Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-09-2021 Ran by krueg_000 (administrator) on KRUEGER (Dell Inc. XPS 12-9Q33) (19-09-2021 13:54:14) Running from C:\Users\krueg_000\OneDrive\Desktop\Anti-virus gear Loaded Profiles: krueg_000 Platform: Windows 10 Home Version 20H2 19042.1237 (X64) Language: English (United States) Default browser: Edge Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe (Google Inc -> Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe <2> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation - pGFX -> ) C:\Windows\System32\igfxTray.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation -> Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe (Intel Corporation-Mobile Wireless Group -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe (Intel Wireless Display -> Intel) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (Intel® Services Manager -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe (Intel® Services Manager -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\ismagent.exe (Intel® Services Manager -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\updateui.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <6> (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\krueg_000\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe (PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <4> (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-04] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-04] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-04] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-05-08] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [RtHDVBg_MA3Firmware] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-04] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKU\S-1-5-21-2550471563-1257076527-2971406527-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25624208 2017-11-10] (Google Inc -> Google) HKU\S-1-5-21-2550471563-1257076527-2971406527-1001\...\Run: [0F6421E269616DEEA6FF88A7BC7FC248079E5352._service_run] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=service /prefetch:8 HKU\S-1-5-21-2550471563-1257076527-2971406527-1001\...\Run: [MicrosoftEdgeAutoLaunch_38A5A74C0F574CCAB915AEF4FDB30067] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 HKLM\...\Print\Monitors\HP C511 Status Monitor: C:\WINDOWS\system32\hpinkstsC511LM.dll [333496 2013-01-25] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\93.0.4577.82\Installer\chrmstp.exe [2021-09-15] (Google LLC -> Google LLC) ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {094CD275-5C71-4753-B57E-5566CA859498} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {0E2825D2-0C1D-411C-918B-39735947DBB1} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [704824 2013-03-01] (Intel Corporation -> Intel) Task: {0F6DBBD1-1FA5-490B-A482-1F43FCC689E6} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {204DB95F-E364-4C00-8E6F-73920F42073F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {23A5C104-67C6-46F2-A56E-92D809EDF88D} - System32\Tasks\Dell\Dell System Registration => C:\Program Files (x86)\System Registration\prodreg.exe [6762544 2012-07-09] (Dell Inc. -> Dell, Inc.) Task: {26402EE7-8AEC-4B8B-873A-5436C4114B76} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [4167080 2018-09-26] (Synaptics Incorporated -> Synaptics Incorporated) Task: {2A872666-9849-44B6-ADF4-CC9C4C9EFD70} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-12] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {4B29DC52-C765-4E1F-B06F-E2F85489CB35} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\WINDOWS\system32\MRT-KB890830.exe [133326408 2017-12-25] (Microsoft Corporation -> Microsoft Corporation) Task: {4C1CB5E4-059F-4211-8A64-5D6E214CCB1F} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => c:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [257824 2013-03-08] (Intel® Services Manager -> Intel Corporation) Task: {62E83378-ADB9-41C0-B3E6-C4770DBD82CA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2016-05-10] (Google Inc -> Google Inc.) Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE} Task: {8B6759EE-1C08-4B8F-955C-774AB5A6544E} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1} Task: {9588A41A-DABE-470E-A95C-8E65CC3F1DAB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2016-05-10] (Google Inc -> Google Inc.) Task: {95B34C76-E17F-4602-8804-29DEA9BBF53D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972184 2021-03-17] (Microsoft Corporation -> Microsoft Corporation) Task: {9A49AC95-37CB-48E2-92B9-0AEDC5FE9819} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-12] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {9C13FAC4-4897-4753-954F-00A277365FF3} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972184 2021-03-17] (Microsoft Corporation -> Microsoft Corporation) Task: {A73D296B-BC0D-4632-899B-DDADEEA2F73A} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => c:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [257824 2013-03-08] (Intel® Services Manager -> Intel Corporation) Task: {C9DCF59E-6B97-4C0C-8641-B8261089C8CA} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {CF656F28-96E3-448B-9826-999C5E565B0C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-12] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {D4201702-8AAC-4FBF-95A1-E6037529C9D8} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {DB21EF32-6BA9-4118-BBC1-BC4FF48961E5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61} Task: {DBC7CDB5-F34B-4E88-BC09-23631BC394F1} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [1140624 2021-03-17] (Microsoft Corporation -> Microsoft Corporation) Task: {DFF2716A-9978-4791-98AE-2BF5C363692A} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA} Task: {E45627EC-4364-4090-ACA7-4140DFA7A344} - System32\Tasks\GoogleUpdateTaskMachineCore1d7365d9a2ebf11 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2016-05-10] (Google Inc -> Google Inc.) Task: {EB0D06F9-E5EE-409E-9D5B-C3FCD0A90552} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-12] (Microsoft Windows Publisher -> Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 Tcpip\..\Interfaces\{3b952fb4-d066-4581-a0db-ea39b29d30d0}: [DhcpNameServer] 75.75.75.75 75.75.76.76 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\krueg_000\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-19] FireFox: ======== FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-14] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-14] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-06-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN) [File not signed] Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Default [2021-09-19] CHR Notifications: Default -> hxxps://meet.google.com; hxxps://padlet.com; hxxps://www.youtube.com CHR HomePage: Default -> hxxp://www.wvhs204.org/ CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Extension: (Floorplanner) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\abopacaefhbognnmeigicfpgnmpideag [2020-05-24] CHR Extension: (Docs) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-23] CHR Extension: (Google Drive) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21] CHR Extension: (Skype Calling) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2020-05-24] CHR Extension: (YouTube) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-14] CHR Extension: (Google Search) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-21] CHR Extension: (InsertLearning) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\dehajjkfchegiinhcmoclkfbnmpgcahj [2021-05-09] CHR Extension: (The QR Code Generator) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcmhlmapohffdglflokbgknlknnmogbb [2020-05-24] CHR Extension: (Google Docs Offline) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-07] CHR Extension: (Video Recorder for WeVideo) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\iaiglpeefdoagfbbfhjfbmomnfobojia [2020-05-24] CHR Extension: (Grammarly for Chrome) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2021-09-19] CHR Extension: (Pocket Must Reads) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnnopicjonfamklpcdfnbcomdlopmof [2020-05-24] CHR Extension: (Screencastify - Screen Video Recorder) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmeijimgabbpbgpdklnllpncmdofkcpn [2021-09-18] CHR Extension: (Save to Pocket) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2020-11-11] CHR Extension: (Chrome Web Store Payments) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31] CHR Extension: (Pear Deck Power-Up) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\paijmjmfnjcbjlimjeminlepannmimbi [2021-06-05] CHR Extension: (Gmail) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-24] CHR Profile: C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-09-19] CHR Profile: C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-09-18] CHR Extension: (Slides) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-07-23] CHR Extension: (Docs) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-07-23] CHR Extension: (Google Drive) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-07-23] CHR Extension: (YouTube) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-07-23] CHR Extension: (Sheets) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-07-23] CHR Extension: (Google Docs Offline) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-23] CHR Extension: (Chrome Web Store Payments) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-23] CHR Extension: (Gmail) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-07-23] CHR Extension: (Chrome Media Router) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-08-09] CHR Profile: C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 2 [2021-09-18] CHR HomePage: Profile 2 -> hxxp://wvhs204.org/ CHR StartupUrls: Profile 2 -> "hxxp://wvhs204.org/","hxxps://espipe.sungardk12saas.com/TAC/Account/LogOn?ReturnUrl=%2fTAC" CHR Extension: (Slides) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-08-12] CHR Extension: (QR Code Generator) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\afpbjjgbdimpioenaedcjgkaigggcdpp [2021-08-29] CHR Extension: (Mobility Print) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\alhngdkjgnedakdlnamimgfihgkmenbh [2021-08-29] CHR Extension: (Docs) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2021-08-12] CHR Extension: (Google Drive) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-08-12] CHR Extension: (Newsela) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bfpeiapdhnegnfcfkdfihabadngjagfj [2021-08-29] CHR Extension: (YouTube) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-08-12] CHR Extension: (School Video Recorder for Google Drive) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\boohghjaeankjfihomdfhimfgifblngd [2021-08-29] CHR Extension: (Gopher Buddy) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cgbbbjmgdpnifijconhamggjehlamcif [2021-08-29] CHR Extension: (InsertLearning) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\dehajjkfchegiinhcmoclkfbnmpgcahj [2021-08-29] CHR Extension: (Lightspeed User Agent) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\eodeiibdcpipgedfgkolnhajjdokejdh [2021-08-29] [UpdateUrl:hxxp://lightspeed-apps.s3.amazonaws.com/chrome/user_agent/ChromeUserAgent.xml] <==== ATTENTION CHR Extension: (OrbitDoc) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\feepmdlmhplaojabeoecaobfmibooaid [2021-09-18] CHR Extension: (Sheets) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-08-12] CHR Extension: (Google Docs Offline) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-08-12] CHR Extension: (Google Keep - Notes and Lists) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2021-09-18] CHR Extension: (Video Recorder for WeVideo) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\iaiglpeefdoagfbbfhjfbmomnfobojia [2021-08-29] CHR Extension: (Bomgar Remote Support) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ipfljipbjloahhabacnofonhfbddnajm [2021-08-29] CHR Extension: (Grammarly for Chrome) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2021-09-07] CHR Extension: (Zoom Scheduler) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kgjfgplpablkjnlkjmjdecgdpfankdle [2021-09-01] CHR Extension: (Google Keep Chrome Extension) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2021-09-18] CHR Extension: (Google Classroom) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mfhehppjhmmnlfbbopchdfldgimhfhfk [2021-08-31] CHR Extension: (Screencastify - Screen Video Recorder) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mmeijimgabbpbgpdklnllpncmdofkcpn [2021-09-18] CHR Extension: (Chrome Web Store Payments) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-12] CHR Extension: (Draftback) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nnajoiemfpldioamchanognpjmocgkbg [2021-08-29] CHR Extension: (WordReference Extension) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ofnmflhedfocnfnoafgcojkllnmdipoj [2021-08-29] CHR Extension: (Texthelp PDF Reader App) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ohfjebjepnlldifcbcfmopifaebcjehc [2021-08-29] CHR Extension: (Print Friendly & PDF) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ohlencieiipommannpdfcmfdpjjmeolj [2021-08-29] CHR Extension: (Video Editor for Chromebook & more: Free app) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\okgjbfikepgflmlelgfgecmgjnmnmnnb [2021-08-29] CHR Extension: (Pear Deck Power-Up) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\paijmjmfnjcbjlimjeminlepannmimbi [2021-08-29] CHR Extension: (Gmail) - C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-08-12] CHR Profile: C:\Users\krueg_000\AppData\Local\Google\Chrome\User Data\System Profile [2021-09-19] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-03-15] (Intel Wireless Display -> Intel) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3052952 2021-03-17] (Microsoft Corporation -> Microsoft Corporation) R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [426528 2021-08-02] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3835424 2021-08-02] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [452640 2021-08-02] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe [1020584 2021-07-28] (PC-Doctor, Inc. -> PC-Doctor, Inc.) R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38600 2021-07-20] (Dell Inc -> ) R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed] R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [161736 2013-04-15] (Intel Corporation-Mobile Wireless Group -> Intel Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7785656 2021-09-18] (Malwarebytes Inc -> Malwarebytes) R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39968 2021-08-20] (Dell Inc -> Dell Inc.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe [2772856 2021-09-12] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe [136640 2021-09-12] (Microsoft Windows Publisher -> Microsoft Corporation) S2 DellDigitalDelivery; "c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe" [X] ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 AMPPAL; C:\WINDOWS\System32\drivers\AMPPAL.sys [165344 2013-05-21] (Intel Corporation-Mobile Wireless Group -> Windows (R) Win 7 DDK provider) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed] R3 DBUtilDrv2; C:\WINDOWS\System32\drivers\DBUtilDrv2.sys [24968 2021-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Dell) R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [43400 2021-07-28] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies) S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [32568 2017-07-27] (Techporch Incorporated -> Dell Computer Corporation) R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2013-01-24] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2021-09-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S3 hswultpep; C:\WINDOWS\System32\drivers\hswultpep.sys [62968 2013-02-08] (Intel Corporation - Software and Firmware Products -> Intel Corporation) S3 iaLPSS_UART; C:\WINDOWS\System32\drivers\iaLPSS_UART.sys [142840 2013-02-08] (Intel Corporation - Software and Firmware Products -> Intel Corporation) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210344 2021-09-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-09-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-09-19] (Malwarebytes Inc -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [68528 2021-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-09-18] (Malwarebytes Inc -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [149424 2021-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [207256 2013-03-15] (Intel Wireless Display -> Windows (R) Win 7 DDK provider) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-09-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [433384 2021-09-12] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86264 2021-09-12] (Microsoft Windows -> Microsoft Corporation) S3 WPRO_41_2001; C:\WINDOWS\System32\drivers\WPRO_41_2001.sys [34752 2016-06-18] (Intel(R) Smart Connect software -> ) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2021-09-19 13:43 - 2021-09-19 13:43 - 000024968 _____ (Dell) C:\WINDOWS\system32\Drivers\DBUtilDrv2.sys 2021-09-19 13:40 - 2021-09-19 13:40 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2021-09-19 13:40 - 2021-09-19 13:40 - 000149424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2021-09-19 13:40 - 2021-09-19 13:40 - 000068528 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2021-09-18 15:28 - 2021-09-18 15:28 - 000210344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2021-09-18 15:28 - 2021-09-18 15:28 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-09-18 15:28 - 2021-09-18 15:28 - 000002023 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2021-09-18 15:28 - 2021-09-18 15:28 - 000000000 ____D C:\Users\krueg_000\AppData\Local\mbam 2021-09-18 15:28 - 2021-09-18 15:27 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2021-09-18 15:28 - 2021-09-18 15:27 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2021-09-18 15:27 - 2021-09-18 15:27 - 002101944 _____ (Malwarebytes) C:\Users\krueg_000\Downloads\MBSetup-10789.10789-consumer (3).exe 2021-09-18 15:27 - 2021-09-18 15:27 - 002101944 _____ (Malwarebytes) C:\Users\krueg_000\Downloads\MBSetup-10789.10789-consumer (2).exe 2021-09-18 15:27 - 2021-09-18 15:27 - 000000000 ____D C:\Program Files\Malwarebytes 2021-09-18 15:26 - 2021-09-18 15:26 - 002101944 _____ (Malwarebytes) C:\Users\krueg_000\Downloads\MBSetup-10789.10789-consumer.exe 2021-09-18 15:26 - 2021-09-18 15:26 - 002101944 _____ (Malwarebytes) C:\Users\krueg_000\Downloads\MBSetup-10789.10789-consumer (1).exe 2021-09-17 18:55 - 2021-09-17 18:55 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll 2021-09-17 18:55 - 2021-09-17 18:55 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-09-17 18:55 - 2021-09-17 18:55 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-09-17 18:55 - 2021-09-17 18:55 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2021-09-17 18:55 - 2021-09-17 18:55 - 001313608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2021-09-17 18:55 - 2021-09-17 18:55 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2021-09-17 18:55 - 2021-09-17 18:55 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll 2021-09-17 18:55 - 2021-09-17 18:55 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2021-09-17 18:55 - 2021-09-17 18:55 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2021-09-17 18:55 - 2021-09-17 18:55 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2021-09-17 18:55 - 2021-09-17 18:55 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2021-09-17 18:55 - 2021-09-17 18:55 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx 2021-09-17 18:55 - 2021-09-17 18:55 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx 2021-09-17 18:55 - 2021-09-17 18:55 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2021-09-17 18:55 - 2021-09-17 18:55 - 000011355 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-09-17 18:54 - 2021-09-17 18:54 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll 2021-09-17 18:54 - 2021-09-17 18:54 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2021-09-17 18:54 - 2021-09-17 18:54 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2021-09-17 18:54 - 2021-09-17 18:54 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe 2021-09-17 18:54 - 2021-09-17 18:54 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2021-09-17 18:43 - 2021-09-17 18:43 - 000000000 ___HD C:\$WinREAgent 2021-09-15 23:52 - 2021-09-19 13:54 - 000000000 ____D C:\FRST 2021-08-29 17:20 - 2021-08-29 17:20 - 000000000 ____D C:\Users\krueg_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2021-09-19 13:55 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-09-19 13:49 - 2021-03-01 01:49 - 000004160 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{203598EA-E27F-4818-8B3B-097F45E5FCFE} 2021-09-19 13:45 - 2021-03-01 01:52 - 001776288 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-09-19 13:45 - 2021-02-28 14:50 - 000788518 _____ C:\WINDOWS\system32\perfh00A.dat 2021-09-19 13:45 - 2021-02-28 14:50 - 000155960 _____ C:\WINDOWS\system32\perfc00A.dat 2021-09-19 13:45 - 2019-12-07 04:13 - 000000000 ____D C:\WINDOWS\INF 2021-09-19 13:44 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-09-19 13:44 - 2016-06-04 22:49 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2021-09-19 13:44 - 2016-06-04 20:44 - 000000000 __SHD C:\Users\krueg_000\IntelGraphicsProfiles 2021-09-19 13:44 - 2014-06-23 20:14 - 000000000 ____D C:\Program Files (x86)\Google 2021-09-19 13:40 - 2021-03-01 01:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-09-19 13:40 - 2021-03-01 01:40 - 000008192 ___SH C:\DumpStack.log.tmp 2021-09-19 13:40 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-09-19 13:40 - 2019-12-07 04:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2021-09-19 13:40 - 2016-06-05 16:25 - 000000000 ____D C:\Program Files (x86)\Dell 2021-09-19 13:40 - 2013-11-30 17:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell 2021-09-19 13:40 - 2013-11-30 17:31 - 000000000 ____D C:\ProgramData\Dell 2021-09-19 13:40 - 2013-11-30 17:31 - 000000000 ____D C:\Program Files\Dell 2021-09-19 13:29 - 2021-03-01 01:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-09-18 15:28 - 2019-12-07 04:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-09-18 15:28 - 2014-06-23 21:53 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2021-09-18 15:28 - 2014-06-23 21:53 - 000000000 ____D C:\ProgramData\Malwarebytes 2021-09-18 15:14 - 2014-06-23 21:24 - 000000000 ____D C:\AdwCleaner 2021-09-18 15:06 - 2021-03-01 01:40 - 000442144 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-09-18 15:05 - 2019-12-07 04:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-09-18 15:05 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2021-09-18 15:05 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2021-09-18 15:05 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-09-18 15:05 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-09-18 15:05 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2021-09-18 15:05 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2021-09-18 15:05 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-09-18 15:05 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2021-09-18 15:05 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-09-18 15:05 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\DDFs 2021-09-18 15:05 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\appraiser 2021-09-18 15:05 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2021-09-18 15:05 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-09-18 15:05 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-09-18 15:05 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\servicing 2021-09-18 14:58 - 2014-06-23 19:51 - 000000000 ____D C:\Users\krueg_000\AppData\Local\Packages 2021-09-18 14:55 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-09-18 13:49 - 2020-07-15 07:28 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-09-17 18:59 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-09-17 18:43 - 2014-07-07 12:12 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-09-17 18:39 - 2014-07-07 12:12 - 135637312 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-09-15 19:34 - 2014-07-21 20:50 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-09-12 20:28 - 2020-05-24 12:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-09-07 23:45 - 2021-03-01 01:49 - 000003372 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2550471563-1257076527-2971406527-1001 2021-09-07 23:45 - 2021-02-28 15:21 - 000002436 _____ C:\Users\krueg_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-09-05 21:11 - 2020-09-29 20:34 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-08-30 20:47 - 2016-08-10 22:12 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2021-08-25 18:18 - 2014-06-23 20:02 - 000000000 ____D C:\Program Files\Microsoft Office 15 ==================== FLock ============================== 2013-11-30 18:04 C:\System Recovery ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================