Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-03-2021 Ran by aemtp (administrator) on ARI-DESKTOP (Gigabyte Technology Co., Ltd. X570 AORUS ELITE WIFI) (02-04-2021 13:00:15) Running from C:\Users\aemtp\Desktop\virus scan Loaded Profiles: aemtp Platform: Windows 10 Home Version 20H2 19042.867 (X64) Language: English (United States) Default browser: Chrome Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () [File not signed] C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe () [File not signed] C:\Program Files (x86)\Samsung\EasySettingBox\EasySettingBox.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe (Box, Inc. -> Box, Inc.) C:\Program Files\Box\Box\Box.Desktop.UpdateService.exe (Box, Inc. -> Box, Inc.) C:\Program Files\Box\Box\Box.exe (Box, Inc. -> Box, Inc.) C:\Program Files\Box\Box\FS\streem.exe (Box, Inc. -> Box, Inc.) C:\Program Files\Box\Box\UI\BoxUI.exe (Brother Industries, Ltd. -> ) C:\Program Files (x86)\Brother\BRAgent\BRAgtSrv.exe (Brother Industries, Ltd. -> ) C:\Program Files (x86)\Brother\BRPrintAuditor\BRAgtSrv.exe (Brother Industries, Ltd. -> brother Industries Ltd) C:\Program Files (x86)\Brother\BRPrintAuditor\brausc3a.exe (Brother Industries, Ltd. -> brother Industries Ltd) C:\Program Files (x86)\Brother\BRPrintAuditor\brsvau3a.exe (cFos Software GmbH -> cFos Software GmbH) C:\Program Files\cFosSpeed\cfosspeed.exe (cFos Software GmbH -> cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam9\YouCamService9.exe (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngine.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngineStarter.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft) C:\Program Files (x86)\GIGABYTE\CloudStation_Server\HomeCloud\HCLOUD.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft) C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe (Google LLC -> ) C:\Program Files\Google\Drive File Stream\46.0.3.0\crashpad_handler.exe <2> (Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <6> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <120> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\46.0.3.0\GoogleDriveFS.exe <7> (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.4\Lightshot.exe (Logitech Inc -> Logitech) C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe (Malwarebytes Inc -> Malwarebytes) D:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) D:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (ManyCam (VISICOM MÉDIA INC.) -> Visicom Media Inc.) C:\Program Files (x86)\ManyCam\ManyCam.exe (ManyCam -> Visicom Media Inc.) C:\ProgramData\ManyCam\Service\ManyCamService.exe (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.8.8.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12101.1001.14.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe (Motorola Mobility Inc. -> Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe (Motorola Mobility Inc. -> Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe (Motorola) [File not signed] C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe (ND_Apps -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_4f0927d2d65e905f\Display.NvContainer\NVDisplay.Container.exe <2> (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2> (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe (SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIJJE.EXE <2> (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1076968 2020-01-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [Gigabyte Speed] => C:\Program Files\cFosSpeed\cFosSpeed.exe [1724248 2019-03-21] (cFos Software GmbH -> cFos Software GmbH) HKLM\...\Run: [Box] => C:\Program Files\Box\Box\Box.exe [6405464 2021-01-13] (Box, Inc. -> Box, Inc.) HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe" HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-22] (Kilonova LLC -> ) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation) HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [68822328 2020-12-28] (Discord Inc. -> Discord Inc.) HKLM-x32\...\Run: [EasySettingBox] => [X] HKLM-x32\...\Run: [YouCam Service9] => C:\Program Files (x86)\CyberLink\YouCam9\YouCamService9.exe [404288 2020-07-27] (CyberLink Corp. -> CyberLink Corp.) HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2012-01-26] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [642664 2013-12-24] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863848 2013-12-24] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\GIGABYTE\AppCenter\PreRun.exe [14632 2016-02-26] (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\46.0.3.0\GoogleDriveFS.exe [56317352 2021-02-22] (Google LLC -> Google, Inc.) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\46.0.3.0\GoogleDriveFS.exe [56317352 2021-02-22] (Google LLC -> Google, Inc.) HKU\S-1-5-21-2352705691-491874430-4063245790-1001\...\Run: [AtHomeVideoStreamer] => C:\Program Files (x86)\AtHomeVideoStreamer\AtHomeVideoStreamer.exe [975872 2020-07-21] (iChano Incoporation.) [File not signed] HKU\S-1-5-21-2352705691-491874430-4063245790-1001\...\Run: [Discord] => C:\Users\aemtp\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub) HKU\S-1-5-21-2352705691-491874430-4063245790-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\aemtp\AppData\Local\WebEx\ciscowebexstart.exe [2689752 2021-03-05] (Cisco WebEx LLC -> Cisco Webex LLC) HKU\S-1-5-21-2352705691-491874430-4063245790-1001\...\Run: [BlueJeans.Detector] => C:\Users\aemtp\AppData\Local\BlueJeans\BlueJeans.Detector.exe [204512 2020-12-20] (Blue Jeans Network, Inc. -> BlueJeans) HKU\S-1-5-21-2352705691-491874430-4063245790-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\aemtp\AppData\Local\Microsoft\Teams\Update.exe [2452664 2021-01-19] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-2352705691-491874430-4063245790-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\46.0.3.0\GoogleDriveFS.exe [56317352 2021-02-22] (Google LLC -> Google, Inc.) HKU\S-1-5-21-2352705691-491874430-4063245790-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5536424 2021-03-06] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-2352705691-491874430-4063245790-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [50041472 2021-03-12] (Google LLC -> ) HKU\S-1-5-21-2352705691-491874430-4063245790-1001\...\Run: [ManyCam] => C:\Program Files (x86)\ManyCam\ManyCam.exe [16384752 2021-02-18] (ManyCam (VISICOM MÉDIA INC.) -> Visicom Media Inc.) HKU\S-1-5-21-2352705691-491874430-4063245790-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIJJE.EXE [283232 2012-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-2352705691-491874430-4063245790-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIJJE.EXE [283232 2012-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-2352705691-491874430-4063245790-1001\...\Run: [EPSDNMON] => "" HKU\S-1-5-21-2352705691-491874430-4063245790-1001\...\RunOnce: [Application Restart #0] => C:\Program Files\thinkorswim\jxbrowser\v18\bin\chromium.exe [1546784 2020-04-08] (TEAMDEV LTD. -> The Chromium Authors) HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\46.0.3.0\GoogleDriveFS.exe [56317352 2021-02-22] (Google LLC -> Google, Inc.) HKLM\...\Print\Monitors\CutePDF Writer Monitor v4.0: C:\Windows\system32\cpwmon64_v40.dll [89584 2019-10-20] (Acro Software Inc -> ) HKLM\...\Print\Monitors\EPSON WF-3520 Series 64MonitorBE: C:\Windows\system32\E_YLMJJE.DLL [120320 2011-04-19] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [558080 2011-08-30] (SEIKO EPSON CORPORATION) [File not signed] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.114\Installer\chrmstp.exe [2021-04-02] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{7B4C4849-DFD6-4b88-B58D-9260BC55E2FB}] -> C:\Program Files (x86)\CyberLink\YouCam9\CLCredProv\x64\CLCredProv.dll [2020-07-27] (CyberLink Corp. -> CyberLink) HKLM\Software\...\Authentication\Credential Provider Filters: [{7B4C4849-DFD6-4b88-B58D-9260BC55E2FB}] -> C:\Program Files (x86)\CyberLink\YouCam9\CLCredProv\x64\CLCredProv.dll [2020-07-27] (CyberLink Corp. -> CyberLink) GroupPolicy\User: Restriction ? <==== ATTENTION HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {07CF07BA-75C3-44BB-B7ED-ED4ABF331669} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {07CFAE49-2AC2-4D6E-928D-252063F84BE4} - System32\Tasks\G2MUploadTask-S-1-5-21-2352705691-491874430-4063245790-1001 => C:\Users\aemtp\AppData\Local\GoToMeeting\19584\g2mupload.exe [31320 2021-03-25] (LogMeIn, Inc. -> LogMeIn, Inc.) Task: {1D78A92A-1EBB-4E6A-928F-5954E3BF38D5} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {1FFD38F0-8792-4AA0-9AAF-605A1DE0D7E3} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754104 2021-01-07] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) Task: {22BA88C1-8CCA-41D2-BA3E-511A4047B78F} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> ) Task: {2AD890F8-80C5-4981-9C71-DC8CB294A639} - System32\Tasks\EasyTune => C:\Program Files (x86)\GIGABYTE\EasyTune\etinit.exe [15768 2021-01-14] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) Task: {33454BD7-2B42-495D-BF70-7CD649E73D7D} - System32\Tasks\TinyTakeUpgrade => C:\Users\aemtp\AppData\Local\MangoApps\TinyTake\TinyTake.exe [98912 2020-07-28] (MangoApps, Inc. -> MangoApps Inc.) Task: {3CE97B64-8F61-4463-B339-AAB4B0724E54} - System32\Tasks\EasyTune 1 => C:\Program Files (x86)\GIGABYTE\EasyTune\etocfile.exe [18328 2021-01-14] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) Task: {3D642E18-774D-452F-AD74-0B299BB6B205} - System32\Tasks\cFos\Registration Tasks\Open Browser => "c:\program files (x86)\google\chrome\application\chrome.exe" "http://localhost:1487/cfosspeed/console.htm" Task: {4CF635AB-9E4F-4B4F-9A8D-3B1822A3F441} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> ) Task: {4E8A3612-9275-4D05-B782-F923B0B7CB28} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {4EE6CB1C-D5BE-4215-9B04-92EA60953574} - System32\Tasks\SU_AutoUpdate => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4513224 2021-01-19] (IObit Information Technology -> IObit) Task: {5167A2AB-E1B3-4896-AA71-B5ADC5BA3F23} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {55D80ABB-20AC-418E-89AA-56FD631ED11E} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {5BEA310F-513D-4300-8C56-6FEBD853A231} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [1625400 2018-06-28] (Intel(R) Software -> Intel Corporation) Task: {68A4D9D6-60A8-417A-B88E-2DDC5C7B8440} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: ) Task: {82A6D869-0A26-4D9C-984E-08A1680CC0C5} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {8A1BDD83-F402-4FE5-938A-7472C5830DC7} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {8F090F06-168A-41E2-80D2-6864C8A8CC6D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-12-01] (Google Inc -> Google LLC) Task: {918EA3CD-B720-4D47-BBC6-8E37CEB5C1F2} - System32\Tasks\Software Updater Scheduler => C:\Program Files (x86)\IObit\Software Updater\SUInit.exe [1789200 2020-06-30] (IObit Information Technology -> IObit Software updater) <==== ATTENTION Task: {96C800AD-8AD2-4D8A-8486-C2BD3D36BD56} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-12-01] (Google Inc -> Google LLC) Task: {994827D8-599B-4515-ABA6-047D5A4EF342} - System32\Tasks\SIV-VGA => C:\Program Files (x86)\GIGABYTE\SIV\sensord.exe [252984 2021-01-29] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) Task: {9CC2A707-C21F-414B-B7D3-9BE52B15CC2B} - System32\Tasks\update-S-1-5-21-2352705691-491874430-4063245790-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: ) Task: {A679D611-C92D-495D-9D78-438A6EE0CAC9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {ABBDF1D2-01F2-4CDF-AEBE-55EC7FCC639A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {B50966BA-9B1E-4782-9816-E2EEB07C2B56} - System32\Tasks\EasySettingBox => C:\Program Files (x86)\Samsung\EasySettingBox\EasySettingBox.exe [2799104 2020-05-11] () [File not signed] Task: {BB7D089B-C155-42A9-AA86-27E9EB4A49C4} - System32\Tasks\Software Updater SkipUAC(aemtp) => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4513224 2021-01-19] (IObit Information Technology -> IObit) <==== ATTENTION Task: {BBA0AA86-24A2-4A0F-B2F6-584A7C929563} - System32\Tasks\G2MUpdateTask-S-1-5-21-2352705691-491874430-4063245790-1001 => C:\Users\aemtp\AppData\Local\GoToMeeting\19584\g2mupdate.exe [31320 2021-03-25] (LogMeIn, Inc. -> LogMeIn, Inc.) Task: {C0F4525A-C716-4761-910A-02E07656BC0E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C6A9F77E-E210-471D-8455-1E332D12F29F} - System32\Tasks\GraphicsCardEngine => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngineStarter.exe [233184 2020-12-16] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) Task: {E48D4E53-CCB5-4B39-96EA-38F65976A7D3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {EC7F49C8-DF7D-4409-8437-C74943AC56BD} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {EFC66F7F-E1C1-47A6-B5A9-5AFD00656C9A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {F2E4046D-D6F8-40CD-9C47-EDD37065176E} - System32\Tasks\SIV => C:\Program Files (x86)\GIGABYTE\SIV\thermald.exe [387992 2021-01-29] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) Task: {F4634EEA-6B7D-4B22-B8F8-C86FDAF8D0A5} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [694752 2021-02-22] (Mozilla Corporation -> Mozilla Foundation) Task: {FFC05570-23B5-4B22-B544-5FC8CD344486} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2352705691-491874430-4063245790-1001.job => C:\Users\aemtp\AppData\Local\GoToMeeting\19584\g2mupdate.exe Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2352705691-491874430-4063245790-1001.job => C:\Users\aemtp\AppData\Local\GoToMeeting\19584\g2mupload.exe Task: C:\WINDOWS\Tasks\update-S-1-5-21-2352705691-491874430-4063245790-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.10.2 Tcpip\..\Interfaces\{89834f3d-6ff3-440e-8d53-f3230506c013}: [DhcpNameServer] 192.168.10.2 Tcpip\..\Interfaces\{a94f970a-5938-44b1-a15b-39863d1b40f7}: [DhcpNameServer] 192.168.10.2 Edge: ======= Edge Profile: C:\Users\aemtp\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-02] FireFox: ======== FF DefaultProfile: rm7th7wp.default FF ProfilePath: C:\Users\aemtp\AppData\Roaming\Mozilla\Firefox\Profiles\rm7th7wp.default [2020-03-25] FF ProfilePath: C:\Users\aemtp\AppData\Roaming\Mozilla\Firefox\Profiles\orrr4xiq.default-release [2021-03-11] FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2019-12-09] [Legacy] [not signed] FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2352705691-491874430-4063245790-1001: tdameritrade.com/thinkorswim -> C:\Program Files\thinkorswim\npthinkorswim.dll [2021-03-25] (TD Ameritrade -> TD Ameritrade) FF Plugin HKU\S-1-5-21-2352705691-491874430-4063245790-1001: tdameritrade.com/tossc -> C:\Program Files\thinkorswim\nptossc.dll [2021-03-25] (TD Ameritrade -> TD Ameritrade) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default [2021-04-02] CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://web.whatsapp.com CHR Session Restore: Default -> is enabled. CHR Extension: (Slides) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-12-01] CHR Extension: (Old Layout for Facebook) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\abmkkackbbimmdbfjdilpnfaegaeagge [2020-12-27] CHR Extension: (DocHub - Edit and Sign PDF Documents) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\adgncicbhbjfpijkdmbijninnhnmiblj [2019-12-01] CHR Extension: (Prophet) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\alikckkmddkoooodkchoheabgakpopmg [2020-12-27] CHR Extension: (Docs) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-12-01] CHR Extension: (Google Drive) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-27] CHR Extension: (Unlocker for WakeLockDetector) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgeplmmblegmdackkcemjkpngngocgjp [2020-09-30] CHR Extension: (BBOalert) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjgihidachainhhhilkeemegdhehnlcf [2021-03-24] CHR Extension: (Google Docs Quick Create) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\bldgenmjegcnjebiongilahhcjldgmlm [2019-12-01] CHR Extension: (DocuSign eSignature for Chrome) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blkboeaihdlecgdjjgkcabbacndbjibc [2021-04-02] CHR Extension: (YouTube) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-12-01] CHR Extension: (Honey) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2021-03-24] CHR Extension: (Enable Right Click) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\bofdamlbkfkjnecfjbhpncokfalmmbii [2020-08-15] CHR Extension: (Mogicons) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpgpffljkgjmijjdmjbdppndoojdgboe [2019-12-01] CHR Extension: (Revert Site) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdnkbhnblhjdjifeibckehifjocllaja [2021-04-02] CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-02-02] CHR Extension: (Send to Kindle for Google Chrome) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdjpilhipecahhcilnafpblkieebhea [2020-12-27] CHR Extension: (Library Extension) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\chkgcmmjoejpekoegkedcpifgfhpjmec [2021-03-24] CHR Extension: (Pushbullet) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2021-03-24] CHR Extension: (Do Not Track) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckdcpbflcbeillmamogkpmdhnbeggfja [2019-12-01] CHR Extension: (Eno® from Capital One®) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\clmkdohmabikagpnhjmgacbclihgmdje [2021-03-31] CHR Extension: (Adblock for Youtube™) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2020-12-27] CHR Extension: (Tampermonkey) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2020-12-28] CHR Extension: (Gmelius for Gmail) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\dheionainndbbpoacpnopgmnihkcmnkl [2020-12-27] CHR Extension: (Zamzar - Convert Files) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkddichhdneakoipnkclldommdcplil [2019-12-01] CHR Extension: (Right Click Email for Gmail) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnlfochnjjonhempkinfokflaclicokg [2019-12-01] CHR Extension: (Pushline: PC/Mac Desktop Notifications) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\dojblmhfhjilfpkfakgfenpeoajdomkj [2019-12-01] CHR Extension: (Dropbox for Gmail) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2019-12-01] CHR Extension: (Adobe Acrobat) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-11] CHR Extension: (Email Finder) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\einnffiilpmgldkapbikhkeicohlaapj [2020-12-27] CHR Extension: (Share link via email) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejdbkikfbnnhmachnnomjfgjbgkcnjkb [2020-08-16] CHR Extension: (Sheets) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-12-01] CHR Extension: (Stylish - Custom themes for any website) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2019-12-01] CHR Extension: (Chrome Remote Desktop) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-12-01] CHR Extension: (Office Editing for Docs, Sheets & Slides) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2021-03-11] CHR Extension: (Google Docs Offline) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-16] CHR Extension: (DocuSign - Secure Electronic Signature) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\goblijolcnempeilmnkmfbhohlpngemd [2019-12-01] CHR Extension: (Unlimited Email Tracker) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\gojogohjgpelafgaeejgelmplndppifh [2021-02-26] CHR Extension: (Piggy - Automatic Coupons & Cash Back) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfapbcheiepjppjbnkphkmegjlipojba [2021-03-24] CHR Extension: (LinkedIn Sales Navigator) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\hihakjfhbmlmjdnnhegiciffjplmdhin [2019-12-01] CHR Extension: (Go To Playing Tab) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmbhamadknmmkapmhbldodoajkcggcml [2020-06-29] CHR Extension: (Social Fixer for Facebook) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb [2021-04-02] CHR Extension: (Adobe Edge Inspect CC) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijoeapleklopieoejahbpdnhkjjgddem [2019-12-01] CHR Extension: (RPost for Gmail) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\inobjcmbajbmllkgkigemcfnikdmlidn [2020-12-27] CHR Extension: (Bookmark Sidebar) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdbnofccmhefkmjbkkdkfiicjkgofkdh [2021-02-02] CHR Extension: (Spell Checker for Chrome) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfpdnkkdgghlpdgldicfgnnnkhdfhocg [2020-05-24] CHR Extension: (Google Forms) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhknlonaankphkkbnmjdlpehkinifeeg [2019-12-01] CHR Extension: (Find anyone's email - Contact Out) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjdemeiffadmmjhkbbpglgnlgeafomjo [2021-04-02] CHR Extension: (RetailMeNot Deal Finder™️) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjfblogammkiefalfpafidabbnamoknm [2021-02-26] CHR Extension: (Multi Forward for Gmail) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjmdplljmniahpamcmabdnahmjdlikpm [2019-12-01] CHR Extension: (Cisco Webex Extension) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2021-03-31] CHR Extension: (Grammarly for Chrome) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2021-03-31] CHR Extension: (Tracking Token Stripper) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcpnkledgcbobhkgimpbmejgockkplob [2021-03-24] CHR Extension: (Social Video Downloader) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfnnoammpigcglgbhcbbdpnekbcddahe [2021-02-12] CHR Extension: (Zoom Scheduler) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgjfgplpablkjnlkjmjdecgdpfankdle [2021-02-02] CHR Extension: (The Great Suspender) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2020-06-07] CHR Extension: (Create a Google Drawing) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpokcochphjjoagmbihjmmlcjikaccmd [2019-12-13] CHR Extension: (Ugly Email) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldgiafaliifpknmgofiifianlnbgflgj [2020-12-27] CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-23] CHR Extension: (AwardWallet) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\lppkddfmnlpjbojooindbmcokchjgbib [2020-12-27] CHR Extension: (AirDroid Remote Control Plugin) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\macmgoeeggnlnmpiojbcniblabkdjphe [2019-12-01] CHR Extension: (Lightshot (screenshot tool)) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2020-01-29] CHR Extension: (Boomerang for Gmail) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll [2019-12-01] CHR Extension: (UltraSurf Security, Privacy & Unblock VPN) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjnbclmflcpookeapghfhapeffmpodij [2021-02-27] CHR Extension: (Google Drawings) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkaakpdehdafacodkgkpghoibnmamcme [2019-12-01] CHR Extension: (Easy disposable email address) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkpfodpjhekjdhkchalfflggeoamfajh [2019-12-01] CHR Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2021-02-27] CHR Extension: (Office) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndjpnladcallmjemlbaebfadecfhkepb [2021-02-12] CHR Extension: (Email Tracker for Gmail - Mailtrack) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndnaehgpjlnokgebbaldlmgkapkpjkkb [2021-03-31] CHR Extension: (Capital One Shopping: Save in seconds) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2021-04-01] CHR Extension: (Ears: Bass Boost, EQ Any Audio!) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfdfiepdkbnoanddpianalelglmfooik [2019-12-01] CHR Extension: (Autofill) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmmgnhgdeffjkdckmikfpnddkbbfkkk [2021-02-02] CHR Extension: (Crystal) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmaonghoefpmlfgaknnboiekjhfpmajh [2021-04-02] CHR Extension: (F.B.(FluffBusting)Purity) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkinhboiljjkhaknpaeaicmdjhagpep [2021-03-16] CHR Extension: (Chrome Web Store Payments) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-02] CHR Extension: (Email Privacy Protector: Is My Email Tracked?) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocodabmcnjfjeioonacpommjjlmhbccg [2020-06-22] CHR Extension: (RocketReach Chrome Extension - Find any Email) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiecklaabeielolbliiddlbokpfnmhba [2021-02-02] CHR Extension: (HubSpot Sales) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiiaigjnkhngdbnoookogelabohpglmd [2021-02-26] CHR Extension: (diagrams.net) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlkggianjhjenigcpigpjehhpplldkc [2020-05-24] CHR Extension: (TeamViewer) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\oooiobdokpcfdlahlmcddobejikcmkfo [2019-12-11] CHR Extension: (Amazon Assistant for Chrome) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2021-04-02] CHR Extension: (Pluto TV – Watch Free TV And Movies) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdkimnjejgchcbcapfjpdaaiigdkocmh [2020-06-17] CHR Extension: (Fusion Tables (experimental)) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfoeakahkgllhkommkfeehmkfcloagkl [2019-12-01] CHR Extension: (Ads Killer Adblocker Plus) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgbllmbdjgcalkoimdfcpknbjgnhjclg [2019-12-01] CHR Extension: (Speedtest by Ookla) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjjikdiikihdfpoppgaidccahalehjh [2020-05-24] CHR Extension: (Send from Gmail (by Google)) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc [2019-12-01] CHR Extension: (Gmail) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-28] CHR Extension: (Chrome Media Router) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-24] CHR Profile: C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-04-02] CHR Notifications: Profile 1 -> hxxps://www.facebook.com; hxxps://www.messenger.com CHR Session Restore: Profile 1 -> is enabled. CHR Extension: (Slides) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-12-01] CHR Extension: (Docs) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2019-12-01] CHR Extension: (Google Drive) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-27] CHR Extension: (YouTube) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-12-01] CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-02-02] CHR Extension: (award.flights) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cgkmhlnbmfjmlplmcdnannneiplmjiba [2020-01-03] CHR Extension: (Emoji Keyboard) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\chmaijbnjdnkjknoigffoohjhpejjppd [2020-12-27] CHR Extension: (Search by Image (by Google)) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2019-12-01] CHR Extension: (Tampermonkey) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2020-12-28] CHR Extension: (award.flights AwardFinder) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dkmdpdpnihcmgndoolimdhfmljfpgnif [2019-12-01] CHR Extension: (United.com Expert Search Tools) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\edjlljpepdkphlniodlghlnjpihdklpb [2019-12-01] CHR Extension: (Adobe Acrobat) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-02-26] CHR Extension: (Share link via email) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ejdbkikfbnnhmachnnomjfgjbgkcnjkb [2020-08-16] CHR Extension: (WhatsGreen Multi Messenger) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\emipoepfakonicaobeeejombhfkbicld [2021-02-19] CHR Extension: (Sheets) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-12-01] CHR Extension: (Google Docs Offline) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-24] CHR Extension: (Enable Right Click) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gpeddepmnbmkjfnhifmggnjdggibjjkf [2019-12-21] CHR Extension: (TinEye Reverse Image Search) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2019-12-01] CHR Extension: (Go To Playing Tab) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hmbhamadknmmkapmhbldodoajkcggcml [2020-06-29] CHR Extension: (Disconnect) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2020-12-27] CHR Extension: (Spell Checker for Chrome) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jfpdnkkdgghlpdgldicfgnnnkhdfhocg [2020-05-24] CHR Extension: (WhichAirline Flight Search) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jobmmpcaponiamfoeppanpcbmakndnno [2019-12-01] CHR Extension: (Grammarly for Chrome) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2021-03-31] CHR Extension: (RevEye Reverse Image Search) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\keaaclcjhehbbapnphnmpiklalfhelgf [2021-01-23] CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-23] CHR Extension: (AwardWallet) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lppkddfmnlpjbojooindbmcokchjgbib [2020-12-27] CHR Extension: (DL Award Chart Overlay) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ndindkdecihgobflcinpiliibhhlapib [2019-12-01] CHR Extension: (Email Tracker for Gmail - Mailtrack) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ndnaehgpjlnokgebbaldlmgkapkpjkkb [2021-03-31] CHR Extension: (Free Email Tracker by cloudHQ) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nknojfclnachdkpdkjbbhbkgpnladhnj [2021-01-02] CHR Extension: (Chrome Web Store Payments) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-02] CHR Extension: (FetLife Enhancer) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\npiplmoaekhkgpppcgdafjkgdalojejo [2020-02-26] CHR Extension: (Gmail) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-28] CHR Extension: (Chrome Media Router) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-24] CHR Profile: C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 2 [2021-04-02] CHR Session Restore: Profile 2 -> is enabled. CHR Extension: (Slides) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-12-02] CHR Extension: (Docs) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2019-12-02] CHR Extension: (Google Drive) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-27] CHR Extension: (YouTube) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-12-02] CHR Extension: (Adobe Acrobat) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-11] CHR Extension: (Sheets) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-12-02] CHR Extension: (Google Docs Offline) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-11] CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-23] CHR Extension: (Keepa - Amazon Price Tracker) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\neebplgakaahbhdphmkckjjcegoiijjo [2021-03-11] CHR Extension: (Chrome Web Store Payments) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-02] CHR Extension: (Amazon Assistant for Chrome) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2021-04-02] CHR Extension: (Gmail) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-27] CHR Extension: (Chrome Media Router) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-24] CHR Profile: C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 3 [2021-04-02] CHR Notifications: Profile 3 -> hxxps://1.colorpicturedmode.me CHR DefaultSearchURL: Profile 3 -> hxxps://duckduckgo.com/?q={searchTerms} CHR DefaultSearchKeyword: Profile 3 -> duckduckgo.com CHR DefaultSuggestURL: Profile 3 -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list CHR Session Restore: Profile 3 -> is enabled. CHR Extension: (Slides) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-12-02] CHR Extension: (Simple Allow Copy) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aefehdhdciieocakfobpaaolhipkcpgc [2020-08-16] CHR Extension: (Docs) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2019-12-02] CHR Extension: (Google Drive) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-27] CHR Extension: (DuckDuckGo) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2021-04-02] CHR Extension: (YouTube) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-12-02] CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-02-02] CHR Extension: (Adobe Acrobat) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-11] CHR Extension: (Copy Paste Pro) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\epgndihjbcepnbadocaoofjnfaophlio [2020-06-27] CHR Extension: (Sheets) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-12-02] CHR Extension: (Converter for Excel) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\geenipmnncdadogjkpolcjpehkiohlej [2021-02-12] CHR Extension: (Google Docs Offline) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-16] CHR Extension: (Docs Creator) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\glidbdbacfjioedheokaociibpcijiha [2021-03-24] CHR Extension: (Multi Copy Paste) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ibmfjlooblljekheeocbbpjlgihajilb [2020-06-27] CHR Extension: (HiddenTools for Google Chrome™) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\jhcdplpmjpchlfjfihdpimbakifjnnda [2020-07-18] CHR Extension: (Grammarly for Chrome) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2021-03-31] CHR Extension: (Allow Select And Copy) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lamaakaemgdclpnfbofmhpkanfnojjch [2020-06-27] CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-23] CHR Extension: (Google Drawings) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\mkaakpdehdafacodkgkpghoibnmamcme [2019-12-13] CHR Extension: (Email Tracker for Gmail - Mailtrack) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ndnaehgpjlnokgebbaldlmgkapkpjkkb [2021-03-31] CHR Extension: (Don't Fuck With Paste) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nkgllhigpcljnhoakjkgaieabnkmgdkb [2020-06-27] CHR Extension: (Free Email Tracker by cloudHQ) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nknojfclnachdkpdkjbbhbkgpnladhnj [2021-01-02] CHR Extension: (F.B.(FluffBusting)Purity) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmkinhboiljjkhaknpaeaicmdjhagpep [2021-03-16] CHR Extension: (Chrome Web Store Payments) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-02] CHR Extension: (TeamViewer) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\oooiobdokpcfdlahlmcddobejikcmkfo [2019-12-11] CHR Extension: (Netflix Hidden Categories) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pajmfnmlmcknmehpcklomlblpdcpdmgg [2020-12-28] CHR Extension: (Gmail) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-28] CHR Extension: (Chrome Media Router) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-24] CHR Profile: C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 4 [2021-04-02] CHR Session Restore: Profile 4 -> is enabled. CHR Extension: (Slides) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-01-02] CHR Extension: (Docs) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2020-01-02] CHR Extension: (Google Drive) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-28] CHR Extension: (YouTube) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-01-02] CHR Extension: (Adobe Acrobat) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-11] CHR Extension: (Sheets) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-01-02] CHR Extension: (Google Docs Offline) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-16] CHR Extension: (Grammarly for Chrome) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2021-03-31] CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-23] CHR Extension: (Email Tracker for Gmail - Mailtrack) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ndnaehgpjlnokgebbaldlmgkapkpjkkb [2021-03-31] CHR Extension: (Chrome Web Store Payments) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-02] CHR Extension: (uBlock Plus Adblocker) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\oofnbdifeelbaidfgpikinijekkjcicg [2020-01-02] CHR Extension: (Gmail) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-27] CHR Extension: (Chrome Media Router) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-24] CHR Profile: C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 5 [2020-06-28] CHR Extension: (Slides) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-06-23] CHR Extension: (Docs) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aohghmighlieiainnegkcijnfilokake [2020-06-23] CHR Extension: (Google Drive) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-06-23] CHR Extension: (YouTube) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-06-23] CHR Extension: (Adobe Acrobat) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-06-23] CHR Extension: (Sheets) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-06-23] CHR Extension: (Google Docs Offline) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-06-23] CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-06-23] CHR Extension: (Chrome Web Store Payments) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-06-23] CHR Extension: (Gmail) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-06-23] CHR Extension: (Chrome Media Router) - C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-23] CHR Profile: C:\Users\aemtp\AppData\Local\Google\Chrome\User Data\System Profile [2020-12-30] CHR HKU\S-1-5-21-2352705691-491874430-4063245790-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) S3 AppleChargerSrv; C:\WINDOWS\System32\AppleChargerSrv.exe [31272 2010-04-06] (Giga-Byte Technology -> ) R2 BoxUpdateSvc; C:\Program Files\Box\Box\Box.Desktop.UpdateService.exe [97616 2021-01-13] (Box, Inc. -> Box, Inc.) R2 BrAuSvc; C:\Program Files (x86)\Brother\BRPrintAuditor\Brsvau3a.exe [71712 2018-05-01] (Brother Industries, Ltd. -> brother Industries Ltd) R2 BRPA_Agent; C:\Program Files (x86)\Brother\BRPrintAuditor\BRAgtSrv.exe [161312 2018-05-01] (Brother Industries, Ltd. -> ) R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [595288 2019-03-21] (cFos Software GmbH -> cFos Software GmbH) R2 EasyTuneEngineService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe [142904 2021-02-02] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (SEIKO EPSON Corporation -> Seiko Epson Corporation) R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [2357936 2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA) R2 gadjservice; C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe [17920 2015-06-25] () [File not signed] S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1677384 2020-08-12] (GOG Sp. z o.o. -> GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-02-26] (GOG Sp. z o.o. -> GOG.com) R2 Gservice; C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe [19888 2016-12-02] (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft) S3 HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [128920 2021-01-29] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) R2 ManyCam Service; C:\ProgramData\ManyCam\Service\ManyCamService.exe [544984 2016-03-31] (ManyCam -> Visicom Media Inc.) R2 MBAMService; d:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-03-31] (Malwarebytes Inc -> Malwarebytes) R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed] R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility Inc. -> Motorola Mobility LLC) R2 nebula; C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe [4490376 2020-09-18] (Logitech Inc -> Logitech) S2 OcButtonService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\OcButtonService.exe [125664 2020-12-16] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12849960 2021-03-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R2 WBA_Agent_Client; C:\Program Files (x86)\Brother\BRAgent\BRAgtSrv.exe [3146576 2019-11-01] (Brother Industries, Ltd. -> ) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_4f0927d2d65e905f\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_4f0927d2d65e905f\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 AmdTools64; C:\WINDOWS\System32\drivers\AmdTools64.sys [63392 2020-06-16] (Microsoft Windows Hardware Compatibility Publisher -> ) R1 AppleCharger; C:\WINDOWS\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-04] (Bluestack Systems, Inc -> Bluestack System Inc.) R2 BlueStacksDrv_bgp64; C:\Program Files\BlueStacks_bgp64\BstkDrv_bgp64.sys [315976 2020-10-04] (Bluestack Systems, Inc -> Bluestack System Inc.) S2 BrPar; C:\Windows\SysWOW64\drivers\BrPar.sys [19537 2018-05-01] (Brother Industries Ltd.) [File not signed] S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed] R1 cbfsconnect2017; C:\WINDOWS\system32\drivers\cbfsconnect2017.sys [480272 2019-10-07] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc.) R1 cFosSpeed; C:\WINDOWS\system32\DRIVERS\cfosspeed6.sys [1595456 2019-03-21] (cFos Software GmbH -> cFos Software GmbH) R3 clwvd9; C:\WINDOWS\System32\drivers\clwvd9.sys [60984 2019-09-08] (CyberLink Corp. -> CyberLink Corporation) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R1 EneTechIo; C:\Windows\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> ) R3 gdrv2; C:\Windows\gdrv2.sys [32600 2019-12-01] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.) R1 googledrivefs3301; C:\WINDOWS\System32\DRIVERS\googledrivefs3301.sys [132456 2020-11-17] (Google LLC -> Google, Inc.) S3 GVCIDrv; C:\Program Files (x86)\GIGABYTE\RGBFusion\GVCIDrv64.sys [18432 2019-12-08] (Microsoft Windows Hardware Compatibility Publisher -> ) R3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [66952 2018-07-29] (ManyCam (VISICOM MÉDIA INC.) -> Visicom Media Inc.) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220616 2021-03-31] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-03-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-03-31] (Malwarebytes Inc -> Malwarebytes) R3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-28] (ManyCam -> Visicom Media Inc.) R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [17424 2021-03-11] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S1 UsbCharger; C:\WINDOWS\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-03-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420072 2021-03-16] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-16] (Microsoft Windows -> Microsoft Corporation) S3 WinRing0_1_2_0; C:\Program Files (x86)\GIGABYTE\RGBFusion\MODAPI.sys [14544 2020-06-17] (Noriyuki MIYAZAKI -> OpenLibSys.org) S3 WLRAWMp50x64; C:\WINDOWS\System32\Drivers\WLRAWMp50x64.sys [35352 2013-10-31] (Logitech Inc -> Logitech, Inc.) S3 WLRAWMp50x64; C:\Windows\SysWOW64\Drivers\WLRAWMp50x64.sys [35352 2013-10-31] (Logitech Inc -> Logitech, Inc.) S3 WLRAWSp50x64; C:\WINDOWS\System32\Drivers\WLRAWSp50x64.sys [34328 2013-10-31] (Logitech Inc -> Logitech, Inc.) S3 WLRAWSp50x64; C:\Windows\SysWOW64\Drivers\WLRAWSp50x64.sys [34328 2013-10-31] (Logitech Inc -> Logitech, Inc.) S3 XSplit_Dummy; C:\WINDOWS\system32\drivers\xspltspk.sys [26200 2016-06-15] (Splitmedialabs Limited -> SplitmediaLabs Limited) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2021-04-02 12:57 - 2021-04-02 12:57 - 000000000 ____D C:\Users\aemtp\Downloads\FRST-OlderVersion 2021-04-02 12:56 - 2021-04-02 12:56 - 000000000 __RDL C:\Users\aemtp\Box 2021-04-02 12:56 - 2021-04-02 12:56 - 000000000 ___HD C:\$AV_AVG 2021-03-31 16:45 - 2021-03-31 16:45 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2021-03-31 16:45 - 2021-03-31 16:45 - 000220616 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2021-03-31 16:45 - 2021-03-31 16:45 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2021-03-31 16:45 - 2021-03-31 16:45 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2021-03-31 16:45 - 2021-03-31 16:45 - 000000976 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-03-31 16:45 - 2021-03-31 16:45 - 000000976 _____ C:\ProgramData\Desktop\Malwarebytes.lnk 2021-03-31 16:45 - 2021-03-31 16:45 - 000000000 ____D C:\Users\aemtp\AppData\Local\mbam 2021-03-31 16:45 - 2021-03-31 16:45 - 000000000 ____D C:\ProgramData\Malwarebytes 2021-03-31 16:43 - 2021-04-02 11:52 - 000000000 ____D C:\AdwCleaner 2021-03-30 20:20 - 2021-03-30 20:20 - 008534696 _____ (Malwarebytes) C:\Users\aemtp\Downloads\AdwCleaner.exe 2021-03-30 20:19 - 2021-03-30 20:19 - 002084016 _____ (Malwarebytes) C:\Users\aemtp\Downloads\MBSetup.exe 2021-03-30 19:22 - 2021-03-30 19:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software 2021-03-30 12:17 - 2021-04-02 12:59 - 000000000 ____D C:\Users\aemtp\Desktop\virus scan 2021-03-30 12:15 - 2021-03-30 12:16 - 000160385 _____ C:\Users\aemtp\Downloads\Addition.txt 2021-03-30 12:13 - 2021-04-02 13:00 - 000000000 ____D C:\FRST 2021-03-30 12:13 - 2021-04-02 12:57 - 000000393 _____ C:\Users\aemtp\Downloads\FRST.txt 2021-03-29 23:47 - 2021-03-29 23:47 - 000123957 _____ C:\Users\aemtp\Downloads\Florida Land Trust - 2020 (2).pdf 2021-03-29 23:47 - 2021-03-29 23:47 - 000123957 _____ C:\Users\aemtp\Downloads\Florida Land Trust - 2020 (1).pdf 2021-03-29 11:57 - 2021-03-29 11:57 - 000000000 ____D C:\Users\aemtp\AppData\Roaming\AVG 2021-03-29 11:56 - 2021-03-29 11:56 - 000053616 _____ () C:\WINDOWS\system32\Drivers\staport.sys 2021-03-29 11:55 - 2021-03-29 11:55 - 000850248 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\asw4b0c4acbc4f029df.tmp 2021-03-29 11:55 - 2021-03-29 11:55 - 000524544 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\aswb9a08bc49eb1dd0d.tmp 2021-03-29 11:55 - 2021-03-29 11:55 - 000466808 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\asw283d75214625d12e.tmp 2021-03-29 11:55 - 2021-03-29 11:55 - 000365592 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\aswd35ee59496dd0c8a.tmp 2021-03-29 11:55 - 2021-03-29 11:55 - 000340224 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe 2021-03-29 11:55 - 2021-03-29 11:55 - 000327104 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\aswed71c87c035442df.tmp 2021-03-29 11:55 - 2021-03-29 11:55 - 000250392 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\asw8ad8069a9c016236.tmp 2021-03-29 11:55 - 2021-03-29 11:55 - 000216488 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\asw99b3cb18f36afa93.tmp 2021-03-29 11:55 - 2021-03-29 11:55 - 000208688 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\asw67fc997623db1cca.tmp 2021-03-29 11:55 - 2021-03-29 11:55 - 000178000 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\asw4477054a23f32c17.tmp 2021-03-29 11:55 - 2021-03-29 11:55 - 000107920 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\asw1cd0838a14a0562a.tmp 2021-03-29 11:55 - 2021-03-29 11:55 - 000099376 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\aswa2a73b537aa7038e.tmp 2021-03-29 11:55 - 2021-03-29 11:55 - 000083496 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\aswa999eea98712beef.tmp 2021-03-29 11:55 - 2021-03-29 11:55 - 000041416 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\aswdd4f6c06fcd545f0.tmp 2021-03-29 11:55 - 2021-03-29 11:55 - 000035792 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\aswa1581da92070e9a3.tmp 2021-03-29 11:55 - 2021-03-29 11:55 - 000016832 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\aswab10d82ed2e7dee5.tmp 2021-03-29 11:55 - 2021-03-29 11:55 - 000000000 ____D C:\Program Files\Common Files\AVG 2021-03-29 11:54 - 2021-04-02 12:52 - 000000000 ____D C:\ProgramData\AVG 2021-03-29 11:54 - 2021-03-29 11:54 - 000259344 _____ (AVG Technologies CZ, s.r.o.) C:\Users\aemtp\Downloads\avg_antivirus_free_setup.exe 2021-03-29 04:03 - 2021-03-29 04:03 - 001584807 _____ C:\Users\aemtp\AppData\Local\census.cache 2021-03-29 04:03 - 2021-03-29 04:03 - 000521751 _____ C:\Users\aemtp\AppData\Local\ars.cache 2021-03-28 18:31 - 2021-03-28 18:31 - 003333944 _____ (Trend Micro Inc.) C:\Users\aemtp\Downloads\HousecallLauncher64.exe 2021-03-28 18:31 - 2021-03-28 18:31 - 000000036 _____ C:\Users\aemtp\AppData\Local\housecall.guid.cache 2021-03-28 14:45 - 2021-03-28 14:45 - 000314356 _____ C:\Users\aemtp\Downloads\combinepdf.pdf 2021-03-28 14:41 - 2021-03-28 14:41 - 000309770 _____ C:\Users\aemtp\Documents\scan006.pdf 2021-03-28 14:39 - 2021-03-28 14:39 - 000007022 _____ C:\Users\aemtp\Documents\LLC, Investment Club, or Partnership Account Application-TDA 0321.pdf 2021-03-27 15:23 - 2021-03-27 15:23 - 000000194 _____ C:\Users\aemtp\Downloads\notarypublic 2021-03-27 11:13 - 2021-03-27 11:13 - 000000000 ____D C:\Users\aemtp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom 2021-03-26 19:24 - 2021-03-26 19:24 - 000118274 _____ C:\Users\aemtp\Downloads\Assignment of Personal Property to Trust.pdf 2021-03-26 19:24 - 2021-03-26 19:24 - 000038139 _____ C:\Users\aemtp\Downloads\Assignment of Stock to Living Trust.pdf 2021-03-26 19:23 - 2021-03-26 19:23 - 000254096 _____ C:\Users\aemtp\Downloads\Auto Trust.pdf 2021-03-25 07:18 - 2021-03-25 07:20 - 769049744 _____ C:\Users\aemtp\Downloads\FR3T-14D544-AN.zip 2021-03-24 16:34 - 2021-03-24 16:34 - 000000671 _____ C:\Users\aemtp\Downloads\DataGridExport_Mar24_16.34.45.csv 2021-03-20 17:23 - 2021-03-20 17:23 - 002603783 _____ C:\Users\aemtp\Downloads\2372027_432144.pdf 2021-03-20 16:50 - 2021-03-20 16:50 - 003147033 _____ C:\Users\aemtp\Downloads\7000136076.pdf 2021-03-19 21:00 - 2021-03-19 21:00 - 000473411 _____ C:\Users\aemtp\Downloads\03300549402_2021-03-19.pdf 2021-03-16 16:20 - 2021-03-16 16:20 - 001255034 _____ C:\Users\aemtp\Desktop\scan004.pdf 2021-03-16 11:24 - 2021-03-16 11:24 - 000000045 _____ C:\WINDOWS\WF-3520.ini 2021-03-16 11:24 - 2021-03-16 11:24 - 000000000 ____D C:\Users\aemtp\AppData\Roaming\Leadertech 2021-03-16 11:22 - 2021-03-16 11:22 - 000000000 ____D C:\Program Files\EpsonNet 2021-03-16 11:22 - 2021-03-16 11:22 - 000000000 ____D C:\Program Files\EPSON 2021-03-16 11:22 - 2011-08-30 13:40 - 000535040 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppui.dll 2021-03-16 11:22 - 2011-08-30 13:40 - 000535040 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppui.dll 2021-03-16 11:22 - 2011-08-30 13:38 - 000558080 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppmon.dll 2021-03-16 11:22 - 2011-08-30 13:38 - 000558080 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppmon.dll 2021-03-16 11:22 - 2011-08-01 18:24 - 000250880 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enspres.dll 2021-03-16 11:22 - 2011-08-01 18:24 - 000250880 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enpres.dll 2021-03-16 11:20 - 2011-04-19 02:03 - 000120320 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_YLMJJE.DLL 2021-03-16 11:20 - 2011-03-14 02:03 - 000083968 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_YD4BJJE.DLL 2021-03-16 11:20 - 2007-04-10 00:06 - 000010752 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\E_GCINST.DLL 2021-03-16 11:16 - 2021-03-16 11:16 - 152151992 _____ C:\Users\aemtp\Downloads\epson15709.exe 2021-03-15 22:22 - 2021-03-15 22:22 - 000040130 _____ C:\Users\aemtp\Downloads\HUD Settlement Statement for 21-0152EY.pdf 2021-03-15 21:26 - 2021-03-15 21:26 - 000968839 _____ C:\Users\aemtp\Downloads\Collier-County-Real-Estate-62424080000-2020-Annual-bill.pdf 2021-03-14 13:54 - 2021-03-14 13:54 - 000218099 _____ C:\Users\aemtp\Desktop\PLITSTR126 REV K MagMounts.pdf 2021-03-12 18:35 - 2021-03-12 18:35 - 000124628 _____ C:\Users\aemtp\Downloads\014907.tif 2021-03-12 18:35 - 2021-03-12 18:35 - 000124628 _____ C:\Users\aemtp\Downloads\014907 (1).tif 2021-03-11 01:23 - 2021-03-11 01:23 - 000001399 _____ C:\ProgramData\Desktop\Caesar 3.lnk 2021-03-11 01:23 - 2021-03-11 01:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Caesar 3 [GOG.com] 2021-03-11 00:55 - 2021-03-11 00:55 - 016777216 _____ C:\bios.bin 2021-03-11 00:48 - 2021-03-11 00:48 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2021-03-11 00:48 - 2021-03-11 00:48 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2021-03-11 00:48 - 2021-03-11 00:48 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-03-11 00:48 - 2021-03-11 00:48 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-03-11 00:48 - 2021-03-11 00:48 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2021-03-11 00:48 - 2021-03-11 00:48 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2021-03-11 00:48 - 2021-03-11 00:48 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll 2021-03-11 00:48 - 2021-03-11 00:48 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll 2021-03-11 00:48 - 2021-03-11 00:48 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll 2021-03-11 00:48 - 2021-03-11 00:48 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2021-03-11 00:48 - 2021-03-11 00:48 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-03-11 00:41 - 2021-03-11 00:41 - 000000000 ____D C:\Users\aemtp\AppData\Local\WhatsApp 2021-03-11 00:40 - 2021-03-11 00:40 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-03-11 00:10 - 2021-03-11 00:10 - 000010752 _____ C:\WINDOWS\SetupAfterRebootService.exe 2021-03-11 00:05 - 2021-04-02 00:11 - 000002586 _____ C:\WINDOWS\system32\Tasks\GraphicsCardEngine 2021-03-11 00:03 - 2021-03-11 00:03 - 000017424 _____ (MICSYS Technology Co., LTd) C:\WINDOWS\system32\Drivers\MsIo64.sys 2021-03-11 00:03 - 2021-03-11 00:03 - 000002166 _____ C:\ProgramData\Desktop\RGBFusion 2.0.lnk 2021-03-11 00:03 - 2021-03-11 00:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AORUS 2021-03-10 23:51 - 2019-12-19 03:07 - 002877104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll 2021-03-10 23:48 - 2021-03-10 23:48 - 000000000 ____D C:\Users\aemtp\Documents\Avatar 2021-03-10 21:29 - 2021-03-10 21:31 - 000019701 _____ C:\Users\aemtp\Documents\covid get out.jfif 2021-03-10 21:29 - 2021-03-10 21:29 - 000349815 _____ C:\Users\aemtp\Documents\covid get out.html 2021-03-10 21:07 - 2021-03-10 21:07 - 000000000 ____D C:\Users\aemtp\AppData\Roaming\CyberLink 2021-03-10 21:06 - 2021-03-10 21:06 - 000000000 ____D C:\ProgramData\Documents\Cyberlink 2021-03-10 20:59 - 2021-04-02 12:56 - 000000000 ____D C:\Users\aemtp\Documents\YouCam 2021-03-10 20:59 - 2021-03-10 20:59 - 000002206 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam 9.lnk 2021-03-10 20:59 - 2021-03-10 20:59 - 000002194 _____ C:\ProgramData\Desktop\CyberLink YouCam 9.lnk 2021-03-10 20:59 - 2021-03-10 20:59 - 000001970 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam 9 Mirror.lnk 2021-03-10 20:59 - 2021-03-10 20:59 - 000000000 ____D C:\Users\aemtp\AppData\Local\CyberLink 2021-03-10 20:59 - 2021-03-10 20:59 - 000000000 ____D C:\ProgramData\install_clap 2021-03-10 20:59 - 2021-03-10 20:59 - 000000000 ____D C:\Program Files (x86)\NSIS Uninstall Information 2021-03-10 20:59 - 2021-03-10 20:59 - 000000000 ____D C:\Program Files (x86)\CyberLink 2021-03-10 20:59 - 2019-09-08 17:03 - 000060984 _____ (CyberLink Corporation) C:\WINDOWS\system32\Drivers\clwvd9.sys 2021-03-10 20:57 - 2021-03-10 21:01 - 000000000 ____D C:\ProgramData\CyberLink 2021-03-10 20:57 - 2021-03-10 20:57 - 001164032 _____ (CyberLink) C:\Users\aemtp\Downloads\CyberLink_YouCam_Downloader.exe 2021-03-10 15:21 - 2021-03-10 15:21 - 000319550 _____ C:\Users\aemtp\Downloads\AssessmentForm (2).pdf 2021-03-10 15:21 - 2021-03-10 15:21 - 000290453 _____ C:\Users\aemtp\Downloads\Refusal (2).pdf 2021-03-10 14:55 - 2021-03-10 14:55 - 000292983 _____ C:\Users\aemtp\Downloads\Refusal (1).pdf 2021-03-10 14:52 - 2021-03-10 14:52 - 000309201 _____ C:\Users\aemtp\Downloads\AssessmentForm.pdf 2021-03-10 14:52 - 2021-03-10 14:52 - 000309201 _____ C:\Users\aemtp\Downloads\AssessmentForm (1).pdf 2021-03-10 14:51 - 2021-03-10 14:51 - 000292983 _____ C:\Users\aemtp\Downloads\Refusal.pdf 2021-03-08 16:16 - 2021-03-08 16:16 - 003742177 _____ C:\Users\aemtp\Downloads\Report-728 108th Avenue N (1).pdf 2021-03-08 16:11 - 2021-03-08 16:11 - 003742211 _____ C:\Users\aemtp\Downloads\Report-728 108th Avenue N.pdf ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2021-04-02 12:57 - 2019-12-01 18:52 - 000000000 ____D C:\ProgramData\NVIDIA 2021-04-02 12:56 - 2020-12-30 12:26 - 000001301 _____ C:\Users\aemtp\Desktop\Box.lnk 2021-04-02 12:56 - 2020-08-31 21:02 - 000000000 ____D C:\Users\aemtp 2021-04-02 12:56 - 2020-08-31 01:37 - 000000000 ____D C:\Users\aemtp\AppData\Local\AtHomeVideoStreamer 2021-04-02 12:56 - 2020-06-30 14:43 - 000000000 ___RD C:\Users\aemtp\Google Drive (yallarealty1@gmail.com) 2021-04-02 12:56 - 2019-12-31 02:42 - 000000000 ___RD C:\Users\aemtp\Google Drive 2021-04-02 12:56 - 2019-12-01 17:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE 2021-04-02 12:55 - 2020-08-31 21:13 - 000008192 ___SH C:\DumpStack.log.tmp 2021-04-02 12:55 - 2020-08-17 09:54 - 000000059 _____ C:\WINDOWS\SysWOW64\BRAgent.dat 2021-04-02 12:55 - 2019-12-08 04:28 - 000000000 ____D C:\Temp 2021-04-02 12:55 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-04-02 12:55 - 2019-12-02 08:57 - 000000000 ____D C:\ProgramData\EPSON 2021-04-02 12:55 - 2019-12-01 18:40 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2021-04-02 12:54 - 2020-08-31 21:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-04-02 12:54 - 2020-01-28 20:43 - 000000658 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2352705691-491874430-4063245790-1001.job 2021-04-02 12:54 - 2020-01-28 20:43 - 000000562 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2352705691-491874430-4063245790-1001.job 2021-04-02 12:54 - 2019-12-06 09:58 - 000000420 _____ C:\WINDOWS\Tasks\update-sys.job 2021-04-02 12:54 - 2019-12-06 09:58 - 000000420 _____ C:\WINDOWS\Tasks\update-S-1-5-21-2352705691-491874430-4063245790-1001.job 2021-04-02 12:52 - 2020-08-31 22:06 - 000000000 _____ C:\WINDOWS\system32\Drivers\lvuvc.hs 2021-04-02 12:52 - 2019-12-07 05:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2021-04-02 11:52 - 2020-06-29 17:54 - 000000000 ____D C:\Users\aemtp\AppData\Roaming\discord 2021-04-02 11:52 - 2019-12-19 16:52 - 000000000 ____D C:\Users\aemtp\AppData\Roaming\IObit 2021-04-02 11:50 - 2020-08-31 21:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-04-02 10:55 - 2021-01-14 20:47 - 000000000 ____D C:\Program Files\thinkorswim 2021-04-02 00:15 - 2019-12-01 17:31 - 000002261 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-04-02 00:15 - 2019-12-01 17:31 - 000002220 _____ C:\ProgramData\Desktop\Google Chrome.lnk 2021-04-02 00:11 - 2021-01-23 16:48 - 000002604 _____ C:\WINDOWS\system32\Tasks\EasySettingBox 2021-04-02 00:11 - 2020-08-31 21:16 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2021-04-02 00:11 - 2020-08-31 21:16 - 000003408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-04-02 00:11 - 2020-08-31 21:16 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-04-02 00:11 - 2020-08-31 21:16 - 000003346 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2021-04-02 00:11 - 2020-08-31 21:16 - 000003252 _____ C:\WINDOWS\system32\Tasks\G2MUploadTask-S-1-5-21-2352705691-491874430-4063245790-1001 2021-04-02 00:11 - 2020-08-31 21:16 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-04-02 00:11 - 2020-08-31 21:16 - 000003184 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-04-02 00:11 - 2020-08-31 21:16 - 000003156 _____ C:\WINDOWS\system32\Tasks\G2MUpdateTask-S-1-5-21-2352705691-491874430-4063245790-1001 2021-04-02 00:11 - 2020-08-31 21:16 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-04-02 00:11 - 2020-08-31 21:16 - 000003122 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2021-04-02 00:11 - 2020-08-31 21:16 - 000003052 _____ C:\WINDOWS\system32\Tasks\update-S-1-5-21-2352705691-491874430-4063245790-1001 2021-04-02 00:11 - 2020-08-31 21:16 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-04-02 00:11 - 2020-08-31 21:16 - 000002964 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper 2021-04-02 00:11 - 2020-08-31 21:16 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-04-02 00:11 - 2020-08-31 21:16 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-04-02 00:11 - 2020-08-31 21:16 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-04-02 00:11 - 2020-08-31 21:16 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-04-02 00:11 - 2020-08-31 21:16 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-04-02 00:11 - 2020-08-31 21:16 - 000002882 _____ C:\WINDOWS\system32\Tasks\TinyTakeUpgrade 2021-04-02 00:11 - 2020-08-31 21:16 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2352705691-491874430-4063245790-1001 2021-04-02 00:11 - 2020-08-31 21:16 - 000002824 _____ C:\WINDOWS\system32\Tasks\SU_AutoUpdate 2021-04-02 00:11 - 2020-08-31 21:16 - 000002800 _____ C:\WINDOWS\system32\Tasks\update-sys 2021-04-02 00:11 - 2020-08-31 21:16 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-04-02 00:11 - 2020-08-31 21:16 - 000002602 _____ C:\WINDOWS\system32\Tasks\EasyTune 1 2021-04-02 00:11 - 2020-08-31 21:16 - 000002600 _____ C:\WINDOWS\system32\Tasks\Motorola Device Manager Update 2021-04-02 00:11 - 2020-08-31 21:16 - 000002562 _____ C:\WINDOWS\system32\Tasks\Software Updater Scheduler 2021-04-02 00:11 - 2020-08-31 21:16 - 000002502 _____ C:\WINDOWS\system32\Tasks\EasyTune 2021-04-02 00:11 - 2020-08-31 21:16 - 000002492 _____ C:\WINDOWS\system32\Tasks\SIV-VGA 2021-04-02 00:11 - 2020-08-31 21:16 - 000002486 _____ C:\WINDOWS\system32\Tasks\SIV 2021-04-02 00:11 - 2020-08-31 21:16 - 000002424 _____ C:\WINDOWS\system32\Tasks\Motorola Device Manager Initial Update 2021-04-02 00:11 - 2020-08-31 21:16 - 000002390 _____ C:\WINDOWS\system32\Tasks\Software Updater SkipUAC(aemtp) 2021-04-01 21:48 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-04-01 21:48 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-04-01 21:00 - 2021-01-14 20:50 - 000000000 ____D C:\Users\aemtp\.thinkorswim 2021-04-01 01:31 - 2020-01-12 23:43 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server 2021-04-01 01:09 - 2019-12-01 18:17 - 000000000 ____D C:\Users\aemtp\AppData\Local\D3DSCache 2021-03-31 16:45 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ELAMBKUP 2021-03-30 14:21 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF 2021-03-27 11:13 - 2020-07-18 20:02 - 000001972 _____ C:\Users\aemtp\Desktop\Zoom.lnk 2021-03-27 11:13 - 2020-06-15 17:03 - 000000000 ____D C:\Users\aemtp\AppData\Roaming\Zoom 2021-03-26 18:42 - 2020-06-17 12:26 - 000002398 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-03-26 18:42 - 2020-06-17 12:26 - 000002236 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk 2021-03-26 13:37 - 2019-12-29 03:04 - 000000000 ____D C:\Users\aemtp\AppData\Local\Pushbullet 2021-03-25 13:06 - 2020-01-28 20:43 - 000000000 ____D C:\Users\aemtp\AppData\Local\GoToMeeting 2021-03-24 00:22 - 2019-12-31 02:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google 2021-03-16 15:00 - 2019-12-30 23:21 - 000000000 ____D C:\Users\aemtp\AppData\Local\ElevatedDiagnostics 2021-03-16 15:00 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2021-03-16 14:52 - 2020-08-31 21:21 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-03-16 14:50 - 2020-08-17 16:46 - 000000000 ____D C:\Users\aemtp\AppData\Roaming\EPSON 2021-03-16 11:24 - 2019-12-07 05:50 - 000000000 ____D C:\WINDOWS\system32\FxsTmp 2021-03-16 11:22 - 2020-08-21 13:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software 2021-03-16 11:22 - 2019-12-09 05:57 - 000001003 _____ C:\ProgramData\Desktop\EPSON Scan.lnk 2021-03-16 11:22 - 2019-12-09 05:57 - 000000000 ____D C:\Program Files (x86)\epson 2021-03-16 11:22 - 2019-12-06 18:57 - 000000000 ____D C:\Program Files (x86)\EPSON Software 2021-03-16 11:22 - 2019-12-02 08:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON 2021-03-16 11:22 - 2019-12-01 17:13 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2021-03-16 02:24 - 2019-12-02 08:49 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-03-15 15:26 - 2020-08-31 21:02 - 000002404 _____ C:\Users\aemtp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-03-15 15:26 - 2019-12-01 16:59 - 000000000 ___RD C:\Users\aemtp\OneDrive 2021-03-11 00:51 - 2020-08-31 21:13 - 000594056 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-03-11 00:51 - 2020-03-25 16:22 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-03-11 00:50 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-03-11 00:50 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2021-03-11 00:50 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-03-11 00:50 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-03-11 00:50 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2021-03-11 00:50 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2021-03-11 00:50 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-03-11 00:50 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-03-11 00:50 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-03-11 00:50 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-03-11 00:50 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-03-11 00:50 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ImmersiveControlPanel 2021-03-11 00:50 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-03-11 00:50 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-03-11 00:44 - 2019-12-02 09:11 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-03-11 00:41 - 2020-07-26 09:51 - 000002240 _____ C:\Users\aemtp\Desktop\WhatsApp.lnk 2021-03-11 00:41 - 2020-07-26 09:51 - 000000000 ____D C:\Users\aemtp\AppData\Roaming\WhatsApp 2021-03-11 00:41 - 2020-07-26 09:51 - 000000000 ____D C:\Users\aemtp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp 2021-03-11 00:41 - 2019-12-06 21:34 - 000000000 ____D C:\Users\aemtp\AppData\Local\SquirrelTemp 2021-03-11 00:41 - 2019-12-02 09:11 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-03-11 00:40 - 2020-03-25 16:22 - 000000965 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-03-11 00:40 - 2020-03-25 16:22 - 000000953 _____ C:\ProgramData\Desktop\Firefox.lnk 2021-03-11 00:40 - 2020-03-25 16:22 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-03-11 00:39 - 2019-12-19 16:52 - 000000000 ____D C:\ProgramData\ProductData 2021-03-11 00:10 - 2019-12-01 17:27 - 000000000 ___HD C:\Program Files (x86)\Temp 2021-03-11 00:05 - 2019-12-02 07:57 - 000000000 ____D C:\Users\aemtp\AppData\Local\CrashDumps 2021-03-11 00:05 - 2019-12-01 17:13 - 000000000 ____D C:\Program Files (x86)\GIGABYTE 2021-03-11 00:03 - 2020-06-17 13:16 - 000000000 ____D C:\Program Files\ENE 2021-03-11 00:03 - 2019-12-01 17:13 - 000000000 ____D C:\Users\aemtp\AppData\Local\Downloaded Installations 2021-03-11 00:03 - 2019-12-01 17:13 - 000000000 ____D C:\ProgramData\Package Cache 2021-03-11 00:02 - 2019-12-10 11:47 - 000002096 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2021-03-10 23:54 - 2019-12-01 17:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2021-03-10 23:54 - 2019-12-01 17:35 - 000005613 _____ C:\WINDOWS\SysWOW64\Upgrade_Saved_Config.txt 2021-03-10 23:54 - 2019-12-01 17:35 - 000000408 _____ C:\WINDOWS\SysWOW64\Saved_StaticIP.txt 2021-03-10 23:54 - 2019-12-01 17:22 - 000000000 ____D C:\Program Files\Intel 2021-03-10 23:53 - 2019-12-01 17:22 - 000000000 ____D C:\Program Files (x86)\Intel 2021-03-10 22:56 - 2021-01-13 20:31 - 000000000 ____D C:\Users\aemtp\AppData\LocalLow\WebEx 2021-03-10 22:56 - 2021-01-13 20:31 - 000000000 ____D C:\Users\aemtp\AppData\Local\WebEx 2021-03-10 20:54 - 2021-01-13 20:32 - 000000000 ____D C:\Users\aemtp\AppData\Roaming\webex 2021-03-06 18:56 - 2020-06-24 17:58 - 000000000 ____D C:\Users\aemtp\Documents\Zoom ==================== Files in the root of some directories ======== 2021-03-29 04:03 - 2021-03-29 04:03 - 000521751 _____ () C:\Users\aemtp\AppData\Local\ars.cache 2021-03-29 04:03 - 2021-03-29 04:03 - 001584807 _____ () C:\Users\aemtp\AppData\Local\census.cache 2021-03-28 18:31 - 2021-03-28 18:31 - 000000036 _____ () C:\Users\aemtp\AppData\Local\housecall.guid.cache 2020-06-27 12:56 - 2020-06-27 12:56 - 000004096 ____H () C:\Users\aemtp\AppData\Local\keyfile3.drm 2019-12-08 05:41 - 2020-01-02 15:54 - 000012636 _____ () C:\Users\aemtp\AppData\Local\PlariumPlay.log 2019-12-29 18:36 - 2019-12-29 18:36 - 000007605 _____ () C:\Users\aemtp\AppData\Local\Resmon.ResmonCfg 2019-12-06 09:58 - 2019-12-06 09:58 - 000000003 _____ () C:\Users\aemtp\AppData\Local\updater.log 2019-12-06 09:58 - 2019-12-06 10:00 - 000000424 _____ () C:\Users\aemtp\AppData\Local\UserProducts.xml ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================