader] => C:\Program Files (x86)\ACT\Act for Windows\Act!.exe [272336 2019-10-23] (Swiftpage ACT! LLC -> Swiftpage ACT! LLC)
HKLM-x32\...\Run: [ISPA] => C:\Program Files (x86)\ACT\Act for Windows\Integration Services Patch for Act!\ISPA.exe [15704064 2020-02-26] () [File not signed]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [HeimdalAgentLoader] => C:\Program Files (x86)\Heimdal\Heimdal.AgentLoader.exe [43592 2020-12-10] (Heimdal Security A/S -> Heimdal Security)
HKLM-x32\...\Run: [Zwift] => C:\Program Files (x86)\Zwift\ZwiftLauncher.exe [18040424 2020-11-04] (Zwift, Inc. -> Zwift, Inc)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33169992 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-10-26] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2019-10-26] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [DymoQuickPrint] => C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe [1866544 2013-03-05] (Sanford, L.P. -> Sanford, L.P.)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [AvastBrowserAutoLaunch_38E8DBE963846923F5008B0D528FC97A] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2250232 2021-03-14] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [ZoomInfo Contact Contributor] => C:\Users\cruss\AppData\Local\ZoomInfoCEUtility\launch.bat [108 2021-01-11] () [File not signed]
HKLM\...\Print\Monitors\HP 5912 Status Monitor: C:\WINDOWS\system32\hpinksts5912LM.dll [331664 2012-06-18] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Officejet Pro 8600): C:\WINDOWS\system32\HPDiscoPM5912.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\PDFescape Desktop Monitor: C:\WINDOWS\system32\spool\DRIVERS\x64\pdfescape desktop_pdfpmon_v.4.12.26.3.dll [932984 2020-12-03] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\...\Print\Monitors\rica5Xlm: C:\WINDOWS\system32\rica5Xlm.dll [28160 2013-12-26] (Microsoft Windows Hardware Compatibility Publisher -> RICOH CO.,Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.83\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\89.0.8688.91\Installer\chrmstp.exe [2021-03-18] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.90\Installer\chrmstp.exe [2021-03-16] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Act! Integration.lnk [2020-04-01]
ShortcutTarget: Act! Integration.lnk -> C:\Program Files (x86)\ACT\Act for Windows\Act!.Integration.exe (Swiftpage ACT! LLC) [File not signed]
Startup: C:\Users\cruss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk [2021-03-29]
ShortcutAndArgument: Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Officejet Pro 8600\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN36QDXGHQ05KC;CONNECTION=NW;MONITOR=1;
BootExecute: autocheck autochk * icarus_rvrt.exe
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {005A27F6-9FBB-4749-AA84-68E370C848B5} - System32\Tasks\Driver Booster SkipUAC (cruss) => C:\Program Files (x86)\IObit\Driver Booster\8.3.0\DriverBooster.exe [8152016 2021-02-03] (IObit Information Technology -> IObit)
Task: {0565D503-41ED-405D-89F6-192A6930C1AA} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-11-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {07666173-3780-4E7D-8088-420A5C8E4109} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-03] (Google Inc -> Google LLC)
Task: {085643D0-ECCF-4717-8717-7A249497AC7F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141184 2021-03-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {08771E63-8864-46A1-8C13-AFFEBD9E9D8A} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4682976 2021-03-02] (Avast Software s.r.o. -> AVAST Software)
Task: {0BAF53F1-AF06-457D-89A4-7BA1D0129EBF} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-26] (Avast Software s.r.o. -> AVAST Software)
Task: {201FD886-3793-4EA8-972D-547FC18F51CB} - System32\Tasks\G2MUploadTask-S-1-5-21-3941208988-4064051922-1525667148-1001 => C:\Users\cruss\AppData\Local\GoToMeeting\19228\g2mupload.exe [31320 2020-12-18] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {2699BFE8-133C-4FA4-A84E-38F20A0783BE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-03] (Google Inc -> Google LLC)
Task: {2A6199A1-F252-4C33-B4A4-5ECA328726AC} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [67896 2019-10-26] (Apple Inc. -> Apple Inc.)
Task: {2E8ABB52-80C1-4D48-AE5E-B37AB4F1E00A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [6944304 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {32921F43-FBA2-4E58-A211-9B1FB05F2847} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23080824 2021-03-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {368FEC66-27BD-41E3-BC1A-26BEBD11F6F7} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-11-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {36ABA044-37AC-4B54-886D-7452E5FC8B42} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\8.3.0\AutoUpdate.exe [2268432 2020-12-23] (IObit Information Technology -> IObit)
Task: {48322853-9738-4EB9-9D00-AF706023EB04} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-26] (Avast Software s.r.o. -> AVAST Software)
Task: {486F2677-B1E8-4D04-B40B-3169F9542749} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2250232 2021-03-14] (Avast Software s.r.o. -> AVAST Software)
Task: {4B285B41-DAE1-4D70-AF1B-BC966F1FE2ED} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23080824 2021-03-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {55CED234-9B81-4F99-A8F2-045312885A22} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141184 2021-03-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {5E27775D-3D95-46C1-9CB7-93E2E3515B9F} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\8.3.0\Scheduler.exe [152848 2020-12-23] (IObit Information Technology -> IObit)
Task: {6FB855B8-FFD4-4808-A9F3-E71510B0C20A} - System32\Tasks\G2MUpdateTask-S-1-5-21-3941208988-4064051922-1525667148-1001 => C:\Users\cruss\AppData\Local\GoToMeeting\19228\g2mupdate.exe [31320 2020-12-18] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {72A8C9D0-EECE-475B-8B67-C982B4589E3D} - System32\Tasks\Avast Software\Avast Driver Updater BugReport => C:\Program Files\Avast Software\Driver Updater\AvBugReport.exe [4665568 2021-03-17] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 148 --programpath "C:\Program Files\Avast Software\Driver Updater\Setup\.." --configpath "C:\Program Files\Avast Software\Driver Updater\Setup" --path "C:\ProgramData\Avast Software\Driver Updater\log"  --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid f49bcb77-354e-4fa1-b521-40b247cda57e
Task: {7ACE9DAD-8BF7-4079-8594-9C959A60037E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {87BD8628-3366-49F5-ABFE-E10276366CA1} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1791712 2021-02-23] (Avast Software s.r.o. -> Avast Software)
Task: {8E6006E0-9E25-48F2-94F1-76A28B3DA319} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27616328 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {93142CA3-3C0A-4BDB-8524-421373C6C6C2} - System32\Tasks\SoftwareInformerService => C:\Program Files\Software Informer\softinfo.exe [1689600 2018-01-31] (Informer Technologies, Inc.) [File not signed]
Task: {93E9AC07-AE04-4A30-90D5-81963064F261} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {A0ACD289-6C75-4D8F-BBB1-167DE9645166} - System32\Tasks\Heimdal Security Service Monitor => C:\WINDOWS\SysWOW64\Heimdal Security\Heimdal Jobs\Heimdal.MonitorServices.exe [40520 2020-12-10] (Heimdal Security A/S -> Heimdal Security)
Task: {A614C253-0A36-4DFC-B80A-5DA18FE27BA8} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2250232 2021-03-14] (Avast Software s.r.o. -> AVAST Software)
Task: {B39F47C6-C83B-49FD-9DD6-63F2EC5C7E16} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [7192192 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {BCAEC4FE-76EC-4F3B-AA26-5DCBBC44B718} - System32\Tasks\Avast Software\Avast Driver Updater Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-du\icarus.exe [5493472 2021-02-15] (Avast Software s.r.o. -> Avast Software)
Task: {C23E5BFD-9D64-4709-9493-C8F099A93292} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [7651984 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {D5C78CBF-B55E-4763-ADB0-E31334395285} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-18] (Piriform Software Ltd -> Piriform)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3941208988-4064051922-1525667148-1001.job => C:\Users\cruss\AppData\Local\GoToMeeting\19228\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3941208988-4064051922-1525667148-1001.job => C:\Users\cruss\AppData\Local\GoToMeeting\19228\g2mupload.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 8.8.8.8
Tcpip\..\Interfaces\{1939fd7b-6712-4265-a4c3-e6b48f2ce4ff}: [DhcpNameServer] 192.168.1.1 8.8.8.8
Tcpip\..\Interfaces\{33347b93-ef08-4106-bed9-5c6c8371d79a}: [DhcpNameServer] 192.168.1.1 8.8.8.8
Tcpip\..\Interfaces\{e5e98d18-3337-4e3d-b67d-43a7156029e8}: [DhcpNameServer] 192.168.0.1 192.168.0.1

Edge:
=======
DownloadDir: C:\Users\cruss\Downloads
Edge Extension: (No Name) -> EdgeExtension_DashlaneDashlaneEdgeExtension_ks9qrcqmdm1bm => C:\Program Files\WindowsApps\Dashlane.DashlaneEdgeExtension_6.2020.3.0_neutral__ks9qrcqmdm1bm [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\cruss\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-29]
Edge HomePage: Default -> hxxps://www.bing.com/?pc=U528
Edge StartupUrls: Default -> "hxxps://www.bing.com/?pc=U528"
Edge Extension: (Dashlane - Password Manager) - C:\Users\cruss\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gehmmocbbkpblljhkekmfhjpfbkclbph [2021-03-26]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\cruss\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-03-16]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: g5xy1w6g.default
FF ProfilePath: C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\g5xy1w6g.default [2020-12-03]
FF ProfilePath: C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\me5mm2m4.default-release-1581612878046 [2021-03-29]
FF Homepage: Mozilla\Firefox\Profiles\me5mm2m4.default-release-1581612878046 -> hxxps://www.bing.com/?pc=U528
FF Notifications: Mozilla\Firefox\Profiles\me5mm2m4.default-release-1581612878046 -> hxxps://zwiftinsider.com; hxxps://www.youtube.com
FF Extension: (Facebook Container) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\me5mm2m4.default-release-1581612878046\Extensions\@contain-facebook.xpi [2020-10-01]
FF Extension: (Cisco Webex Extension) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\me5mm2m4.default-release-1581612878046\Extensions\ciscowebexstart1@cisco.com.xpi [2021-03-23]
FF Extension: (iCloud Bookmarks) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\me5mm2m4.default-release-1581612878046\Extensions\firefoxdav@icloud.com.xpi [2020-02-13]
FF Extension: (Dashlane) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\me5mm2m4.default-release-1581612878046\Extensions\jetpack-extension@dashlane.com.xpi [2021-03-15] [UpdateUrl:hxxps://ws1.dashlane.com/5/binaries/query?logins=&platform=firefox&target=ff_web_extension&format=json&version=]
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\me5mm2m4.default-release-1581612878046\Extensions\sp@avast.com.xpi [2020-07-06]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\me5mm2m4.default-release-1581612878046\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-03-16]
FF Extension: (Zoom Scheduler) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\me5mm2m4.default-release-1581612878046\Extensions\{bf855ead-d7c3-4c7b-9f88-9a7e75c0efdf}.xpi [2021-02-02]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\me5mm2m4.default-release-1581612878046\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-01-29]
FF Extension: (Safe Search powered by Yahoo) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\me5mm2m4.default-release-1581612878046\Extensions\{fd299ce1-1602-4490-b659-f45504f9324c}.xpi [2020-06-02] [UpdateUrl:hxxps://addons.safetybrowsing.com/gyff/updates.json]
FF HKLM\...\Firefox\Extensions: [pdfescape_desktop_conv_v.1@pdfescape.com] - C:\Program Files\PDFescape Desktop\creator\plugins\FirefoxAddin\pdfescape_desktop_conv_v.1@pdfescape.com.xpi
FF Extension: (PDFescape Desktop Creator) - C:\Program Files\PDFescape Desktop\creator\plugins\FirefoxAddin\pdfescape_desktop_conv_v.1@pdfescape.com.xpi [2019-06-13]
FF HKLM-x32\...\Firefox\Extensions: [pdfescape_desktop_conv_v.1@pdfescape.com] - C:\Program Files\PDFescape Desktop\creator\plugins\FirefoxAddin\pdfescape_desktop_conv_v.1@pdfescape.com.xpi
FF HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Firefox\Extensions: [{442718d9-475e-452a-b3e1-fb1ee16b8e9f}] - C:\Users\cruss\AppData\Roaming\Dashlane\6.2007.0.32704\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f} => not found
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @dymo.com/DymoLabelFramework -> C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll [2013-03-05] (Sanford, L.P. ->  Sanford L.P.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-01-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-01-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin ProgramFiles/Appdata: C:\Users\cruss\AppData\Roaming\mozilla\plugins\npatgpc.dll [2020-04-01]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default [2021-03-29]
CHR HomePage: Default -> hxxps://www.bing.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://ssl.gstatic.com/chromoting/chromoting_logo_512.png
CHR Extension: (Slides) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-03]
CHR Extension: (Docs) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-03]
CHR Extension: (Google Drive) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-28]
CHR Extension: (Bitmoji) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfgdeiadkckfbkeigkoncpdieiiefpig [2021-03-22]
CHR Extension: (YouTube) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-03]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-01-29]
CHR Extension: (Chrome Remote Desktop) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\efmjfjelnicpmdcmfikempdhlmainjcb [2020-03-04]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-11-10]
CHR Extension: (Dashlane - Password Manager) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2021-03-24]
CHR Extension: (Sheets) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-03]
CHR Extension: (Chrome Remote Desktop) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-11-03]
CHR Extension: (Google Docs Offline) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-24]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-03-24]
CHR Extension: (Chrome Remote Desktop) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2019-11-03]
CHR Extension: (Disconnect) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2020-10-08]
CHR Extension: (Cisco Webex Extension) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2020-06-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-24]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U2 ActConnectLink; C:\ActConnectLink\nssm-x64.exe [331264 2014-08-31] () [File not signed]
R2 ActService; C:\Program Files (x86)\ACT\Act for Windows\Act.Server.Host.exe [27136 2019-10-23] (Microsoft) [File not signed]
R2 ActSmartTaskService; C:\Program Files (x86)\ACT\Act for Windows\Act.Server.Host.exe [27136 2019-10-23] (Microsoft) [File not signed]
R2 ActWebApiService; C:\Program Files (x86)\ACT\Act.Web.API\bin\act.web.api.hosting.exe [22016 2020-03-06] () [File not signed]
S2 ActWebHookMessengerService; C:\Program Files (x86)\ACT\act.webhook.notifications\bin\act.webhook.notifications.exe [92160 2020-03-06] () [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7879704 2021-03-29] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621608 2021-03-02] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [352480 2021-03-02] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-26] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\89.0.8688.91\elevation_service.exe [1504864 2021-03-14] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56904 2021-03-02] (Avast Software s.r.o. -> AVAST Software)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\89.0.4389.25\remoting_host.exe [72808 2021-01-27] (Google LLC -> Google LLC)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8990072 2021-03-11] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-11-03] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-11-03] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44272 2021-03-16] (Dropbox, Inc -> Dropbox, Inc.)
R2 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [5903584 2021-03-17] (Avast Software s.r.o. -> AVAST Software)
R2 DymoPnpService; C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [33072 2013-03-05] (Sanford, L.P. -> Sanford, L.P.)
R2 GoToAssist Remote Support Customer; C:\Program Files (x86)\GoToAssist Remote Support Customer\1692\g2ax_service.exe [615632 2020-10-30] (LogMeIn, Inc. -> LogMeIn, Inc.)
S3 Heimdal Admin Privilege; C:\Program Files (x86)\Heimdal\Heimdal.AdminPrivilege.exe [129608 2020-12-10] (Heimdal Security A/S -> Heimdal Security)
S3 Heimdal Antivirus; C:\Program Files (x86)\Heimdal\Heimdal.Antivirus.exe [324680 2020-12-10] (Heimdal Security A/S -> Heimdal Security)
R2 Heimdal Client Host; C:\Program Files (x86)\Heimdal\Heimdal.ClientHost.exe [127048 2020-12-10] (Heimdal Security A/S -> Heimdal Security)
S2 Heimdal DarkLayer Guard; C:\Program Files (x86)\Heimdal\Heimdal.DarkLayerGuard.exe [197192 2020-12-10] (Heimdal Security A/S -> Heimdal Security)
S3 Heimdal Firewall; C:\Program Files (x86)\Heimdal\Heimdal.Firewall.exe [68680 2020-12-10] (Heimdal Security A/S -> Heimdal Security)
S3 Heimdal MailSentry; C:\Program Files (x86)\Heimdal\Heimdal.MailSentry.exe [81480 2020-12-10] (Heimdal Security A/S -> Heimdal Security)
R2 Heimdal Update Service; C:\Program Files (x86)\Heimdal\Heimdal.UpdateService.exe [59464 2020-06-25] (Heimdal Security A/S -> Heimdal Security)
R2 Heimdal Uptime Checker; C:\Program Files (x86)\Heimdal\Heimdal.UptimeChecker.exe [63560 2020-12-10] (Heimdal Security A/S -> Heimdal Security)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-01-05] (Malwarebytes Inc -> Malwarebytes)
R2 MSSQL$ACT7; C:\Program Files\Microsoft SQL Server\MSSQL12.ACT7\MSSQL\Binn\sqlservr.exe [370368 2015-06-10] (Microsoft Corporation -> Microsoft Corporation)
R3 PDFescape Desktop; C:\Program Files\PDFescape Desktop\ws.exe [2452344 2019-07-01] (PDFescape -> Red Software)
S3 PDFescape Desktop Creator; C:\Program Files\PDFescape Desktop\creator\common\creator-ws.exe [575352 2019-07-01] (PDFescape -> Red Software)
R2 PDFescape Desktop Update Service; C:\Program Files\PDFescape Desktop\updater-ws.exe [1383800 2019-07-01] (PDFescape -> Red Software)
S2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13688656 2021-03-24] (Adlice -> )
R2 RtkAudioUniversalService; C:\WINDOWS\System32\DriverStore\FileRepository\hdxsstm2.inf_amd64_c35d55c7be468679\RtkAudUService64.exe [835680 2020-12-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5352528 2021-03-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 SQLAgent$ACT7; C:\Program Files\Microsoft SQL Server\MSSQL12.ACT7\MSSQL\Binn\SQLAGENT.EXE [613056 2015-06-10] (Microsoft Corporation -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12849960 2021-03-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZoomCptService; "C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe" -user_path "C:\Users\Default\AppData\Roaming\Zoom"

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35648 2021-03-02] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208024 2021-03-02] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [357320 2021-03-02] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [249304 2021-03-02] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [98760 2021-03-02] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-28] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41272 2021-03-02] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175248 2021-03-02] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [521336 2021-03-02] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107784 2021-03-02] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83360 2021-03-02] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850112 2021-03-02] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [465160 2021-03-18] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215328 2021-03-02] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-03-02] (Avast Software s.r.o. -> AVAST Software)
S3 JitDriver; C:\windows\system32\drivers\JitDriver.sys [23040 2020-03-23] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [52832 2019-06-18] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [218112 2021-01-05] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-01-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2021-01-05] (Malwarebytes Inc -> Malwarebytes)
S4 RsFx0300; C:\WINDOWS\System32\DRIVERS\RsFx0300.sys [247488 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
R3 rtump64x64; C:\WINDOWS\System32\drivers\rtump64x64.sys [881760 2021-03-19] (Realtek Semiconductor Corp. -> Realtek Corporation)
R3 SurfaceHidMini; C:\WINDOWS\System32\DriverStore\FileRepository\surfacehidminidriver.inf_amd64_3fa0445135c3dd86\SurfaceHidMiniDriver.sys [305112 2020-10-21] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfacePowerFilter; C:\WINDOWS\System32\DriverStore\FileRepository\surfacepowerfilter.inf_amd64_428a666856b52679\SurfacePowerFilter.sys [270136 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceUcmUcsiHidClient; C:\WINDOWS\System32\DriverStore\FileRepository\surfaceucmucsihidclient.inf_amd64_bed226a64c31fdb0\SurfaceUcmUcsiHidClient.sys [202040 2019-08-11] (Microsoft Corporation -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [351968 2019-11-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-11-03] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-29 09:58 - 2021-03-29 09:58 - 002298368 _____ (Farbar) C:\Users\cruss\Downloads\FRST64(1).exe
2021-03-29 09:52 - 2021-03-29 09:52 - 002011136 _____ (Farbar) C:\Users\cruss\Downloads\FRST.exe
2021-03-25 16:46 - 2021-03-25 16:46 - 028602216 _____ (Act! LLC ) C:\Users\cruss\Downloads\act2300update3.exe
2021-03-25 09:16 - 2021-03-25 09:16 - 040488656 _____ (Adlice Software ) C:\Users\cruss\Downloads\RogueKiller_setup(13).exe
2021-03-24 11:07 - 2021-03-24 11:08 - 000125168 _____ (Zoom Video Communications, Inc.) C:\Users\cruss\Downloads\Zoom_cm_fii5rZ9vvrZo4_mGmyOn88UygVEmjpL-wHOWsLRMY3W30w7kHuN@8OAKAxa7QBVyAVfu_k87f64c34af351759_.exe
2021-03-24 10:20 - 2021-03-24 10:20 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-03-22 18:14 - 2021-03-22 18:14 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-22 10:12 - 2021-03-20 07:40 - 000000932 _____ C:\Users\cruss\OneDrive\Documents\cc_20210320_074008.reg
2021-03-19 14:57 - 2021-03-19 14:57 - 001854072 _____ (Logitech, Inc.) C:\WINDOWS\system32\LkmdfCoInst.dll
2021-03-19 14:57 - 2021-03-19 14:57 - 000881760 _____ (Realtek Corporation ) C:\WINDOWS\system32\Drivers\rtump64x64.sys
2021-03-19 14:57 - 2021-03-19 14:57 - 000086648 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LHidFilt.Sys
2021-03-19 14:57 - 2021-03-19 14:57 - 000069240 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LMouFilt.Sys
2021-03-19 14:57 - 2021-03-19 14:57 - 000063096 _____ (Logitech, Inc.) C:\WINDOWS\system32\LMouFiltCoInst.dll
2021-03-19 14:57 - 2021-03-19 14:57 - 000018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2021-03-19 14:56 - 2021-03-19 14:56 - 000000000 ____D C:\ProgramData\ProductData
2021-03-19 14:55 - 2021-03-24 15:20 - 000002572 _____ C:\WINDOWS\system32\Tasks\Driver Booster Scheduler
2021-03-19 14:55 - 2021-03-24 15:20 - 000002558 _____ C:\WINDOWS\system32\Tasks\Driver Booster Update
2021-03-19 14:55 - 2021-03-24 15:20 - 000002398 _____ C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (cruss)
2021-03-19 14:55 - 2021-03-24 10:44 - 000000000 ____D C:\ProgramData\IObit
2021-03-19 14:55 - 2021-03-19 14:56 - 000000000 ____D C:\Users\cruss\AppData\LocalLow\IObit
2021-03-19 14:55 - 2021-03-19 14:55 - 000000000 ____D C:\Users\cruss\AppData\Roaming\IObit
2021-03-19 14:55 - 2021-03-19 14:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 8
2021-03-19 14:55 - 2021-03-19 14:55 - 000000000 ____D C:\Program Files (x86)\IObit
2021-03-19 14:54 - 2021-03-19 14:54 - 026393592 _____ (IObit ) C:\Users\cruss\Downloads\driver_booster_setup.exe
2021-03-18 09:56 - 2021-03-18 09:56 - 000083288 _____ (Zoom Video Communications, Inc.) C:\Users\cruss\Downloads\Zoom_cm_fo42anktZ9vvrZo4_mVkOzlcKRSGzVsBXq786yLPjjft6EYrodQL73@ftHUZmmBuz08dP+W_kbe8eadd09dd7e510_.exe
2021-03-17 16:23 - 2021-03-17 16:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-03-17 14:03 - 2021-03-17 14:04 - 000083288 _____ (Zoom Video Communications, Inc.) C:\Users\cruss\Downloads\Zoom_cm_fii5rZ9vvrZo4_m25gryUYI72TjppPJ7kWE6N37Gpg1oK3GyvAp@7-wAB3hu9HZDU2Va_k6c6f56a163213d21_.exe
2021-03-17 11:11 - 2021-03-17 11:11 - 000002297 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Driver Updater.lnk
2021-03-17 11:11 - 2021-02-15 07:50 - 000081632 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe
2021-03-17 10:59 - 2021-03-17 10:23 - 000000552 _____ C:\Users\cruss\OneDrive\Documents\cc_20210317_102315.reg
2021-03-16 13:49 - 2021-03-16 13:49 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-03-16 13:49 - 2021-03-16 13:49 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-03-16 13:49 - 2021-03-16 13:49 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-03-16 13:49 - 2021-03-16 13:49 - 000044272 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-03-15 15:29 - 2021-03-15 15:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Driver Updater
2021-03-15 12:00 - 2021-03-15 15:25 - 000000000 ____D C:\Program Files\Recuva
2021-03-15 12:00 - 2021-03-15 12:01 - 000000000 ____D C:\Program Files\Speccy
2021-03-15 12:00 - 2021-03-15 12:00 - 000000000 ____D C:\Program Files\Defraggler
2021-03-15 11:58 - 2021-03-15 11:58 - 037998072 _____ (Piriform Software Ltd) C:\Users\cruss\Downloads\CCleanerBundle-577-Setup.exe
2021-03-15 09:33 - 2021-03-15 09:33 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-15 09:33 - 2021-03-15 09:33 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-15 09:33 - 2021-03-15 09:33 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-15 09:33 - 2021-03-15 09:33 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-15 09:33 - 2021-03-15 09:33 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-15 09:26 - 2021-03-15 06:20 - 000002210 _____ C:\Users\cruss\OneDrive\Documents\cc_20210315_062046.reg
2021-03-15 09:26 - 2021-03-13 10:46 - 000006702 _____ C:\Users\cruss\OneDrive\Documents\cc_20210313_094632.reg
2021-03-15 08:44 - 2020-12-07 19:12 - 000493844 _____ C:\WINDOWS\system32\Drivers\dsp_fw_release.bin
2021-03-12 15:54 - 2021-03-24 11:05 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-03-09 13:45 - 2021-03-09 13:45 - 003388844 _____ C:\Users\cruss\Downloads\DG_Cleveland_OH_OM_-_Touchstone_Commercial_Partners.pdf
2021-03-09 12:53 - 2021-03-09 12:54 - 006144731 _____ C:\Users\cruss\Downloads\Dollar-General-Moosup-CT-OM-1.pdf
2021-03-02 15:00 - 2021-03-02 15:00 - 000083288 _____ (Zoom Video Communications, Inc.) C:\Users\cruss\Downloads\Zoom_cm_fii5rZ9vvrZo4_mVvwlw+X9yx+--t5YJHyh5ujsqcZ7o7ui5d8N@LjNUD3rd9LNiztoo_k643a75215ed65136_.exe
2021-03-02 10:20 - 2021-03-02 10:20 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-03-02 10:20 - 2021-03-02 10:20 - 000215328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-03-01 11:15 - 2021-03-01 11:15 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-01 11:15 - 2021-03-01 11:15 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-01 11:15 - 2021-03-01 11:15 - 001328400 _____ C:\WINDOWS\system32\FaceTrackerInternal.dll
2021-03-01 11:15 - 2021-03-01 11:15 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-01 11:15 - 2021-03-01 11:15 - 001282560 _____ C:\WINDOWS\system32\FaceProcessor.dll
2021-03-01 11:15 - 2021-03-01 11:15 - 000512864 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2021-03-01 11:15 - 2021-03-01 11:15 - 000480256 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-03-01 11:15 - 2021-03-01 11:15 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-01 11:15 - 2021-03-01 11:15 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-01 10:33 - 2021-02-27 17:18 - 000030264 _____ C:\Users\cruss\OneDrive\Documents\cc_20210227_161757.reg

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-29 10:00 - 2020-06-03 18:51 - 000041888 _____ C:\Users\cruss\Downloads\FRST.txt
2021-03-29 10:00 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-29 09:59 - 2020-02-11 14:07 - 000000000 ____D C:\FRST
2021-03-29 09:59 - 2019-11-03 17:46 - 000000000 ____D C:\Users\cruss\AppData\LocalLow\Mozilla
2021-03-29 09:59 - 2019-11-03 17:46 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-29 09:59 - 2019-11-03 15:02 - 000000000 ____D C:\Users\cruss\OneDrive\Documents\Outlook Files
2021-03-29 09:44 - 2020-08-14 13:03 - 000982036 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-29 09:44 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-29 09:40 - 2019-11-03 22:57 - 000000000 ____D C:\ProgramData\AVAST Software
2021-03-29 09:39 - 2019-11-03 22:54 - 000000000 ____D C:\Program Files\CCleaner
2021-03-29 09:37 - 2020-08-14 12:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-29 09:37 - 2020-08-14 12:51 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-29 09:37 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-03-29 09:37 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-03-29 09:37 - 2019-11-03 23:10 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2021-03-29 09:37 - 2019-11-03 15:16 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-03-29 09:37 - 2019-11-03 15:00 - 000000000 ___RD C:\Users\cruss\OneDrive
2021-03-29 09:37 - 2019-11-03 14:58 - 000000000 __SHD C:\Users\cruss\IntelGraphicsProfiles
2021-03-29 09:37 - 2019-10-07 16:02 - 000000000 ____D C:\Intel
2021-03-29 09:36 - 2019-12-07 05:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-03-29 09:34 - 2020-10-30 11:47 - 000000000 ____D C:\Users\cruss\OneDrive\Documents\CCleaner registry backups
2021-03-29 09:32 - 2020-08-14 12:59 - 000002888 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-03-29 09:32 - 2019-11-13 17:17 - 000000000 ____D C:\Users\cruss\AppData\Local\CrashDumps
2021-03-29 09:22 - 2020-08-14 12:59 - 000004168 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{7EA3E303-AC99-4D7B-B3DC-AF46E45FE8F3}
2021-03-29 09:20 - 2020-08-14 12:59 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-03-28 14:08 - 2020-08-14 12:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-28 13:49 - 2019-11-03 22:59 - 000000000 ____D C:\Users\cruss\AppData\Local\AVAST Software
2021-03-28 13:48 - 2020-08-14 12:59 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-03-28 13:23 - 2019-11-03 14:58 - 000000000 ____D C:\Users\cruss\AppData\Local\Packages
2021-03-28 13:22 - 2020-06-13 08:42 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-28 13:22 - 2020-06-13 08:42 - 000002286 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-03-28 13:22 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-28 13:22 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-26 15:12 - 2020-12-18 10:41 - 000000000 ____D C:\Users\cruss\OneDrive\Documents\Zwift
2021-03-26 15:10 - 2020-12-18 11:27 - 000000000 ____D C:\Program Files (x86)\Zwift
2021-03-25 09:18 - 2020-02-12 10:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2021-03-25 09:18 - 2020-02-12 10:31 - 000000000 ____D C:\Program Files\RogueKiller
2021-03-24 17:10 - 2020-07-14 11:02 - 000000666 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3941208988-4064051922-1525667148-1001.job
2021-03-24 17:10 - 2020-07-14 11:02 - 000000570 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3941208988-4064051922-1525667148-1001.job
2021-03-24 17:10 - 2019-11-03 18:09 - 000000938 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2021-03-24 17:10 - 2019-11-03 18:09 - 000000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2021-03-24 15:20 - 2020-09-09 15:40 - 000003520 _____ C:\WINDOWS\system32\Tasks\Heimdal Security Service Monitor
2021-03-24 15:20 - 2020-08-14 12:59 - 000003452 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2021-03-24 15:20 - 2020-08-14 12:59 - 000003408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-24 15:20 - 2020-08-14 12:59 - 000003346 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-03-24 15:20 - 2020-08-14 12:59 - 000003264 _____ C:\WINDOWS\system32\Tasks\G2MUploadTask-S-1-5-21-3941208988-4064051922-1525667148-1001
2021-03-24 15:20 - 2020-08-14 12:59 - 000003228 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2021-03-24 15:20 - 2020-08-14 12:59 - 000003184 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-03-24 15:20 - 2020-08-14 12:59 - 000003168 _____ C:\WINDOWS\system32\Tasks\G2MUpdateTask-S-1-5-21-3941208988-4064051922-1525667148-1001
2021-03-24 15:20 - 2020-08-14 12:59 - 000003122 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-03-24 15:20 - 2020-08-14 12:59 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3941208988-4064051922-1525667148-1001
2021-03-24 15:20 - 2020-08-14 12:59 - 000002856 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3941208988-4064051922-1525667148-500
2021-03-24 15:20 - 2020-08-14 12:59 - 000002702 _____ C:\WINDOWS\system32\Tasks\HPCustParticipation HP Officejet Pro 8600
2021-03-24 15:20 - 2020-08-14 12:59 - 000002644 _____ C:\WINDOWS\system32\Tasks\Apple Diagnostics
2021-03-24 15:20 - 2020-08-14 12:59 - 000002556 _____ C:\WINDOWS\system32\Tasks\SoftwareInformerService
2021-03-24 15:20 - 2020-08-14 12:59 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-03-24 12:02 - 2020-09-23 11:35 - 000001868 _____ C:\ProgramData\Desktop\Zoom.lnk
2021-03-24 12:02 - 2020-09-09 15:46 - 000000000 ____D C:\Program Files (x86)\Zoom
2021-03-24 11:05 - 2019-11-03 17:46 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-03-24 10:20 - 2020-02-13 11:36 - 000001015 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-03-24 10:20 - 2020-02-13 11:36 - 000001003 _____ C:\ProgramData\Desktop\Firefox.lnk
2021-03-24 10:09 - 2019-11-03 15:00 - 000000000 ____D C:\Users\cruss\AppData\Local\PlaceholderTileLogoFolder
2021-03-23 09:30 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-22 18:17 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-22 18:11 - 2019-09-03 19:48 - 000000000 ____D C:\Program Files\Microsoft Office
2021-03-18 15:03 - 2020-02-13 11:18 - 000002508 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-03-18 14:20 - 2019-11-03 22:57 - 000465160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-03-18 12:03 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-03-17 16:23 - 2019-11-03 18:09 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-03-17 11:11 - 2019-11-03 22:58 - 000000000 ____D C:\Users\cruss\AppData\Roaming\AVAST Software
2021-03-17 11:11 - 2019-11-03 22:57 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2021-03-17 11:11 - 2019-11-03 22:57 - 000000000 ____D C:\Program Files\AVAST Software
2021-03-16 17:22 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-16 10:41 - 2020-02-13 17:23 - 000002311 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-03-16 10:41 - 2020-02-13 17:23 - 000002270 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-03-15 10:22 - 2020-04-01 17:41 - 000000000 ____D C:\ProgramData\ACT
2021-03-15 09:38 - 2019-12-07 05:54 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-03-15 09:38 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-15 09:38 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-15 09:38 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-15 09:38 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-15 09:38 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-15 09:38 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-15 09:38 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-15 09:38 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-15 09:28 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-03-15 09:28 - 2019-11-03 20:20 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-15 09:25 - 2019-11-03 20:20 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-15 08:44 - 2020-08-14 12:08 - 000000000 ____D C:\WINDOWS\system32\Intel
2021-03-15 08:41 - 2020-08-14 12:24 - 000000000 ____D C:\WINDOWS\Firmware
2021-03-15 08:39 - 2020-08-14 12:51 - 000482160 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-09 10:30 - 2020-08-14 12:24 - 000002377 _____ C:\Users\cruss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-04 10:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-02 11:29 - 2019-11-03 22:38 - 000000000 ____D C:\Users\cruss\AppData\Roaming\Dashlane
2021-03-02 10:21 - 2020-10-26 10:29 - 000175248 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-03-02 10:20 - 2020-12-28 16:47 - 000035648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-03-02 10:20 - 2020-04-02 10:52 - 000521336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-03-02 10:20 - 2019-12-07 05:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-03-02 10:20 - 2019-11-03 22:57 - 000850112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-03-02 10:20 - 2019-11-03 22:57 - 000357320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-03-02 10:20 - 2019-11-03 22:57 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-03-02 10:20 - 2019-11-03 22:57 - 000249304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-03-02 10:20 - 2019-11-03 22:57 - 000208024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-03-02 10:20 - 2019-11-03 22:57 - 000107784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-03-02 10:20 - 2019-11-03 22:57 - 000098760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-03-02 10:20 - 2019-11-03 22:57 - 000083360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-03-02 10:20 - 2019-11-03 22:57 - 000041272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-03-01 11:18 - 2019-12-07 05:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-03-01 11:18 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-01 11:18 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions

==================== Files in the root of some directories ========

2019-11-08 18:11 - 2019-11-08 18:16 - 000044097 __RSH () C:\Program Files (x86)\DLS8Uninstall.log
2019-11-03 18:24 - 2019-11-03 18:24 - 035552512 _____ (Swiftpage Act! LLC                                          ) C:\Users\cruss\AppData\Roaming\act2000update9ss.exe
2020-04-01 17:39 - 2020-04-01 17:40 - 165865472 _____ (Swiftpage Act! LLC                                          ) C:\Users\cruss\AppData\Roaming\act2200update4ss.exe
2019-11-03 18:33 - 2019-12-17 10:43 - 000000067 ____H () C:\Users\cruss\AppData\Roaming\ActUpdate.log
2019-11-05 12:57 - 2020-11-19 15:27 - 000001752 _____ () C:\Users\cruss\AppData\Roaming\HP1


#2 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,409 posts

Posted 31 March 2021 - 08:36 AM

Hello, Welcome to SpywareInfoForum.
I'm nasdaq and will be helping you.
 
If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===
 
Remove this program in bold using the Control Panel > Programs > Programs and Features...
Driver Support One (HKLM-x32\...\DSOne) (Version: 1.2.7321.21245 - Asurvio, LP) <==== ATTENTION
 
Press the windows key Press the Windows key + r on your keyboard at the same time. This will open the RUN BOX.+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
start::
 
CreateRestorePoint:
CloseProcesses:
 
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Edge Extension: (No Name) -> EdgeExtension_DashlaneDashlaneEdgeExtension_ks9qrcqmdm1bm => C:\Program Files\WindowsApps\Dashlane.DashlaneEdgeExtension_6.2020.3.0_neutral__ks9qrcqmdm1bm [not found]
FF HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Firefox\Extensions: [{442718d9-475e-452a-b3e1-fb1ee16b8e9f}] - C:\Users\cruss\AppData\Roaming\Dashlane\6.2007.0.32704\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f} => not found
 
CMD: netsh int ip reset
CMD: ipconfig /flushDNS
 
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
CMD: "C:\Windows\SYSTEM32\lodctr.exe" /R
CMD: "C:\Windows\SysWOW64\lodctr.exe" /R
 
cmd: sfc /scannow
cmd: DISM.exe /Online /Cleanup-image /Restorehealth
 
EmptyTemp:
 
End::
 
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.
 
Run FRST and click Fix only once and wait.
 
The tool will create a log (Fixlog.txt) please post it to your reply.
===
 
Is your problem solved?

nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#3 Carlgrus

Carlgrus

    Advanced Member

  • Full Member
  • PipPipPip
  • 151 posts

Posted 31 March 2021 - 10:47 AM

Here is the Fixlog.txt.  Thank you very much, I believe I'm back to "normal".  As always, I appreciate your help.  All the best.  Stay safe & healthy.  Carl

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 31-03-2021
Ran by cruss (31-03-2021 12:20:50) Run:2
Running from C:\Users\cruss\OneDrive\Desktop\Spyware Utilities
Loaded Profiles: cruss
Boot Mode: Normal
==============================================

fixlist content:
*****************
 
CreateRestorePoint:
CloseProcesses:
 
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Edge Extension: (No Name) -> EdgeExtension_DashlaneDashlaneEdgeExtension_ks9qrcqmdm1bm => C:\Program Files\WindowsApps\Dashlane.DashlaneEdgeExtension_6.2020.3.0_neutral__ks9qrcqmdm1bm [not found]
FF HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Firefox\Extensions: [{442718d9-475e-452a-b3e1-fb1ee16b8e9f}] - C:\Users\cruss\AppData\Roaming\Dashlane\6.2007.0.32704\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f} => not found
 
CMD: netsh int ip reset
CMD: ipconfig /flushDNS
 
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
CMD: "C:\Windows\SYSTEM32\lodctr.exe" /R
CMD: "C:\Windows\SysWOW64\lodctr.exe" /R
 
cmd: sfc /scannow
cmd: DISM.exe /Online /Cleanup-image /Restorehealth
 
EmptyTemp:
 

*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\EdgeExtension_DashlaneDashlaneEdgeExtension_ks9qrcqmdm1bm => removed successfully
"HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\Software\Mozilla\Firefox\Extensions\\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}" => removed successfully

========= netsh int ip reset =========

Resetting Compartment Forwarding, OK!
Resetting Compartment, OK!
Resetting Control Protocol, OK!
Resetting Echo Sequence Request, OK!
Resetting Global, OK!
Resetting Interface, OK!
Resetting Anycast Address, OK!
Resetting Multicast Address, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting Potential, OK!
Resetting Prefix Policy, OK!
Resetting Proxy Neighbor, OK!
Resetting Route, OK!
Resetting Site Prefix, OK!
Resetting Subinterface, OK!
Resetting Wakeup Pattern, OK!
Resetting Resolve Neighbor, OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , failed.
Access is denied.

Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.


========= End of CMD: =========


========= ipconfig /flushDNS =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


========= "%WINDIR%\SYSTEM32\lodctr.exe" /R =========


Error: Unable to rebuild performance counter setting from system backup store, error code is 2
========= End of CMD: =========


========= "%WINDIR%\SysWOW64\lodctr.exe" /R =========


Info: Successfully rebuilt performance counter setting from system backup store
========= End of CMD: =========


========= "C:\Windows\SYSTEM32\lodctr.exe" /R =========


Info: Successfully rebuilt performance counter setting from system backup store
========= End of CMD: =========


========= "C:\Windows\SysWOW64\lodctr.exe" /R =========


Info: Successfully rebuilt performance counter setting from system backup store
========= End of CMD: =========


========= sfc /scannow =========



Beginning system scan.  This process will take some time.



Beginning verification phase of system scan.


Verification 0% complete.
Verification 1% complete.
Verification 1% complete.
Verification 2% complete.
Verification 3% complete.
Verification 3% complete.
Verification 4% complete.
Verification 4% complete.
Verification 5% complete.
Verification 6% complete.
Verification 6% complete.
Verification 7% complete.
Verification 8% complete.
Verification 8% complete.
Verification 9% complete.
Verification 9% complete.
Verification 10% complete.
Verification 11% complete.
Verification 11% complete.
Verification 12% complete.
Verification 12% complete.
Verification 13% complete.
Verification 14% complete.
Verification 14% complete.
Verification 15% complete.
Verification 16% complete.
Verification 16% complete.
Verification 17% complete.
Verification 17% complete.
Verification 18% complete.
Verification 19% complete.
Verification 19% complete.
Verification 20% complete.
Verification 21% complete.
Verification 21% complete.
Verification 22% complete.
Verification 22% complete.
Verification 23% complete.
Verification 24% complete.
Verification 24% complete.
Verification 25% complete.
Verification 25% complete.
Verification 26% complete.
Verification 27% complete.
Verification 27% complete.
Verification 28% complete.
Verification 29% complete.
Verification 29% complete.
Verification 30% complete.
Verification 30% complete.
Verification 31% complete.
Verification 32% complete.
Verification 32% complete.
Verification 33% complete.
Verification 33% complete.
Verification 34% complete.
Verification 35% complete.
Verification 35% complete.
Verification 36% complete.
Verification 37% complete.
Verification 37% complete.
Verification 38% complete.
Verification 38% complete.
Verification 39% complete.
Verification 40% complete.
Verification 40% complete.
Verification 41% complete.
Verification 42% complete.
Verification 42% complete.
Verification 43% complete.
Verification 43% complete.
Verification 44% complete.
Verification 45% complete.
Verification 45% complete.
Verification 46% complete.
Verification 46% complete.
Verification 47% complete.
Verification 48% complete.
Verification 48% complete.
Verification 49% complete.
Verification 50% complete.
Verification 50% complete.
Verification 51% complete.
Verification 51% complete.
Verification 52% complete.
Verification 53% complete.
Verification 53% complete.
Verification 54% complete.
Verification 54% complete.
Verification 55% complete.
Verification 56% complete.
Verification 56% complete.
Verification 57% complete.
Verification 58% complete.
Verification 58% complete.
Verification 59% complete.
Verification 59% complete.
Verification 60% complete.
Verification 61% complete.
Verification 61% complete.
Verification 62% complete.
Verification 63% complete.
Verification 63% complete.
Verification 64% complete.
Verification 64% complete.
Verification 65% complete.
Verification 66% complete.
Verification 66% complete.
Verification 67% complete.
Verification 67% complete.
Verification 68% complete.
Verification 69% complete.
Verification 69% complete.
Verification 70% complete.
Verification 71% complete.
Verification 71% complete.
Verification 72% complete.
Verification 72% complete.
Verification 73% complete.
Verification 74% complete.
Verification 74% complete.
Verification 75% complete.
Verification 75% complete.
Verification 76% complete.
Verification 77% complete.
Verification 77% complete.
Verification 78% complete.
Verification 79% complete.
Verification 79% complete.
Verification 80% complete.
Verification 80% complete.
Verification 81% complete.
Verification 82% complete.
Verification 82% complete.
Verification 83% complete.
Verification 84% complete.
Verification 84% complete.
Verification 85% complete.
Verification 85% complete.
Verification 86% complete.
Verification 87% complete.
Verification 87% complete.
Verification 88% complete.
Verification 88% complete.
Verification 89% complete.
Verification 90% complete.
Verification 90% complete.
Verification 91% complete.
Verification 92% complete.
Verification 92% complete.
Verification 93% complete.
Verification 93% complete.
Verification 94% complete.
Verification 95% complete.
Verification 95% complete.
Verification 96% complete.
Verification 96% complete.
Verification 97% complete.
Verification 98% complete.
Verification 98% complete.
Verification 99% complete.
Verification 100% complete.


Windows Resource Protection did not find any integrity violations.


========= End of CMD: =========


========= DISM.exe /Online /Cleanup-image /Restorehealth =========


Deployment Image Servicing and Management tool
Version: 10.0.19041.844

Image Version: 10.0.19042.906


[==                         3.8%                           ]

[==                         4.8%                           ]

[===                        5.7%                           ]

[===                        6.7%                           ]

[====                       7.7%                           ]

[=====                      8.7%                           ]

[=====                      9.7%                           ]

[=====                      10.0%                          ]

[======                     11.0%                          ]

[======                     12.0%                          ]

[=======                    12.9%                          ]

[========                   13.9%                          ]

[========                   14.9%                          ]

[========                   14.9%                          ]

[=========                  15.9%                          ]

[=========                  16.9%                          ]

[==========                 17.9%                          ]

[==========                 18.9%                          ]

[===========                19.8%                          ]

[===========                20.6%                          ]

[============               21.0%                          ]

[============               21.9%                          ]

[=============              22.8%                          ]

[=============              23.5%                          ]

[=============              23.7%                          ]

[==============             24.5%                          ]

[==============             24.8%                          ]

[==============             24.8%                          ]

[==============             25.1%                          ]

[==============             25.5%                          ]

[===============            26.0%                          ]

[===============            26.1%                          ]

[===============            26.2%                          ]

[===============            26.3%                          ]

[===============            26.3%                          ]

[===============            26.5%                          ]

[===============            27.5%                          ]

[================           28.3%                          ]

[================           29.3%                          ]

[=================          30.3%                          ]

[==================         31.1%                          ]

[==================         31.8%                          ]

[===================        32.8%                          ]

[===================        33.8%                          ]

[====================       34.6%                          ]

[====================       35.5%                          ]

[====================       36.2%                          ]

[=====================      37.1%                          ]

[=====================      37.5%                          ]

[======================     38.0%                          ]

[======================     38.7%                          ]

[======================     39.6%                          ]

[=======================    40.0%                          ]

[=======================    40.5%                          ]

[=======================    41.1%                          ]

[========================   41.5%                          ]

[========================   41.7%                          ]

[========================   41.9%                          ]

[========================   42.3%                          ]

[========================   42.5%                          ]

[========================   42.9%                          ]

[=========================  43.2%                          ]

[=========================  43.6%                          ]

[=========================  43.9%                          ]

[=========================  44.1%                          ]

[=========================  44.5%                          ]

[=========================  44.8%                          ]

[========================== 45.1%                          ]

[========================== 45.5%                          ]

[========================== 46.0%                          ]

[========================== 46.3%                          ]

[===========================46.7%                          ]

[===========================47.7%                          ]

[===========================48.7%                          ]

[===========================49.7%                          ]

[===========================50.6%                          ]

[===========================51.6%                          ]

[===========================52.6%                          ]

[===========================52.7%                          ]

[===========================52.7%                          ]

[===========================52.8%                          ]

[===========================52.8%                          ]

[===========================52.9%                          ]

[===========================53.0%                          ]

[===========================53.1%                          ]

[===========================53.1%                          ]

[===========================53.1%                          ]

[===========================53.1%                          ]

[===========================53.2%                          ]

[===========================53.3%                          ]

[===========================53.3%                          ]

[===========================53.4%                          ]

[===========================53.4%                          ]

[===========================53.5%                          ]

[===========================53.6%                          ]

[===========================53.7%                          ]

[===========================53.7%                          ]

[===========================53.8%                          ]

[===========================53.8%                          ]

[===========================53.9%                          ]

[===========================54.0%                          ]

[===========================54.0%                          ]

[===========================54.1%                          ]

[===========================54.3%                          ]

[===========================54.3%                          ]

[===========================54.3%                          ]

[===========================54.3%                          ]

[===========================54.4%                          ]

[===========================54.4%                          ]

[===========================54.5%                          ]

[===========================54.6%                          ]

[===========================54.6%                          ]

[===========================54.6%                          ]

[===========================54.6%                          ]

[===========================54.7%                          ]

[===========================54.8%                          ]

[===========================54.9%                          ]

[===========================54.9%                          ]

[===========================55.0%                          ]

[===========================55.2%                          ]

[===========================55.3%                          ]

[===========================55.4%                          ]

[===========================55.5%                          ]

[===========================55.5%                          ]

[===========================55.6%                          ]

[===========================55.8%                          ]

[===========================55.8%                          ]

[===========================55.9%                          ]

[===========================56.0%                          ]

[===========================56.8%                          ]

[===========================57.1%=                         ]

[===========================57.7%=                         ]

[===========================58.7%==                        ]

[===========================59.7%==                        ]

[===========================62.3%====                      ]

[===========================84.9%=================         ]

[==========================100.0%==========================]
The restore operation completed successfully.
The operation completed successfully.

========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 22195459 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 421541555 B
Edge => 39826 B
Chrome => 274432 B
Firefox => 48700909 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 5394 B
NetworkService => 5394 B
cruss => 8173295 B

RecycleBin => 2011136 B
EmptyTemp: => 489.9 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 12:29:24 ====



#4 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,409 posts

Posted 01 April 2021 - 07:25 AM

Hi,

 

Glad we could help.


nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760




Member of UNITE
Support SpywareInfo Forum - click the button