Ok. Part 1
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-03-2020
Ran by cempa (administrator) on DESKTOP-GRI8B81 (Dell Inc. XPS 15 9570) (21-03-2020 12:42:16)
Running from C:\Users\cempa\Downloads
Loaded Profiles: cempa (Available Profiles: cempa)
Platform: Windows 10 Home Version 1903 18362.720 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\SoulseekQt\SoulseekQt.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Audacity Team) [File not signed] C:\Program Files (x86)\Audacity\audacity.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\cempa\AppData\Roaming\uTorrent\helper\helper.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\cempa\AppData\Roaming\uTorrent\updates\3.5.5_45608\utorrentie.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\cempa\AppData\Roaming\uTorrent\updates\3.5.5_45608\utorrentie.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\cempa\AppData\Roaming\uTorrent\updates\3.5.5_45608\utorrentie.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\cempa\AppData\Roaming\uTorrent\uTorrent.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Dell Inc -> Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Inc -> Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_31a8dbbf39dcdc3b\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127034.inf_amd64_67158b9e3d4a0df5\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Software Development Products -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_fd0b4b97d35097fa\aesm_service.exe
(Intel(R) Trust Services -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_7e148e9c120d86df\lib\SocketHeciServer.exe
(KORG INC. -> KORG Inc.) C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20012.133.0_x64__8wekyb3d8bbwe\YourPhoneServer\YourPhoneServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows Hardware Compatibility Publisher -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(PACE Anti-Piracy, Inc. -> PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Stefan Weil -> hxxps://www.qemu.org) [File not signed] C:\Program Files\qemu\qemu-system-x86_64.exe
(Symantec Corporation -> PC Tools) C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.20.1.69\NortonSecurity.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.20.1.69\NortonSecurity.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.20.1.69\nsWscSvc.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_c1bcca647735e1d9\WavesSysSvc64.exe
(Windscribe Limited -> Windscribe Limited) C:\Program Files (x86)\Windscribe\WindscribeService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [838648 2019-03-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_c1bcca647735e1d9\WavesSvc64.exe [1222928 2018-03-29] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2018-02-13] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [DellMobileConnectWelcome] => C:\Program Files\Dell\DellMobileConnectDrivers\DellMobileConnectWelcome.exe [127480 2017-11-06] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [518424 2013-07-18] (Acronis International GmbH -> Acronis)
HKLM-x32\...\Run: [SSDMonitor] => C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe [106784 2019-03-03] (Symantec Corporation -> Symantec Corporation)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7805824 2013-10-24] (Acronis International GmbH -> Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1102192 2013-10-10] (Acronis International GmbH -> Acronis International GmbH)
HKLM-x32\...\Run: [KORG USB-MIDI Driver] => C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe [391416 2019-07-17] (KORG INC. -> KORG Inc.)
HKU\S-1-5-21-1033751270-1591875615-2768219290-1002\...\Run: [Windscribe] => C:\Program Files (x86)\Windscribe\Windscribe.exe [10106544 2019-01-19] (Windscribe Limited -> Windscribe Limited)
HKU\S-1-5-21-1033751270-1591875615-2768219290-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03212020123016029\...\Run: [Windscribe] => C:\Program Files (x86)\Windscribe\Windscribe.exe [10106544 2019-01-19] (Windscribe Limited -> Windscribe Limited)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\Installer\chrmstp.exe [2020-03-19] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0AD8A701-DB83-44E4-89B2-D4145FB209B1} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24600440 2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {17B7C9D3-D3C3-492D-9708-07912089DDBD} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {1CD1BD68-9693-461A-8AC2-AFDF4E8492A5} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.20.1.69\SymErr.exe [116392 2020-01-21] (Symantec Corporation -> Symantec Corporation)
Task: {22C1783D-015E-4D56-A507-C9B11AB3023A} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {25053183-809B-40CE-98F7-5F9AD04C0EB1} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2302184 2018-01-26] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {27D5C85C-2A04-4DBF-AE57-1249D463BF38} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2E13A8E4-D603-4E14-B31D-A37B44676D74} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158544 2020-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {3F5F08BB-4A2F-4516-92D2-162B2FACB759} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158544 2020-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {3F92BA7A-4506-402F-A920-031FF87BD305} - System32\Tasks\NUAutoUpdate => C:\Program Files (x86)\Symantec\Norton Utilities 16\SULauncher.exe [988504 2019-03-03] (Symantec Corporation -> PC Tools)
Task: {526AD0D8-0535-4EF4-919F-0EA0424512CB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24600440 2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {6C28B394-C338-4B3A-8DA3-656E2DE970D4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {74C3333E-A450-4269-B8A9-8EDECC458643} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3310688 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7E817EB2-7E94-43AD-BA92-68559EB80F28} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7E906E6D-2037-4D34-95DA-272A3D9D0FE7} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {8C418A23-D299-457F-9263-6C95C3A7B31B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A672DBA8-21B5-4009-8240-3B35AF6DA00D} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 2018-01-26] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {A8E1D9B7-1D75-408B-9D01-D238AB2964E2} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [1926304 2020-01-21] (Symantec Corporation -> Symantec Corporation)
Task: {B3CF1FC6-19F7-46CE-B5E9-66814E86D2D1} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 2018-01-26] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {B8AF3E7C-7401-4071-A15B-5CBDAF9335C9} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 2018-01-26] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {BB65D647-DF0E-4313-B286-72F4DCE8E5CB} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BFE9923E-B35F-4BB5-BEF4-3E419F1346A6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-05] (Google Inc -> Google Inc.)
Task: {C0F8C3AB-F354-4301-BC95-953463FCFC86} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.20.1.69\SymErr.exe [116392 2020-01-21] (Symantec Corporation -> Symantec Corporation)
Task: {C31A47D9-8A6B-41AC-B2FB-F01892425946} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D26C8A18-DE6A-4251-A26F-2B329BB6F473} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.20.1.69\WSCStub.exe [570824 2020-01-21] (Symantec Corporation -> Symantec Corporation)
Task: {DBD6943A-75CD-4ED7-8E25-15C6B96A9B22} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.20.1.69\SymErr.exe [116392 2020-01-21] (Symantec Corporation -> Symantec Corporation)
Task: {DD6FD3A7-0D0C-4C1E-86A9-355F7B05366F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-05] (Google Inc -> Google Inc.)
Task: {F7D92C0E-2A58-4E56-9BFA-79C5450E9FFA} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F8C01A07-4903-4B73-AF0E-14A90EB2BA30} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F95A18A2-4B6C-4A14-8F20-49D599557CDC} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653864 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\NUAutoUpdate.job => C:\Program Files (x86)\Symantec\Norton Utilities 16\SULauncher.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{3DA59414-4D8D-4650-A05E-ADAFBEAAF718}: [NameServer] 10.255.255.2
Tcpip\..\Interfaces\{65e16946-e6a9-46c9-907d-aa0331cc1021}: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{f8067ce3-814e-4b1e-a656-96f34bbba11a}: [DhcpNameServer] 194.168.4.100 194.168.8.100
Internet Explorer:
==================
HKU\S-1-5-21-1033751270-1591875615-2768219290-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-1033751270-1591875615-2768219290-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-1033751270-1591875615-2768219290-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03212020123016029\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-1033751270-1591875615-2768219290-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03212020123016029\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.20.1.69\coIEPlg.dll [2020-01-21] (Symantec Corporation -> Symantec Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-02-14] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.20.1.69\coIEPlg.dll [2020-01-21] (Symantec Corporation -> Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.20.1.69\coIEPlg.dll [2020-01-21] (Symantec Corporation -> Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.20.1.69\coIEPlg.dll [2020-01-21] (Symantec Corporation -> Symantec Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Edge:
======
Edge Notifications: HKU\S-1-5-21-1033751270-1591875615-2768219290-1002 -> hxxps://www.facebook.com
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-02-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-02-14] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default [2020-03-21]
CHR Notifications: Default -> hxxps://mail.google.com; hxxps://www.cv-library.co.uk; hxxps://www.musicradar.com; hxxps://www.reddit.com; hxxps://www.techradar.com; hxxps://www.tuifly.be; hxxps://www.whats-on-netflix.com; hxxps://www.wordans.co.uk
CHR DefaultSearchURL: Default -> hxxps://nortonsafe.search.ask.com/web?omnisearch=yes&q={searchTerms}
CHR DefaultSearchKeyword: Default -> nortonsafe
CHR Extension: (Slides) - C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-05]
CHR Extension: (Docs) - C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-05]
CHR Extension: (Google Drive) - C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-05]
CHR Extension: (YouTube) - C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-05]
CHR Extension: (Norton Security Toolbar) - C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2019-04-11]
CHR Extension: (Norton Safe Search) - C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default\Extensions\eogpedgkejfmehnklhahflpmplhiceal [2020-03-17]
CHR Extension: (Sheets) - C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-05]
CHR Extension: (Google Docs Offline) - C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-17]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-03-21]
CHR Extension: (Windscribe - Free Proxy and Ad Blocker) - C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2020-02-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-01]
CHR Extension: (Chrome Media Router) - C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-20]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AESMService; C:\WINDOWS\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_fd0b4b97d35097fa\aesm_service.exe [716824 2019-09-22] (Intel(R) Software Development Products -> Intel Corporation)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3374160 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3103824 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [386976 2019-08-08] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11091224 2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [312864 2017-07-20] (Dell Inc -> Dell Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [308424 2019-11-25] (Dell Inc -> Dell Inc.)
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{C465CFF0-2621-4FD3-A47D-A291A9A67523} [21304 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{C465CFF0-2621-4FD3-A47D-A291A9A67523} [21304 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [36024 2020-02-14] (Dell Inc -> )
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237016 2018-03-27] (Dell Inc -> Dell Inc.)
S3 DiskDoctorService; C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\Disk Doctor\DiskDoctorSrv.exe [1168720 2019-03-03] (Symantec Corporation -> Symantec Corporation)
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1646120 2018-02-08] (Intel(R) pGFX -> Intel Corporation)
S3 iaStorAfsService; C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe [2593848 2018-02-22] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 Intel(R) Capability Licensing Service TCP IP Interface; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_7e148e9c120d86df\lib\SocketHeciServer.exe [872416 2019-04-23] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_7e148e9c120d86df\lib\TPMProvisioningService.exe [800224 2019-04-23] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 IntelAudioService; C:\WINDOWS\system32\cAVS\Intel(R) Audio Service\IntelAudioService.exe [364256 2019-03-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel)
R2 jhi_service; C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_31a8dbbf39dcdc3b\jhi_service.exe [647568 2019-04-30] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2318800 2018-02-09] (Microsoft Windows Hardware Compatibility Publisher -> Rivet Networks)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-21] (Malwarebytes Inc -> Malwarebytes)
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.20.1.69\NortonSecurity.exe [227352 2020-01-21] (Symantec Corporation -> Symantec Corporation)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.20.1.69\nsWscSvc.exe [937528 2020-01-21] (Symantec Corporation -> Symantec Corporation)
R2 NU16StartManagerSvc; C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe [799992 2019-03-03] (Symantec Corporation -> PC Tools)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
R2 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [191256 2019-01-28] (Qualcomm Atheros -> Qualcomm Technologies Inc.)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\RtkAudUService64.exe [838648 2019-03-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 SpeedDiskService; C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\SpeedDisk\SpeedDiskSrv.exe [1182640 2019-03-03] (Symantec Corporation -> Symantec Corporation)
S3 ThunderboltService; C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [2302184 2018-01-26] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
R2 WavesSysSvc; C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_c1bcca647735e1d9\WavesSysSvc64.exe [885008 2018-03-29] (Waves Inc -> Waves Audio Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-25] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [493232 2019-01-19] (Windscribe Limited -> Windscribe Limited)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u
https://activation.paceap.com/InitiateActivation [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.16.4.15\Definitions\BASHDefs\20200316.001\BHDrvx64.sys [1952136 2019-10-02] (Symantec Corporation -> Symantec Corporation)
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1614010.045\ccSetx64.sys [192376 2020-01-21] (Symantec Corporation -> Symantec Corporation)
R4 DBUtil_2_3; C:\WINDOWS\TEMP\DBUtil_2_3.Sys [14840 2020-03-20] (Dell Inc. -> )
S3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [36728 2019-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2017-12-14] (Techporch Incorporated -> Dell Computer Corporation)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [76696 2018-02-08] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [70040 2018-02-08] (Intel Corporation -> Intel Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [516784 2019-10-09] (Symantec Corporation -> Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [154288 2019-10-10] (Symantec Corporation -> Symantec Corporation)
R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [399264 2018-02-08] (Intel Corporation -> Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-03-21] (Malwarebytes Corporation -> Malwarebytes)
S3 ffusb2audio; C:\WINDOWS\system32\DRIVERS\ffusb2audio.sys [127280 2014-03-17] (Focusrite Audio Engineering Limited -> Focusrite Audio Engineering Limited.)
S3 FocusriteUSB; C:\WINDOWS\System32\drivers\FocusriteUSB.sys [122928 2019-05-09] (WDKTestCert builds,131886954661028733 -> Focusrite Audio Engineering Ltd.)
R3 FocusriteUSBSwRoot; C:\WINDOWS\System32\drivers\FocusriteUSBSwRoot.sys [100792 2019-05-09] (WDKTestCert builds,131886954661028733 -> Focusrite Audio Engineering Ltd.)
S3 FocusriteUSB_AUDIO; C:\WINDOWS\system32\drivers\FocusriteUSBAudio.sys [63200 2019-05-09] (WDKTestCert builds,131886954661028733 -> Focusrite Audio Engineering Ltd.)
S3 FocusriteUSB_MIDI; C:\WINDOWS\system32\drivers\FocusriteUSBMidi.sys [49792 2019-05-09] (WDKTestCert builds,131886954661028733 -> Focusrite Audio Engineering Ltd.)
S3 HfAudio; C:\WINDOWS\System32\drivers\HfAudio.sys [65008 2018-06-26] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
R3 HidEventFilter; C:\WINDOWS\System32\drivers\HidEventFilter.sys [85032 2017-12-13] (Intel(R) Software -> Intel Corporation)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [218336 2017-10-10] (McAfee, Inc. -> McAfee, Inc.)
S3 iaLPSS2_GPIO2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [123544 2017-10-16] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [942128 2018-02-22] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [72248 2018-02-22] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.16.4.15\Definitions\IPSDefs\20200320.061\IDSvia64.sys [1451016 2019-08-06] (Symantec Corporation -> Symantec Corporation)
R3 IntcAudioBus; C:\WINDOWS\System32\drivers\IntcAudioBus.sys [299176 2019-03-22] (Smart Sound Technology -> Intel(R) Corporation)
R3 IntcOED; C:\WINDOWS\System32\drivers\IntcOED.sys [1168040 2019-03-22] (Smart Sound Technology -> Intel(R) Corporation)
S3 KORGUMDS; C:\WINDOWS\System32\Drivers\KORGUM64.SYS [43440 2019-07-17] (KORG INC. -> KORG INC.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-03-21] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-03-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [195432 2020-03-21] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2020-03-21] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-03-21] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [119960 2020-03-21] (Malwarebytes Inc -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_78debb6bbbccbb36\nvlddmkm.sys [22377352 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-08-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2369816 2019-01-28] (Qualcomm Atheros -> Qualcomm Atheros, Inc.)
R2 RfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\RfeCo10X64.sys [132808 2018-02-09] (Rivet Networks LLC -> Rivet Networks, LLC.)
R3 RTSPER; C:\WINDOWS\System32\drivers\RtsPer.sys [864704 2017-10-31] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
S3 ScrHIDDriver; C:\WINDOWS\System32\drivers\ScrHIDDriver.sys [58864 2018-06-26] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
R1 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1614010.045\SRTSP64.SYS [889520 2020-01-21] (Symantec Corporation -> Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1614010.045\SRTSPX64.SYS [50864 2020-01-21] (Symantec Corporation -> Symantec Corporation)
R3 ST_Accel; C:\WINDOWS\System32\drivers\ST_Accel.sys [134264 2017-11-22] ("STMicroelectronics Srl" -> STMicroelectronics)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1614010.045\SYMEFASI64.SYS [1964200 2020-01-21] (Symantec Corporation -> Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1614010.045\SymELAM.sys [25744 2020-01-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [100064 2019-03-21] (Symantec Corporation -> Symantec Corporation)
R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.16.4.15\SymPlatform\SymEvnt.sys [712368 2020-01-14] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1614010.045\Ironx64.SYS [316656 2020-01-21] (Symantec Corporation -> Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1614010.045\symnets.sys [573448 2020-01-21] (Symantec Corporation -> Symantec Corporation)
R3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-07-06] (Windscribe Limited -> The OpenVPN Project)
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1120032 2019-10-25] (Acronis International GmbH -> Acronis International GmbH)
R0 tib_mounter; C:\WINDOWS\System32\DRIVERS\tib_mounter.sys [198432 2019-10-25] (Acronis International GmbH -> Acronis International GmbH)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-25] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-25] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1614010.045\wpCtrlDrv.sys [1012120 2020-01-21] (Symantec Corporation -> Symantec Corporation)