Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-09-2021 Ran by erine (administrator) on DESKTOP-0OR6TUF (Dell Inc. Inspiron 3670) (22-09-2021 10:23:15) Running from C:\Users\erine\Desktop Loaded Profiles: erine Platform: Windows 10 Home Version 20H2 19042.1165 (X64) Language: English (United States) Default browser: Chrome Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () [File not signed] C:\Program Files (x86)\WatchGuard\WatchGuard Mobile VPN with SSL\wgsslvpnsrc.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe (Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe (Dell Inc -> Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <19> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIService.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9cf4db1a1fd1b22d\OneApp.IGCC.WinService.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ffb22091d2be88a5\IntelCpHDCPSvc.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ffb22091d2be88a5\IntelCpHeciSvc.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_dd349ca1e8d98184\LMS.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_9c788f1d162b1224\RstMwService.exe (LeapFrog Enterprises, Inc. -> LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect2\LFHelper.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Meraki, LLC. -> Meraki, Inc.) C:\Program Files\Meraki\Systems Manager Agent 3.1.1\m_agent_service.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\erine\AppData\Local\Microsoft\OneDrive\21.170.0822.0002\FileCoAuth.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\erine\AppData\Local\Microsoft\OneDrive\OneDrive.exe <2> (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2108.25001.0_x64__8wekyb3d8bbwe\Cortana.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.56.11001.0_x64__8wekyb3d8bbwe\gamingservices.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.56.11001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <7> (PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_18c775e07a6aaafd\RtkAudUService64.exe <3> (Thesycon Software Solutions GmbH & Co. KG -> ) C:\Program Files\Positive Grid\USB Audio Device Driver\W10_x64\Spark40USBAudioDriverCpl.exe (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_444d52e511fbcc11\WavesSysSvc64.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_18c775e07a6aaafd\RtkAudUService64.exe [1257032 2021-04-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [DellMobileConnectWelcome] => C:\Program Files\Dell\DellMobileConnectDrivers\DellMobileConnectWStartup.exe [340480 2018-07-25] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3952096 2020-03-11] (Logitech -> Logitech, Inc.) HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_444d52e511fbcc11\WavesSvc64.exe [1237696 2020-12-06] (Waves Inc -> Waves Audio Ltd.) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [8091424 2021-09-13] (Dropbox, Inc -> Dropbox, Inc.) HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2066432 2014-10-31] (iSkySoft) [File not signed] HKLM-x32\...\Run: [LeapFrog Connect 2 Launcher] => C:\Program Files (x86)\LeapFrog\LeapFrog Connect2\LFLauncher.exe [30320 2019-08-13] (LeapFrog Enterprises, Inc. -> LeapFrog Enterprises, Inc.) HKU\S-1-5-21-3707107645-3133845480-1438675409-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\erine\AppData\Local\WebEx\ciscowebexstart.exe [2499800 2021-02-25] (Cisco WebEx LLC -> Cisco Webex LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\93.0.4577.82\Installer\chrmstp.exe [2021-09-15] (Google LLC -> Google LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avid Link.lnk [2020-04-01] ShortcutTarget: Avid Link.lnk -> C:\Program Files\Avid\Avid Link\Avid Link.exe (Avid Technology, Inc. -> Avid Technology, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Positive Grid USB Audio Device Control Panel Autostart.lnk [2021-07-29] ShortcutTarget: Positive Grid USB Audio Device Control Panel Autostart.lnk -> C:\Program Files\Positive Grid\USB Audio Device Driver\W10_x64\Spark40USBAudioDriverCpl.exe (Thesycon Software Solutions GmbH & Co. KG -> ) Startup: C:\Users\erine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2020-05-20] ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {003CFD9A-971D-4B9A-A2A5-057ECC235A2F} - System32\Tasks\G2MUpdateTask-S-1-5-21-3707107645-3133845480-1438675409-1001 => C:\Users\erine\AppData\Local\GoToMeeting\19796\g2mupdate.exe [31176 2021-07-07] (LogMeIn, Inc. -> LogMeIn, Inc.) Task: {11C369DA-8429-4770-97FE-B0E2B7D2A5F8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {137913B0-BA06-4AF2-9D39-15C9D262E643} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {1BE86C00-AA40-4497-BE7C-CD3F3DBA242A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21857672 2021-09-10] (Microsoft Corporation -> Microsoft Corporation) Task: {23AFBA10-96F1-44A1-9DBF-C6F90AC0435E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-02] (Google Inc -> Google Inc.) Task: {35FF5702-C0A4-4C79-AFAE-DF3F5794D2D8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {361A9B78-F48C-4CF9-AADB-2C588162FAC5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [5439384 2021-09-16] (Microsoft Corporation -> Microsoft Corporation) Task: {3E8CF46C-9899-48E7-97D6-5C407E358E1B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-02] (Google Inc -> Google Inc.) Task: {6DDBADCD-AD84-44A5-BFA8-2322E1DB69D0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [5439384 2021-09-16] (Microsoft Corporation -> Microsoft Corporation) Task: {8EA652E2-0F53-41E2-9C94-9577C55C2ABA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21857672 2021-09-10] (Microsoft Corporation -> Microsoft Corporation) Task: {93461ECF-28A9-4D49-B11F-A1A8275E8339} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1155480 2021-09-16] (Microsoft Corporation -> Microsoft Corporation) Task: {A8F926DE-4DB7-4BFC-86D7-32F2800E6E41} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {A930250E-FD60-483D-B73A-D446A2B91AF5} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [680888 2021-09-08] (Mozilla Corporation -> Mozilla Foundation) Task: {B0FC898B-670F-493E-8A53-4FD380C81F54} - System32\Tasks\NCH Software\ExpressRipDowngrade => C:\Program Files (x86)\NCH Software\ExpressRip\expressrip.exe [1006648 2019-03-22] (NCH Software Pty Ltd -> NCH Software) Task: {C37B4CFA-631B-49AF-BF09-692DCA436213} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1060384 2021-08-20] (Dell Inc -> Dell Inc.) Task: {C4AC0B23-378D-453F-8E66-F62E455295F6} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-13] (Dropbox, Inc -> Dropbox, Inc.) Task: {C902F622-B369-44AD-8BE6-46FDB35C5B1A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113536 2021-09-16] (Microsoft Corporation -> Microsoft Corporation) Task: {E0142236-511F-4774-A84E-E39E07AD1A30} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113536 2021-09-16] (Microsoft Corporation -> Microsoft Corporation) Task: {E3F632A4-BCA9-46DF-BDFF-7D5BBD9BD5A0} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-13] (Dropbox, Inc -> Dropbox, Inc.) Task: {F323D4A5-A8BC-45F0-BA78-CEB3845793B0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.) Task: {FB683A86-36CD-4E64-BFF9-D3925F6FC865} - System32\Tasks\G2MUploadTask-S-1-5-21-3707107645-3133845480-1438675409-1001 => C:\Users\erine\AppData\Local\GoToMeeting\19796\g2mupload.exe [31176 2021-07-07] (LogMeIn, Inc. -> LogMeIn, Inc.) Task: {FBA9D3F3-F308-4266-B394-D8B8F5DB8EED} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3707107645-3133845480-1438675409-1001.job => C:\Users\erine\AppData\Local\GoToMeeting\19796\g2mupdate.exe Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3707107645-3133845480-1438675409-1001.job => C:\Users\erine\AppData\Local\GoToMeeting\19796\g2mupload.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.12.1 Tcpip\..\Interfaces\{2d523801-0097-4f41-aeb8-f30dcdd432b5}: [DhcpNameServer] 192.168.12.1 Tcpip\..\Interfaces\{efd4fddc-f2ea-4ba3-b79d-778a0be4e2c9}: [DhcpNameServer] 172.71.1.171 Edge: ======= DownloadDir: C:\Users\erine\Downloads Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found] Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found] Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found] Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found] Edge DefaultProfile: Default Edge Profile: C:\Users\erine\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-22] Edge Extension: (Malwarebytes Browser Guard) - C:\Users\erine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-08-22] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF DefaultProfile: un57y4gx.default FF ProfilePath: C:\Users\erine\AppData\Roaming\Mozilla\Firefox\Profiles\un57y4gx.default [2021-09-22] FF Extension: (translator-lite) - C:\Users\erine\AppData\Roaming\Mozilla\Firefox\Profiles\un57y4gx.default\Extensions\jid1-f3mYMbCpz2AZYl@jetpack.xpi [2019-03-11] FF Extension: (Adblock Plus - free ad blocker) - C:\Users\erine\AppData\Roaming\Mozilla\Firefox\Profiles\un57y4gx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-09-22] FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-28] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-09-09] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\erine\AppData\Roaming\mozilla\plugins\npatgpc.dll [2018-12-05] Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default [2021-09-22] CHR DownloadDir: C:\Users\erine\Downloads CHR HomePage: Default -> hxxps://my.erikson.edu/ics/default.aspx/ CHR StartupUrls: Default -> "hxxps://mail.google.com/mail/u/0/#inbox","hxxp://www.office.com/" CHR Extension: (Slides) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-02] CHR Extension: (Docs) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-02] CHR Extension: (Google Drive) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21] CHR Extension: (YouTube) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-02] CHR Extension: (Mendeley Web Importer) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\dagcmkpagjlhakfdhnbomgmjdpkdklff [2021-09-02] CHR Extension: (Adobe Acrobat) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-08-18] CHR Extension: (Sheets) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-02] CHR Extension: (Whisk) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfoijmnbedaipllfimaogeepohalbgka [2021-09-12] CHR Extension: (Google Docs Offline) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-24] CHR Extension: (Pinterest Save Button) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2021-09-09] CHR Extension: (Malwarebytes Browser Guard) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-09-14] CHR Extension: (Cisco Webex Extension) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2021-07-27] CHR Extension: (Google Scholar Button) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldipcbpaocekfooobnbcddclnhejkcpn [2020-10-08] CHR Extension: (Yumprint) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nboinfelnglhdhgchcmomigiddalpjka [2018-12-02] CHR Extension: (No Name) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2020-05-08] CHR Extension: (Chrome Web Store Payments) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-28] CHR Extension: (Gmail) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23] CHR Profile: C:\Users\erine\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-09-22] CHR Profile: C:\Users\erine\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-09-22] CHR Extension: (Slides) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-07-13] CHR Extension: (Google Drive) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-07-13] CHR Extension: (YouTube) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-07-13] CHR Extension: (Adobe Acrobat) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-07-13] CHR Extension: (Sheets) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-07-13] CHR Extension: (Google Docs Offline) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-13] CHR Extension: (Malwarebytes Browser Guard) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-09-16] CHR Extension: (Chrome Web Store Payments) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-13] CHR Extension: (Gmail) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-07-13] CHR Profile: C:\Users\erine\AppData\Local\Google\Chrome\User Data\System Profile [2021-09-22] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9179528 2021-09-10] (Microsoft Corporation -> Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-13] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-13] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44328 2021-09-13] (Dropbox, Inc -> Dropbox, Inc.) R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [426528 2021-08-02] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3835424 2021-08-02] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [452640 2021-08-02] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe [1020584 2021-07-28] (PC-Doctor, Inc. -> PC-Doctor, Inc.) R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [19128 2021-07-08] (Dell Inc -> Dell INC.) R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38600 2021-07-20] (Dell Inc -> ) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-02-09] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) R2 LFHelper; C:\Program Files (x86)\LeapFrog\LeapFrog Connect2\LFHelper.exe [2606704 2019-08-13] (LeapFrog Enterprises, Inc. -> LeapFrog Enterprises, Inc.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7785656 2021-09-21] (Malwarebytes Inc -> Malwarebytes) R2 MerakiSystemsManagerAgent; C:\Program Files\Meraki\Systems Manager Agent 3.1.1\m_agent_service.exe [6269152 2021-04-27] (Meraki, LLC. -> Meraki, Inc.) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2495280 2020-04-14] (Electronic Arts, Inc. -> Electronic Arts) S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3446576 2020-04-14] (Electronic Arts, Inc. -> Electronic Arts) S3 PrintNotify; C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll [3595776 2021-09-17] (Microsoft Corporation) [File not signed] R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39968 2021-08-20] (Dell Inc -> Dell Inc.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe [2772856 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation) R2 wgsslvpnsrc; C:\Program Files (x86)\WatchGuard\WatchGuard Mobile VPN with SSL\wgsslvpnsrc.exe [101376 2013-04-11] () [File not signed] R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe [136640 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WsDrvInst; C:\Program Files (x86)\iSkysoft\iTransfer\DriverInstall.exe [107200 2017-11-08] (Shenzhen Yi Xing Investment Co., Ltd. -> Wondershare) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [43400 2021-07-28] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies) S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2021-09-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210344 2021-09-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-05-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-09-22] (Malwarebytes Inc -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [68528 2021-09-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-22] (Malwarebytes Inc -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [149424 2021-09-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MpKsl39dcd843; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2D508D81-469F-4056-B895-D292B2A08407}\MpKslDrv.sys [130296 2021-09-22] (Microsoft Windows -> Microsoft Corporation) S3 Spark40USBAudioDriver; C:\WINDOWS\System32\drivers\Spark40USBAudioDriver.sys [377384 2019-12-19] (Microsoft Windows Hardware Compatibility Publisher -> ) S3 Spark40USBAudioDriverks; C:\WINDOWS\System32\drivers\Spark40USBAudioDriverks.sys [53800 2019-12-19] (Microsoft Windows Hardware Compatibility Publisher -> ) R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [31232 2013-04-11] (WatchGuard Technologies, Inc. -> The OpenVPN Project) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-09-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [433384 2021-09-08] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86264 2021-09-08] (Microsoft Windows -> Microsoft Corporation) S3 MpKsl272126af; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9BB6FCA4-EC78-481E-B3AE-71645FD90A47}\MpKslDrv.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2021-09-22 10:06 - 2021-09-22 10:06 - 000000000 ____D C:\Users\erine\Documents\FeedbackHub 2021-09-22 04:21 - 2021-09-22 04:21 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2021-09-22 04:21 - 2021-09-22 04:21 - 000149424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2021-09-22 04:21 - 2021-09-22 04:21 - 000068528 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2021-09-22 04:04 - 2021-09-22 04:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee 2021-09-22 03:58 - 2021-09-22 03:58 - 011105408 _____ (McAfee, LLC) C:\Users\erine\Desktop\MCPR.exe 2021-09-22 02:23 - 2019-12-19 14:07 - 002877104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll 2021-09-22 02:22 - 2021-09-22 02:22 - 000000000 ____D C:\ProgramData\Intel Package Cache {29d6077f-6adb-42de-abac-1c60aeb0e237} 2021-09-22 02:20 - 2021-09-22 02:20 - 000000000 ____D C:\ProgramData\Intel Package Cache {d8170687-85fa-4716-bafd-087205d0db72} 2021-09-22 02:20 - 2021-09-22 02:20 - 000000000 ____D C:\ProgramData\Intel Package Cache {9f9c9e51-d42f-4462-a27a-7d419da18045} 2021-09-22 01:25 - 2021-09-22 01:27 - 000563080 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-09-22 00:37 - 2021-09-22 00:37 - 000000000 ____D C:\Users\erine\Documents\Dell 2021-09-22 00:20 - 2021-09-22 00:20 - 002304512 _____ (Farbar) C:\Users\erine\Desktop\FRST64.exe 2021-09-22 00:20 - 2021-09-22 00:20 - 000000000 ____D C:\Users\erine\Desktop\FRST-OlderVersion 2021-09-21 15:19 - 2021-09-21 15:19 - 000210344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2021-09-21 15:07 - 2021-09-21 15:07 - 000000000 ___HD C:\$SysReset 2021-09-21 14:04 - 2021-09-21 14:04 - 000000000 ___HD C:\$WinREAgent 2021-09-21 12:58 - 2021-06-18 06:35 - 001859624 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2021-09-21 12:58 - 2021-06-18 06:35 - 001859624 _____ C:\WINDOWS\system32\vulkaninfo.exe 2021-09-21 12:58 - 2021-06-18 06:35 - 001440304 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2021-09-21 12:58 - 2021-06-18 06:35 - 001440304 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2021-09-21 12:58 - 2021-06-18 06:35 - 001102328 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2021-09-21 12:58 - 2021-06-18 06:35 - 001102328 _____ C:\WINDOWS\system32\vulkan-1.dll 2021-09-21 12:58 - 2021-06-18 06:35 - 000956432 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2021-09-21 12:58 - 2021-06-18 06:35 - 000956432 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2021-09-21 12:58 - 2021-06-18 06:35 - 000614232 _____ C:\WINDOWS\system32\ze_tracing_layer.dll 2021-09-21 12:58 - 2021-06-18 06:35 - 000429928 _____ C:\WINDOWS\system32\ze_loader.dll 2021-09-21 12:58 - 2021-06-18 06:35 - 000309696 _____ (Intel Corporation) C:\WINDOWS\system32\libmfxhw64.dll 2021-09-21 12:58 - 2021-06-18 06:35 - 000257088 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\libmfxhw32.dll 2021-09-21 12:58 - 2021-06-18 06:35 - 000173080 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll 2021-09-21 12:58 - 2021-06-18 06:35 - 000148360 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll 2021-09-21 12:58 - 2021-06-18 06:35 - 000145776 _____ C:\WINDOWS\system32\ze_validation_layer.dll 2021-09-21 12:58 - 2021-06-18 06:34 - 026671952 _____ (Intel Corporation) C:\WINDOWS\system32\mfxplugin64_hw.dll 2021-09-21 12:58 - 2021-06-18 06:34 - 013499224 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfxplugin32_hw.dll 2021-09-21 12:58 - 2021-06-18 06:34 - 000507744 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2021-09-21 12:58 - 2021-06-18 06:34 - 000370528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2021-09-21 12:58 - 2021-06-18 06:33 - 000354672 _____ C:\WINDOWS\system32\ControlLib.dll 2021-09-17 22:08 - 2021-09-17 22:08 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3707107645-3133845480-1438675409-1001 2021-09-17 22:08 - 2021-09-17 22:08 - 000002385 _____ C:\Users\erine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-09-16 18:26 - 2021-09-16 18:26 - 001628064 _____ C:\Users\erine\Downloads\MQI Coaching Camera Set Up Guide (1).pdf 2021-09-16 18:15 - 2021-09-16 18:15 - 001628064 _____ C:\Users\erine\Downloads\MQI Coaching Camera Set Up Guide.pdf 2021-09-16 15:26 - 2021-09-16 15:26 - 008087229 _____ C:\Users\erine\Downloads\Gender.zip 2021-09-16 14:20 - 2021-09-16 14:20 - 000818066 _____ C:\Users\erine\Downloads\Cahoon_Cassidy_Purpura_et_al._2021_Rigorous_Measure_JNC_AAM.pdf 2021-09-16 03:53 - 2021-09-16 03:53 - 000012175 _____ C:\Users\erine\Desktop\NSF Figures.xlsx 2021-09-14 22:02 - 2021-09-14 22:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2021-09-14 11:46 - 2021-09-14 11:46 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2021-09-14 11:44 - 2021-09-14 11:44 - 000002146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2021-09-13 05:58 - 2021-09-13 05:58 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2021-09-13 05:58 - 2021-09-13 05:58 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2021-09-13 05:58 - 2021-09-13 05:58 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2021-09-13 05:58 - 2021-09-13 05:58 - 000044328 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2021-09-10 14:09 - 2021-09-10 14:09 - 000000000 ____D C:\Users\erine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom 2021-09-10 13:50 - 2021-09-10 13:50 - 000896935 _____ C:\Users\erine\Downloads\fe_report_fin.pdf 2021-09-08 00:57 - 2021-09-12 04:53 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-09-05 01:35 - 2021-09-16 23:10 - 000017905 _____ C:\Users\erine\Desktop\Milk Ledger.xlsx 2021-09-04 15:56 - 2021-09-04 15:56 - 000105464 _____ C:\Users\erine\Downloads\MQI Coaching Teacher Matching - by coach.xlsx 2021-09-02 00:21 - 2021-09-02 00:21 - 002857747 _____ C:\Users\erine\Downloads\Curriculum Night Power Point.pptx.pdf 2021-09-01 00:05 - 2021-09-01 00:05 - 000011607 _____ C:\Users\erine\Downloads\FY21 Report Summary 8.31.21.xlsx 2021-08-31 14:12 - 2021-08-31 14:12 - 000336341 _____ C:\Users\erine\Downloads\Math Partners_Narrative.edited.pdf 2021-08-31 11:56 - 2021-08-31 11:56 - 000003524 _____ C:\Users\erine\Downloads\EQUIP_M_Forms_Summary.csv 2021-08-31 11:47 - 2021-08-31 11:47 - 000007616 _____ C:\Users\erine\Downloads\EQUIP_M_Forms (12).csv 2021-08-30 14:57 - 2021-08-30 14:57 - 000000000 ____D C:\Users\erine\.IBM 2021-08-30 13:32 - 2021-08-30 13:32 - 000000000 ____D C:\Users\erine\AppData\Local\renv 2021-08-30 13:29 - 2021-08-30 13:29 - 000002168 _____ C:\Users\Public\Desktop\IBM SPSS Statistics.lnk 2021-08-30 13:29 - 2021-08-30 13:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics 2021-08-30 13:14 - 2021-08-30 13:17 - 880796040 _____ (IBM Corp) C:\Users\erine\SSC_64-bit_28.0.0.0_MWins.exe 2021-08-27 15:17 - 2021-08-27 15:17 - 000002370 _____ C:\Users\erine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk 2021-08-27 15:17 - 2021-08-27 15:17 - 000002362 _____ C:\Users\erine\Desktop\Microsoft Teams.lnk 2021-08-26 23:41 - 2021-08-26 23:42 - 000528762 _____ C:\Users\erine\Downloads\Villarreal2015-WJIVACHTestReview.pdf 2021-08-26 23:09 - 2021-08-26 23:09 - 000505343 _____ C:\Users\erine\Downloads\StudyReviewProtocolVersion4.1-508 (1).pdf 2021-08-26 23:05 - 2021-08-26 23:05 - 000021489 _____ C:\Users\erine\Downloads\DSG ARISE Invoice Blank (1).xlsx 2021-08-26 14:20 - 2021-08-26 14:20 - 000003916 _____ C:\WINDOWS\system32\Tasks\Dell SupportAssistAgent AutoUpdate 2021-08-24 13:41 - 2021-08-24 13:41 - 000824908 _____ C:\Users\erine\Downloads\nsf20572.pdf 2021-08-23 17:07 - 2021-08-23 17:07 - 000000000 ___RD C:\Users\erine\Documents\Scanned Documents 2021-08-23 17:07 - 2021-08-23 17:07 - 000000000 ____D C:\Users\erine\Documents\Fax 2021-08-23 00:25 - 2021-08-23 00:25 - 000456603 _____ C:\Users\erine\Downloads\Completion_Certificate (3).pdf ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2021-09-22 10:29 - 2021-03-05 12:01 - 000028838 _____ C:\Users\erine\Desktop\FRST.txt 2021-09-22 10:25 - 2021-03-05 11:56 - 000000000 ____D C:\FRST 2021-09-22 10:13 - 2018-12-02 19:13 - 000000000 ____D C:\Program Files (x86)\Google 2021-09-22 10:12 - 2019-02-07 16:23 - 000000000 ____D C:\ProgramData\Mozilla 2021-09-22 10:11 - 2018-12-02 19:36 - 000000000 ____D C:\Users\erine\AppData\LocalLow\Mozilla 2021-09-22 10:10 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2021-09-22 10:09 - 2019-04-07 23:04 - 000000000 ____D C:\Users\erine\AppData\Local\ElevatedDiagnostics 2021-09-22 10:06 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-09-22 09:55 - 2020-11-01 03:31 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-09-22 04:41 - 2019-12-07 04:13 - 000000000 ____D C:\WINDOWS\INF 2021-09-22 04:23 - 2020-05-18 12:16 - 000000000 ___RD C:\Users\erine\OneDrive - erikson.edu 2021-09-22 04:23 - 2019-10-04 15:11 - 000000000 ___RD C:\Users\erine\erikson.edu 2021-09-22 04:23 - 2018-12-02 19:07 - 000000000 ___RD C:\Users\erine\OneDrive 2021-09-22 04:21 - 2021-06-24 04:36 - 000000000 ____D C:\Users\erine\AppData\LocalLow\IGDump 2021-09-22 04:20 - 2020-11-01 04:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-09-22 04:20 - 2020-11-01 03:31 - 000008192 ___SH C:\DumpStack.log.tmp 2021-09-22 04:20 - 2018-09-11 08:13 - 000000000 ____D C:\Intel 2021-09-22 04:15 - 2019-12-07 04:03 - 001310720 _____ C:\WINDOWS\system32\config\BBI 2021-09-22 04:09 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-09-22 04:09 - 2018-12-02 19:02 - 000000000 ____D C:\Users\erine\AppData\Local\Packages 2021-09-22 02:24 - 2018-09-11 08:09 - 000000000 ___HD C:\Program Files (x86)\Temp 2021-09-22 02:23 - 2021-04-12 11:26 - 000000000 ____D C:\ProgramData\Intel Package Cache {1CEAC85D-2590-4760-800F-8DE5E91F3700} 2021-09-22 02:23 - 2018-09-11 08:09 - 000019632 _____ C:\WINDOWS\SysWOW64\RtkMsgs.dll 2021-09-22 02:19 - 2018-09-11 08:08 - 000000000 ____D C:\ProgramData\Intel 2021-09-22 02:17 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-09-22 02:07 - 2018-09-11 08:06 - 000000000 ____D C:\Program Files\Intel 2021-09-22 01:26 - 2020-10-30 02:10 - 000000000 ___DC C:\WINDOWS\Panther 2021-09-22 00:35 - 2021-03-05 12:17 - 000059838 _____ C:\Users\erine\Desktop\Addition.txt 2021-09-21 21:24 - 2020-11-01 03:52 - 000842418 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-09-21 16:41 - 2019-12-07 04:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-09-21 16:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2021-09-21 16:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2021-09-21 16:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-09-21 16:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-09-21 16:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2021-09-21 16:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2021-09-21 16:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-09-21 16:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2021-09-21 16:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-09-21 16:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\DDFs 2021-09-21 16:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\appraiser 2021-09-21 16:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2021-09-21 16:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-09-21 16:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-09-21 16:41 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\servicing 2021-09-21 16:37 - 2020-05-18 17:19 - 000000000 ____D C:\Users\erine\Documents\Zoom 2021-09-21 16:29 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-09-21 15:19 - 2021-05-28 15:28 - 000002023 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2021-09-21 15:19 - 2020-08-02 03:43 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-09-21 15:17 - 2021-05-28 15:27 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2021-09-21 15:11 - 2020-09-05 17:16 - 000000000 ____D C:\Users\erine\AppData\Local\CrashDumps 2021-09-21 14:29 - 2020-08-22 05:58 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-09-21 14:28 - 2020-08-22 05:58 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2021-09-21 14:25 - 2018-12-02 19:14 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-09-18 20:24 - 2021-07-04 21:28 - 000000000 ____D C:\Users\erine\AppData\Roaming\.minecraft 2021-09-17 03:21 - 2018-12-02 22:38 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-09-17 03:16 - 2018-12-02 22:38 - 135637312 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-09-16 23:05 - 2018-12-02 19:17 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2021-09-14 22:03 - 2019-01-04 18:06 - 000000000 ____D C:\Users\erine\AppData\Local\Dropbox 2021-09-14 22:03 - 2019-01-04 18:06 - 000000000 ____D C:\Program Files (x86)\Dropbox 2021-09-12 05:23 - 2018-12-02 20:40 - 000000000 ____D C:\Users\erine\AppData\Local\D3DSCache 2021-09-12 04:53 - 2018-12-02 19:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-09-10 14:10 - 2018-12-11 11:41 - 000000000 ____D C:\Users\erine\AppData\Roaming\Zoom 2021-09-09 10:11 - 2020-09-30 02:14 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-09-08 13:17 - 2018-09-11 07:58 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-09-08 07:57 - 2021-07-27 17:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-09-08 07:57 - 2018-12-02 19:36 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-09-02 04:23 - 2020-05-18 17:19 - 000000000 ____D C:\Users\erine\Documents\Housekeeping 2021-09-02 01:01 - 2019-12-07 04:50 - 000000000 ____D C:\WINDOWS\system32\FxsTmp 2021-08-31 13:50 - 2020-09-16 02:30 - 000000000 ____D C:\Users\erine\AppData\Local\javasharedresources 2021-08-30 20:26 - 2019-11-13 08:00 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2021-08-30 14:57 - 2020-11-01 03:39 - 000000000 ____D C:\Users\erine 2021-08-30 13:32 - 2020-09-16 02:33 - 000000000 ____D C:\Users\erine\AppData\Roaming\IBM 2021-08-30 13:23 - 2020-09-16 02:28 - 000000000 ____D C:\Program Files\IBM 2021-08-26 14:26 - 2020-01-21 10:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell 2021-08-26 14:00 - 2021-07-27 16:02 - 002163152 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll 2021-08-26 14:00 - 2021-07-27 16:02 - 000307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll 2021-08-26 14:00 - 2021-07-27 16:02 - 000213456 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll 2021-08-26 14:00 - 2021-07-27 16:02 - 000188856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll 2021-08-26 14:00 - 2021-07-27 16:02 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll 2021-08-26 14:00 - 2021-07-27 16:02 - 000061904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe 2021-08-24 17:18 - 2020-02-07 14:29 - 000000000 ____D C:\Users\erine\AppData\Local\GoToMeeting ==================== Files in the root of some directories ======== 2021-08-30 13:14 - 2021-08-30 13:17 - 880796040 _____ (IBM Corp) C:\Users\erine\SSC_64-bit_28.0.0.0_MWins.exe 2020-04-01 00:10 - 2020-04-01 00:11 - 001451682 _____ () C:\Users\erine\AppData\Roaming\AvidLink_Install.log 2021-03-05 12:06 - 2021-03-05 12:06 - 000000017 _____ () C:\Users\erine\AppData\Local\resmon.resmoncfg ==================== FLock ============================== 2021-05-28 05:10 C:\Recovery ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================