Hello and thank you for reading my post.
First, please let me apologize if I am posting this on the wrong forum.
My wife's laptop Is a Lenovo ThinkPad R400 with 2 GB or RAM & about 58% of it's 148GB storage used on the Windows 10 o/s and is running slow. It takes time to boot up; and launching apps & internet browsers can sometimes take what seems like a couple of minutes to open.
I regularly clean the temp files, cache and old registry. I clean the registry via Ccleaner and Super antispyware scans.
I did the cleanup before running a FRST log and looking at task manager. Task manager is showing Memory toggle between 75%-81%. CPU & Disk started off with high numbers but after a couple of minutes togged between 3% and 30%.
The FRST Addition log mentions a trojan virus, but I believe that occurred because Microsoft Windows Security was preventing FRST 32-bit from downloading, because it thought it was a virus. I couldn't download it in safe mode either so turned off Windows Security temporarily.
Anyhow, I attached the FRST logs incase it helps and if there are any tips on speeding up the laptop response rate, it's greatly appreciated.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-04-2020
Ran by Chrissy (administrator) on CHRISSY-PC (LENOVO 7439W6R) (05-04-2020 19:06:19)
Running from C:\Users\Chrissy\Downloads
Loaded Profiles: Chrissy (Available Profiles: Chrissy & DefaultAppPool)
Platform: Microsoft Windows 10 Home Version 1909 18363.720 (X86) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AcroCEF\AcroCEF.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AcroCEF\AcroCEF.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Canon Inc. -> CANON INC.) C:\Program Files\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Users\Chrissy\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Users\Chrissy\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Users\Chrissy\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Users\Chrissy\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Users\Chrissy\AppData\Roaming\Dropbox\bin\94.4.384\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Users\Chrissy\AppData\Roaming\Dropbox\bin\94.4.384\QtWebEngineProcess.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\Hp\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe
(LENOVO -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MsMpEng.exe
(Numedia Soft, Inc. -> ) C:\Program Files\CDBurnerXP\NMSAccessU.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Sage Software, Inc. -> Pervasive Software Inc.) C:\Program Files\Pervasive Software\PSQL\bin\w3dbsmgr.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [PeachtreePrefetcher.exe] => C:\Program Files\Sage\Peachtree\PeachtreePrefetcher.exe [30576 2012-10-22] (Sage Software, Inc. -> Sage Software, Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5314096 2020-03-05] (Adobe Inc. -> Adobe Systems Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2379504 2013-04-24] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [270912 2015-06-17] (Canon Inc. -> CANON INC.)
HKU\S-1-5-21-2695042837-3831575686-1124767896-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [8065456 2019-05-16] (Support.com, Inc. -> SUPERAntiSpyware)
HKU\S-1-5-21-2695042837-3831575686-1124767896-1000\...\Run: [Dropbox Update] => C:\Users\Chrissy\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-06] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-2695042837-3831575686-1124767896-1000\...\Run: [HP Officejet Pro 8500 A910 (NET)] => C:\Program Files\Hp\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-2695042837-3831575686-1124767896-1000\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5557296 2020-03-05] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2695042837-3831575686-1124767896-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [16509040 2019-04-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2695042837-3831575686-1124767896-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [134656 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\80.0.3987.163\Installer\chrmstp.exe [2020-04-02] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WG111v3 Smart Wizard.lnk [2013-02-03]
ShortcutTarget: NETGEAR WG111v3 Smart Wizard.lnk -> C:\Program Files\NETGEAR\WG111v3\WG111v3.exe () [File not signed]
Startup: C:\Users\Chrissy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2020-03-20]
ShortcutTarget: Dropbox.lnk -> C:\Users\Chrissy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
Startup: C:\Users\Chrissy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8500 A910 (Network).lnk [2016-05-20]
ShortcutAndArgument: Monitor Ink Alerts - HP Officejet Pro 8500 A910 (Network).lnk -> C:\Windows\system32\RunDll32.exe => "C:\Program Files\HP\HP Officejet Pro 8500 A910\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN0BIBM07J;CONNECTION=NW;MONITOR=1;
GroupPolicy\User: Restriction ? <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {019B1734-9A1F-44C9-80A1-BF0F6F3D5D51} - System32\Tasks\G2MUpdateTask-S-1-5-21-2695042837-3831575686-1124767896-1000 => C:\Users\Chrissy\AppData\Local\GoToMeeting\10996\g2mupdate.exe [29736 2018-11-05] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {083394AD-6359-4D99-A698-4D39EFF506F7} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {086C110A-7312-4F66-8819-25E8FA59C1CB} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0A408543-E330-4650-94E5-11A2BE8E98E5} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {0A8D55D6-6C76-4D4A-85BA-5701C080EDD3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {10770654-CCA1-472E-A689-4DBC284EEEAD} - System32\Tasks\{C9C95A7E-7402-4E72-A146-52439EE4D0AE} => C:\Windows\system32\pcalua.exe -a D:\Setup.exe -d D:\
Task: {17D4C3EC-14D8-48AD-9006-C171A20E58CF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [414672 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1B5E8312-C9B2-40D3-BDF7-B4B6696FE663} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [414672 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1DA7281F-CDC9-4BFA-8C45-31DE76C9CDBD} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1EDA3DBE-C7C5-41FA-AFEC-159B1159DF8E} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {24FA84A0-E087-48EC-BC51-2B9C4C815D78} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {285131B2-AA08-4EBD-8533-B43A8459E2CD} - System32\Tasks\DTChk => C:\Users\Public\Util\DTChk.exe <==== ATTENTION
Task: {2C2DDEB9-03A5-41AE-8069-8E0F197CCF85} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {33BDE6BF-ABF5-4F3B-B9D9-6D904D77DA30} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {367F930A-A3DB-4112-B1F1-50E92A171C88} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {3DCA53B7-36BA-4C67-B01E-6E267AB26264} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [115032 2020-03-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {46669C31-2CF0-4C09-8092-9DA9A23931B8} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {4777AB01-1A99-4B87-B667-52F9C3A8B221} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {4DB4F9E7-AEFA-4E5F-B558-606131D54724} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {51FA9D83-065B-44FB-8F4B-1A2673A73EFC} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {526687E3-AAFA-4505-BFF0-C3947A22A8BB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [414672 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5316FCA6-1FEF-42A6-81FD-26CAF22181F6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {5917FDCC-CE3E-4CDF-996A-091EC9E5BDB7} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2695042837-3831575686-1124767896-1000UA => C:\Users\Chrissy\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {5ADA10C1-C5E0-4166-89D7-30F123BFF115} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5DB76FCC-D48D-4BCF-A7C7-EAE6BDE06D9D} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {5E446D22-8301-431F-A914-1AD864A231B8} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {5F260D6D-586C-4E61-99D2-E29D638FEF40} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {6A1E4049-678A-4A5E-B578-9338F74ADCA4} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {6A22689E-15DF-4B8A-A106-835F9B7DDB0E} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {6B7FDBF0-8404-4EA9-AF3F-BC46F9D66519} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {6B86FF1C-5A1B-46AB-A4AA-ED956C5F301A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {797C258E-093D-4146-A232-26B123F14D12} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {7BEA7311-7C95-4D53-8989-0A1EAF589D52} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7E78F1B2-5B9D-4AC3-ACF4-217D58CBB55B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {7EDA44D2-34C9-4300-A498-CC6398E727C5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {8037A1A9-753C-496D-92FF-A562AEF2876F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1443424 2020-03-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {81762D5C-EC96-47A6-8735-1B5834187293} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {83EF3333-90BF-4849-B579-67B7893CBF76} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2695042837-3831575686-1124767896-1000Core => C:\Users\Chrissy\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {898161CD-2C55-42C6-8E15-3C8F7AD63B11} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [414672 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9132A2FC-A7C2-4C38-9B83-1E134DFEB44B} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9A25FEDF-9241-47C1-9A21-C75503EE5B4F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16509040 2019-04-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9C1D7626-9270-4A9B-AD09-E8A1DFE1B16F} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A1141C2A-4463-46C9-A4A9-26369B5ED8A3} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {A76D933D-AC92-4D21-972D-B7A37FAB4A46} - System32\Tasks\0 => c:\program files\internet explorer\iexplore.exe
Task: {A8C8BD40-F318-4159-A3C5-DF867359C5A2} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AE071D1D-2B8B-460D-AF1A-CF8D7EAFC3DD} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [18871600 2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {AEC6F720-D19B-4CDE-8D25-22BC11215A84} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {B3A30CBC-0E40-4F36-B7A9-EE1DCDC7BC4C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {B546E45A-5535-47EE-B5B4-C428031E35E7} - System32\Tasks\G2MUploadTask-S-1-5-21-2695042837-3831575686-1124767896-1000 => C:\Users\Chrissy\AppData\Local\GoToMeeting\10996\g2mupload.exe [29736 2018-11-05] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {BF97CB34-3029-48F7-BDBB-FB952D720991} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {C31647BE-4792-4BBE-B54C-2E2FCD7E38B3} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C6BA0F0C-D292-456D-9072-9C48E866BDB0} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C8BB0AEC-5AA3-4329-B695-B1D8C31C87B6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [18871600 2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {C99528D5-7F41-4D2A-83B3-DDE9972DF16A} - System32\Tasks\4922 => wscript.exe C:\Users\Chrissy\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {CDBE7605-8F60-4F79-AEC2-1F1ABC779DFF} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {CE412AF3-BB4F-4801-8D06-D32A2E8F7E46} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [115032 2020-03-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {D1688704-6142-45B2-AD3F-1B0D3FBC34A6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D624231D-CEDE-4F25-A0A5-14CF598C82C4} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D66C28C3-C99E-47CB-94EA-8086B6ED824D} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D989BDBD-BC6A-4B4C-A09E-88DCF1546107} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [269504 2016-05-13] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {DA5E393E-A18C-4CDC-B9A0-61D824261436} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {DB67E9E2-7A43-4A62-8197-69383BDC3814} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {DC1AD582-78E6-4E24-9722-D9EDAFB15A33} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DDC2ED3B-58B2-4004-B330-595E7EA3CFB8} - System32\Tasks\DTReg => C:\Windows\system32\config\systemprofile\AppData\Roaming\DefaultTab\DefaultTab\DTReg.exe <==== ATTENTION
Task: {E20C0141-41C2-49C4-8D18-2DE08E6BB110} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {E65593E3-7D3B-4DFC-96D2-32B08F7EE9BD} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E79B2998-8F63-451A-A56D-26EDC0A5098A} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {E7AF8EDD-83B0-4AF7-B146-38DE487DED64} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {E9241184-65A8-4D90-BEB5-0DC9664DD6AA} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {F3555FBD-C63A-471E-9E3C-890A37B1F9BE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {F42CBAEA-93BE-43E9-8774-3DCEAAA1CE82} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F589C275-4654-42DB-B404-D243D0606D2D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {F908A273-E82E-4629-853A-92F40A7AAEE2} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2695042837-3831575686-1124767896-1000Core.job => C:\Users\Chrissy\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2695042837-3831575686-1124767896-1000UA.job => C:\Users\Chrissy\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2695042837-3831575686-1124767896-1000.job => C:\Users\Chrissy\AppData\Local\GoToMeeting\10996\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2695042837-3831575686-1124767896-1000.job => C:\Users\Chrissy\AppData\Local\GoToMeeting\10996\g2mupload.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{072620ba-7083-4d9e-b4b6-9da50f9d0f8b}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{29ea32ab-d579-422f-9305-96d856445e85}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{6fb389c2-2b28-481d-8e9e-4bd3eb9a80d3}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{b8632072-9b1e-40ac-9bb9-9b4b1783b2de}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-2695042837-3831575686-1124767896-1000 -> {180780f0-b348-4b44-8210-94a8f3ee15b2} URL = hxxp://search.comcast.net/search/?cat=Web&con=toolbar&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2695042837-3831575686-1124767896-1000 -> {3FC5EC2D-7212-4C6B-99E8-393ADDB9FBC3} URL = hxxp://www.mysearchresults.com/search?&c=4200&t=11&q={searchTerms}
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-25] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-12-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-25] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-12-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-12-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2695042837-3831575686-1124767896-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\S-1-5-21-2695042837-3831575686-1124767896-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-08] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2011-06-10] (Adobe Systems, Inc.) [File not signed]
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-03-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-05] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Chrissy\AppData\Local\Google\Chrome\User Data\Default [2020-04-05]
CHR NewTab: Default -> Not-active:"chrome-extension://mallpejgeafdahhflmliiahjdpgbegpk/ntp1.html"
CHR Extension: (Docs) - C:\Users\Chrissy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Chrissy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Chrissy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\Chrissy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Adobe Acrobat) - C:\Users\Chrissy\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-03-04]
CHR Extension: (Google Docs Offline) - C:\Users\Chrissy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-12]
CHR Extension: (Xfinity) - C:\Users\Chrissy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hemjgdpngmhbimofcicjfhibkdbigdmb [2014-02-25]
CHR Extension: (FromDocToPDF) - C:\Users\Chrissy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk [2019-12-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Chrissy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-07]
CHR Extension: (Gmail) - C:\Users\Chrissy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Chrissy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-03]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM\...\Chrome\Extension: [hemjgdpngmhbimofcicjfhibkdbigdmb] - C:\ProgramData\comcastModemRelease\shortcuts\chrome\xfinity.crx [2013-02-08]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [143776 2017-06-01] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [88648 2020-02-25] (Adobe Inc. -> Adobe Systems)
R2 AGMService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGMService.exe [3374160 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe [3103824 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7219272 2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 NMSAccess; C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096 2010-03-05] (Numedia Soft, Inc. -> )
S3 Peachtree SmartPosting 2012; C:\Program Files\Sage\Peachtree\SmartPostingService2012.exe [44400 2012-10-22] (Sage Software, Inc. -> Sage Software, Inc.)
S2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [52736 2009-06-22] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
R2 psqlWGE; C:\Program Files\Pervasive Software\PSQL\bin\w3dbsmgr.exe [435528 2011-04-07] (Sage Software, Inc. -> Pervasive Software Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [2297256 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [85544 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [28824 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [165376 2019-09-12] (Microsoft Corporation) [File not signed]
S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2011-06-02] (Intel® Graphics DSS -> )
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [132520 2015-03-10] (BoiseTest -> Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [17320 2015-03-10] (BoiseTest -> Windows ® Win 7 DDK provider)
S3 dot4usb; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [37800 2015-03-10] (BoiseTest -> Microsoft Corporation)
R3 Eplpdx02; C:\WINDOWS\system32\Drivers\EPLPDX02.SYS [70084 2001-08-10] (MK Systems CO., LTD.) [File not signed]
S3 NETw5s32; C:\WINDOWS\System32\DRIVERS\NETw5s32.sys [6114816 2009-09-15] (Intel Corporation) [File not signed]
R3 NETwNs32; C:\WINDOWS\System32\drivers\NETwNs32.sys [7530736 2013-05-02] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [38640 2013-04-24] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SrvHsfHDA; C:\WINDOWS\system32\DRIVERS\VSTAZL3.SYS [207360 2019-03-18] (Microsoft Windows -> Conexant Systems, Inc.)
R3 SrvHsfV92; C:\WINDOWS\system32\DRIVERS\VSTDPV3.SYS [980992 2019-03-18] (Microsoft Windows -> Conexant Systems, Inc.)
R3 SrvHsfWinac; C:\WINDOWS\system32\DRIVERS\VSTCNXT3.SYS [661504 2019-03-18] (Microsoft Windows -> Conexant Systems, Inc.)
S3 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [7168 2009-11-12] () [File not signed]
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [37768 2020-03-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [303840 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [41696 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [207360 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-04-05 19:06 - 2020-04-05 19:09 - 000035137 _____ C:\Users\Chrissy\Downloads\FRST.txt
2020-04-05 19:05 - 2020-04-05 19:08 - 000000000 ____D C:\FRST
2020-04-05 19:04 - 2020-04-05 19:04 - 002009088 _____ (Farbar) C:\Users\Chrissy\Downloads\FRST.exe
2020-04-05 16:30 - 2020-04-05 16:30 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-04-05 16:23 - 2020-04-05 16:23 - 000000000 ____D C:\WINDOWS\Panther
2020-04-05 15:10 - 2020-04-05 15:10 - 000000267 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2020-04-05 14:28 - 2020-04-05 14:28 - 000000000 ____D C:\ProgramData\Intel
2020-04-04 19:37 - 2020-04-04 19:39 - 001993489 _____ C:\Users\Chrissy\Documents\Savannah Sousa 2020-21.pdf
2020-04-04 19:31 - 2020-04-04 19:33 - 002313479 _____ C:\Users\Chrissy\Documents\Griffin Sousa 2019-20.pdf
2020-04-04 19:23 - 2020-04-04 19:26 - 003259887 _____ C:\Users\Chrissy\Documents\Savannah Sousa 2019-20.pdf
2020-04-03 10:48 - 2020-04-03 10:48 - 000429175 _____ C:\Users\Chrissy\Desktop\UI Monetary Determination.pdf
2020-04-03 10:46 - 2020-04-03 10:46 - 000428390 _____ C:\Users\Chrissy\Downloads\UI Online - Doc_20200403104628.pdf
2020-04-03 08:35 - 2020-04-03 08:35 - 000255320 _____ (Asurvio, LP) C:\Users\Chrissy\Downloads\DSOne.exe
2020-04-03 07:55 - 2020-04-03 07:55 - 000007605 _____ C:\Users\Chrissy\AppData\Local\Resmon.ResmonCfg
2020-04-02 19:24 - 2020-04-02 19:24 - 000000000 ____D C:\Users\Chrissy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-04-02 19:08 - 2020-04-05 15:11 - 000000000 ____D C:\ProgramData\Lenovo
2020-04-02 19:08 - 2020-04-05 15:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\TVT
2020-04-02 19:05 - 2020-04-05 15:11 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2020-04-02 19:02 - 2020-04-05 15:12 - 000000000 ____D C:\WINDOWS\TempInst
2020-04-02 15:13 - 2020-04-02 15:13 - 000004987 _____ C:\Users\Chrissy\Downloads\Dynamic Email List - Parent & Child Classes (2019-2020).xlsx
2020-04-02 15:11 - 2020-04-02 15:11 - 000004346 _____ C:\Users\Chrissy\Downloads\Dynamic Email List - Transitional Preschool (2019-20).xlsx
2020-04-02 15:06 - 2020-04-02 15:08 - 000010235 _____ C:\Users\Chrissy\Downloads\Dynamic Email List - Preschool (2019-20).xlsx
2020-04-02 14:58 - 2020-04-02 15:00 - 000009429 _____ C:\Users\Chrissy\Downloads\Dynamic Email List - Multi-Track Kindergarten (2019-20).xlsx
2020-04-02 14:56 - 2020-04-02 14:56 - 000004915 _____ C:\Users\Chrissy\Downloads\Dynamic Email List - Summer 2020.xlsx
2020-04-02 14:47 - 2020-04-02 14:47 - 000086093 _____ C:\Users\Chrissy\Downloads\members_export_8e7b28e9c4.zip
2020-04-02 14:32 - 2020-04-02 14:33 - 000002158 _____ C:\Users\Chrissy\Downloads\members_export_5e4b740e45.zip
2020-04-01 20:11 - 2020-04-01 20:11 - 005747077 _____ C:\Users\Chrissy\Documents\Dependents.pdf
2020-04-01 19:35 - 2020-04-01 19:35 - 000546775 _____ C:\Users\Chrissy\Downloads\UI Online - Doc_20200401193509.pdf
2020-04-01 19:35 - 2020-04-01 19:35 - 000546775 _____ C:\Users\Chrissy\Downloads\UI Online - Doc_20200401193500.pdf
2020-04-01 19:25 - 2020-04-01 19:25 - 000546772 _____ C:\Users\Chrissy\Downloads\UI Online - Doc_20200401192522.pdf
2020-04-01 19:24 - 2020-04-01 19:24 - 000024058 _____ C:\Users\Chrissy\Downloads\UI Online - Doc_20200401192406.pdf
2020-04-01 19:20 - 2020-04-01 19:20 - 000546772 _____ C:\Users\Chrissy\Downloads\UI Online - Doc_20200401192043.pdf
2020-03-31 20:37 - 2020-03-31 20:37 - 000024058 _____ C:\Users\Chrissy\Downloads\UI Online - Doc_20200331203718.pdf
2020-03-28 20:10 - 2020-03-28 20:10 - 000025238 _____ C:\Users\Chrissy\Documents\Quarterly Reports 4.1.pdf
2020-03-28 19:49 - 2020-03-28 19:49 - 000947023 _____ C:\Users\Chrissy\Documents\Payroll 4.3.pdf
2020-03-18 08:23 - 2020-03-18 08:23 - 000079669 _____ C:\Users\Chrissy\Downloads\ACTIVE Account Statement March 1 - 15, 2020.xlsx
2020-03-16 00:46 - 2020-03-16 00:46 - 006520776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-03-16 00:46 - 2020-03-16 00:46 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-03-16 00:46 - 2020-03-16 00:46 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-03-16 00:46 - 2020-03-16 00:46 - 000462864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-03-16 00:46 - 2020-03-16 00:46 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll
2020-03-15 20:01 - 2020-03-15 20:02 - 000503672 _____ C:\Users\Chrissy\Documents\Hana Philcrantz.pdf
2020-03-15 14:11 - 2020-03-15 14:11 - 000002483 _____ C:\Users\Chrissy\Downloads\Colored-College-Ruled-Paper1.zip
2020-03-14 11:24 - 2020-03-14 11:24 - 009711616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-03-14 11:24 - 2020-03-14 11:24 - 003243296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-03-14 11:24 - 2020-03-14 11:24 - 002315680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-03-14 11:24 - 2020-03-14 11:24 - 001874328 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2020-03-14 11:24 - 2020-03-14 11:24 - 001867816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-03-14 11:24 - 2020-03-14 11:24 - 001792312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-03-14 11:24 - 2020-03-14 11:24 - 001616912 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-03-14 11:24 - 2020-03-14 11:24 - 001555904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2020-03-14 11:24 - 2020-03-14 11:24 - 001474048 _____ C:\WINDOWS\system32\rdpnano.dll
2020-03-14 11:24 - 2020-03-14 11:24 - 001417976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-03-14 11:24 - 2020-03-14 11:24 - 001400320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-03-14 11:24 - 2020-03-14 11:24 - 001108040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-03-14 11:24 - 2020-03-14 11:24 - 001080832 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2020-03-14 11:24 - 2020-03-14 11:24 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-03-14 11:24 - 2020-03-14 11:24 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-03-14 11:24 - 2020-03-14 11:24 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-03-14 11:24 - 2020-03-14 11:24 - 000757632 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2020-03-14 11:24 - 2020-03-14 11:24 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-03-14 11:24 - 2020-03-14 11:24 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-03-14 11:24 - 2020-03-14 11:24 - 000446232 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2020-03-14 11:24 - 2020-03-14 11:24 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-03-14 11:24 - 2020-03-14 11:24 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacEncoder.dll
2020-03-14 11:24 - 2020-03-14 11:24 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-03-14 11:24 - 2020-03-14 11:24 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-03-14 11:24 - 2020-03-14 11:24 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-03-14 11:24 - 2020-03-14 11:24 - 000079672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2020-03-14 11:24 - 2020-03-14 11:24 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2020-03-14 11:24 - 2020-03-14 11:24 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2020-03-14 11:24 - 2020-03-14 11:24 - 000023864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2020-03-14 11:24 - 2020-03-14 11:24 - 000018448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2020-03-14 11:23 - 2020-03-14 11:23 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 018027008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 006285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 005911040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 003819520 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 003488768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 002999808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-03-14 11:23 - 2020-03-14 11:23 - 002307584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 002259872 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 002235408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-03-14 11:23 - 2020-03-14 11:23 - 002077880 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 001797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 001684992 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 001429096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 001402880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 001298432 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 001223680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 001157120 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 001077632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-03-14 11:23 - 2020-03-14 11:23 - 001071120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-03-14 11:23 - 2020-03-14 11:23 - 001031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 001018552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-03-14 11:23 - 2020-03-14 11:23 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000746352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-03-14 11:23 - 2020-03-14 11:23 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000713728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2020-03-14 11:23 - 2020-03-14 11:23 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbc32.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetup.exe
2020-03-14 11:23 - 2020-03-14 11:23 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-03-14 11:23 - 2020-03-14 11:23 - 000478792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000362000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-03-14 11:23 - 2020-03-14 11:23 - 000356368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2020-03-14 11:23 - 2020-03-14 11:23 - 000331280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-03-14 11:23 - 2020-03-14 11:23 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000267280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-03-14 11:23 - 2020-03-14 11:23 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2020-03-14 11:23 - 2020-03-14 11:23 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-03-14 11:23 - 2020-03-14 11:23 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000205840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2020-03-14 11:23 - 2020-03-14 11:23 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2020-03-14 11:23 - 2020-03-14 11:23 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2020-03-14 11:23 - 2020-03-14 11:23 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2020-03-14 11:23 - 2020-03-14 11:23 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000136328 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-03-14 11:23 - 2020-03-14 11:23 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceMetadataRetrievalClient.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2020-03-14 11:23 - 2020-03-14 11:23 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2020-03-14 11:23 - 2020-03-14 11:23 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000102760 _____ (Microsoft Corporation) C:\WINDOWS\system32\profapi.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000097592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2020-03-14 11:23 - 2020-03-14 11:23 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000080912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2020-03-14 11:23 - 2020-03-14 11:23 - 000074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmRes.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlrmdr.exe
2020-03-14 11:23 - 2020-03-14 11:23 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-03-14 11:23 - 2020-03-14 11:23 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstUI.exe
2020-03-14 11:23 - 2020-03-14 11:23 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000054800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2020-03-14 11:23 - 2020-03-14 11:23 - 000051512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-03-14 11:23 - 2020-03-14 11:23 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2020-03-14 11:23 - 2020-03-14 11:23 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2020-03-14 11:23 - 2020-03-14 11:23 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-03-14 11:23 - 2020-03-14 11:23 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afunix.sys
2020-03-14 11:23 - 2020-03-14 11:23 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
2020-03-14 11:23 - 2020-03-14 11:23 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\msauserext.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpnotify.exe
2020-03-14 11:23 - 2020-03-14 11:23 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MUILanguageCleanup.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\LangCleanupSysprepAction.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-03-14 11:23 - 2020-03-14 11:23 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetupproxyserv.dll
2020-03-14 11:22 - 2020-03-14 11:23 - 007070736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-03-14 11:22 - 2020-03-14 11:22 - 006084344 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 005112832 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 004868184 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-03-14 11:22 - 2020-03-14 11:22 - 004755968 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 003971808 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-03-14 11:22 - 2020-03-14 11:22 - 003560960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 003131392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 003037696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 002985984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 002875904 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-03-14 11:22 - 2020-03-14 11:22 - 002797568 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 002761016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-03-14 11:22 - 2020-03-14 11:22 - 002740736 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 002584008 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 002203664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-03-14 11:22 - 2020-03-14 11:22 - 002058240 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-03-14 11:22 - 2020-03-14 11:22 - 002021888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 001985104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 001661952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 001659528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 001587200 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 001539888 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 001512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 001484600 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 001454400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 001400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 001264128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 001257984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 001150464 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-03-14 11:22 - 2020-03-14 11:22 - 001101312 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 001054376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 001007672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 001004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 001000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000935040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2020-03-14 11:22 - 2020-03-14 11:22 - 000892696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000786040 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000785920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000776488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000769552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000741376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000689976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-03-14 11:22 - 2020-03-14 11:22 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-03-14 11:22 - 2020-03-14 11:22 - 000668296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000627216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000622592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000612352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000551824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxs.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000538128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-03-14 11:22 - 2020-03-14 11:22 - 000531672 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-03-14 11:22 - 2020-03-14 11:22 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000415976 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-03-14 11:22 - 2020-03-14 11:22 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2020-03-14 11:22 - 2020-03-14 11:22 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000404992 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2020-03-14 11:22 - 2020-03-14 11:22 - 000402528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-03-14 11:22 - 2020-03-14 11:22 - 000400440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-03-14 11:22 - 2020-03-14 11:22 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000344376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-03-14 11:22 - 2020-03-14 11:22 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-03-14 11:22 - 2020-03-14 11:22 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-03-14 11:22 - 2020-03-14 11:22 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Acx01000.sys
2020-03-14 11:22 - 2020-03-14 11:22 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000213984 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-03-14 11:22 - 2020-03-14 11:22 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-03-14 11:22 - 2020-03-14 11:22 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountCloudAP.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-03-14 11:22 - 2020-03-14 11:22 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000152080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2020-03-14 11:22 - 2020-03-14 11:22 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000142648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2020-03-14 11:22 - 2020-03-14 11:22 - 000120560 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-03-14 11:22 - 2020-03-14 11:22 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GraphicsCapture.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000105384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000104976 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandler.exe
2020-03-14 11:22 - 2020-03-14 11:22 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Taskbar.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000068408 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-03-14 11:22 - 2020-03-14 11:22 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000046928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000042336 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-03-14 11:22 - 2020-03-14 11:22 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAProfileNotificationHandler.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxstrace.exe
2020-03-14 11:22 - 2020-03-14 11:22 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000023864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tbs.sys
2020-03-14 11:22 - 2020-03-14 11:22 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-03-14 11:22 - 2020-03-14 11:22 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wci.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-03-14 11:22 - 2020-03-14 11:22 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchTM.exe
2020-03-14 11:22 - 2020-03-14 11:22 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-03-14 11:22 - 2020-03-14 11:22 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUserRes.dll
2020-03-14 11:21 - 2020-03-14 11:21 - 001091584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2020-03-14 11:21 - 2020-03-14 11:21 - 000425272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2020-03-14 11:21 - 2020-03-14 11:21 - 000319976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2020-03-14 11:21 - 2020-03-14 11:21 - 000192016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-03-14 11:21 - 2020-03-14 11:21 - 000173880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2020-03-14 11:21 - 2020-03-14 11:21 - 000167224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2020-03-14 11:21 - 2020-03-14 11:21 - 000160568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2020-03-14 11:21 - 2020-03-14 11:21 - 000156984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2020-03-14 11:21 - 2020-03-14 11:21 - 000156984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2020-03-14 11:21 - 2020-03-14 11:21 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\viac7.sys
2020-03-14 11:21 - 2020-03-14 11:21 - 000144400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2020-03-14 11:21 - 2020-03-14 11:21 - 000133432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2020-03-14 11:21 - 2020-03-14 11:21 - 000109072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2020-03-14 11:21 - 2020-03-14 11:21 - 000105272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2020-03-14 11:21 - 2020-03-14 11:21 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2020-03-14 11:21 - 2020-03-14 11:21 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2020-03-14 11:21 - 2020-03-14 11:21 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2020-03-14 11:21 - 2020-03-14 11:21 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys
2020-03-14 11:21 - 2020-03-14 11:21 - 000041784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciidex.sys
2020-03-14 11:21 - 2020-03-14 11:21 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2020-03-14 11:21 - 2020-03-14 11:21 - 000023952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2020-03-14 11:21 - 2020-03-14 11:21 - 000022840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atapi.sys
2020-03-14 11:21 - 2020-03-14 11:21 - 000017208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelide.sys
2020-03-14 11:21 - 2020-03-14 11:21 - 000014648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciide.sys
2020-03-14 10:55 - 2020-02-11 00:48 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-03-12 09:49 - 2020-03-12 09:49 - 000308548 _____ C:\Users\Chrissy\Downloads\Reese Baran.pdf
2020-03-10 17:29 - 2020-03-10 17:30 - 000479940 _____ C:\Users\Chrissy\Downloads\67newburyseptic Model (1).pdf
2020-03-10 09:12 - 2020-03-10 09:12 - 003281211 _____ C:\Users\Chrissy\Downloads\C1 - Drainage Modification-C1.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-04-05 19:00 - 2019-10-01 19:40 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-04-05 19:00 - 2019-10-01 19:40 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-04-05 18:34 - 2019-03-18 22:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-04-05 18:34 - 2019-03-18 22:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-04-05 16:33 - 2019-08-20 20:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-04-05 16:32 - 2019-03-18 22:35 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-04-05 16:26 - 2019-03-18 22:44 - 000000000 ____D C:\WINDOWS\INF
2020-04-05 16:19 - 2019-05-28 20:36 - 000000000 ____D C:\Users\Chrissy\AppData\Local\D3DSCache
2020-04-05 15:11 - 2019-01-08 11:14 - 000000000 ____D C:\ProgramData\Package Cache
2020-04-05 15:11 - 2013-02-28 09:04 - 000000000 ____D C:\Program Files\Intel
2020-04-05 14:36 - 2019-08-20 19:24 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-04-05 14:22 - 2019-08-20 20:01 - 000004162 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{B76945DF-72EF-4988-9332-2D50101B113A}
2020-04-05 14:07 - 2018-06-28 13:38 - 000000000 ____D C:\Users\Chrissy\AppData\Local\Adobe
2020-04-03 11:12 - 2018-01-14 23:59 - 000000000 ____D C:\Users\Chrissy\AppData\Local\Packages
2020-04-03 11:01 - 2016-03-07 13:43 - 000131584 _____ C:\Users\Chrissy\Desktop\Deposit Account.xls
2020-04-03 09:24 - 2012-12-29 09:16 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-03 08:56 - 2019-03-18 22:35 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-04-02 19:35 - 2020-01-30 10:05 - 000609128 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-04-02 19:26 - 2012-10-02 19:52 - 000000000 ____D C:\Users\Chrissy\AppData\Roaming\Dropbox
2020-04-02 15:17 - 2013-08-29 09:20 - 000000000 ___RD C:\Users\Chrissy\Dropbox
2020-04-02 13:35 - 2012-06-19 20:44 - 000000000 ____D C:\Users\Chrissy\AppData\Local\CutePDF Writer
2020-04-02 10:45 - 2019-03-18 22:46 - 000000000 ___HD C:\Program Files\WindowsApps
2020-03-27 12:15 - 2016-07-22 10:27 - 000000000 ____D C:\Users\Chrissy\AppData\Local\ElevatedDiagnostics
2020-03-25 21:03 - 2019-03-18 22:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-03-25 08:26 - 2018-02-24 21:56 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-03-23 08:23 - 2019-08-20 20:01 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2695042837-3831575686-1124767896-1000
2020-03-23 08:23 - 2019-08-20 19:36 - 000002421 _____ C:\Users\Chrissy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-03-23 08:23 - 2016-05-22 12:17 - 000000000 ___RD C:\Users\Chrissy\OneDrive
2020-03-20 19:12 - 2019-08-20 20:01 - 000003408 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-20 19:11 - 2019-08-20 20:01 - 000003284 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-03-20 19:01 - 2019-08-20 20:01 - 000004550 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-03-20 18:59 - 2019-01-08 11:55 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2020-03-20 18:59 - 2019-01-08 11:55 - 000002091 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2020-03-20 10:22 - 2019-10-01 19:41 - 000003506 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2020-03-18 14:54 - 2016-03-13 20:35 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-03-17 20:55 - 2019-08-20 19:36 - 000000000 ____D C:\Users\Chrissy
2020-03-16 01:16 - 2019-03-18 22:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-03-16 01:16 - 2019-03-18 22:46 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-03-15 21:31 - 2020-02-08 15:19 - 000000000 ____D C:\Users\Chrissy\Desktop\Home School
2020-03-15 17:48 - 2013-05-29 07:03 - 000000000 ____D C:\Users\Chrissy\Documents\Property Files
2020-03-15 12:52 - 2019-08-20 19:49 - 000950252 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-03-15 00:15 - 2018-01-15 00:25 - 000000000 ___RD C:\Users\Chrissy\3D Objects
2020-03-15 00:15 - 2016-02-13 08:21 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-03-15 00:14 - 2019-08-20 19:24 - 000490432 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-03-15 00:08 - 2019-03-18 22:46 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-03-15 00:08 - 2019-03-18 22:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-03-15 00:08 - 2019-03-18 22:46 - 000000000 ____D C:\WINDOWS\SystemResources
2020-03-15 00:08 - 2019-03-18 22:46 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-03-15 00:08 - 2019-03-18 22:46 - 000000000 ____D C:\WINDOWS\system32\setup
2020-03-15 00:08 - 2019-03-18 22:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-03-15 00:08 - 2019-03-18 22:46 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-03-15 00:08 - 2019-03-18 22:46 - 000000000 ____D C:\Program Files\Windows Defender
2020-03-15 00:08 - 2019-03-18 22:35 - 000000000 ____D C:\WINDOWS\servicing
2020-03-14 17:36 - 2013-07-12 06:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-03-14 17:29 - 2012-12-04 08:10 - 118379832 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-03-13 12:40 - 2019-03-18 22:46 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2020-03-13 12:36 - 2012-06-16 21:34 - 000000000 ____D C:\Program Files\Microsoft Office
==================== Files in the root of some directories ========
2013-05-14 13:55 - 2013-05-14 13:55 - 000033193 _____ () C:\Users\Chrissy\AppData\Roaming\UserTile.png
2017-12-14 16:33 - 2017-12-14 16:33 - 000004096 ____H () C:\Users\Chrissy\AppData\Local\keyfile3.drm
2019-01-08 11:09 - 2019-01-08 11:09 - 000000615 _____ () C:\Users\Chrissy\AppData\Local\oobelibMkey.log
2020-04-03 07:55 - 2020-04-03 07:55 - 000007605 _____ () C:\Users\Chrissy\AppData\Local\Resmon.ResmonCfg
2015-01-05 16:50 - 2015-01-05 16:50 - 000000000 _____ () C:\Users\Chrissy\AppData\Local\{F2E88783-AFFE-446F-B21E-F98399405CA3}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 05-04-2020
Ran by Chrissy (05-04-2020 19:11:00)
Running from C:\Users\Chrissy\Downloads
Microsoft Windows 10 Home Version 1909 18363.720 (X86) (2019-08-21 00:03:14)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2695042837-3831575686-1124767896-500 - Administrator - Disabled)
Chrissy (S-1-5-21-2695042837-3831575686-1124767896-1000 - Administrator - Enabled) => C:\Users\Chrissy
DefaultAccount (S-1-5-21-2695042837-3831575686-1124767896-503 - Limited - Disabled)
Guest (S-1-5-21-2695042837-3831575686-1124767896-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2695042837-3831575686-1124767896-1002 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-2695042837-3831575686-1124767896-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 4.65 (HKLM\...\7-Zip) (Version: - )
Adobe Acrobat DC (HKLM\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.7.0.19530 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.0.626 - Adobe Systems, Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.0.19 - Canon Inc.)
Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version: 1.2.0.18 - Canon Inc.)
Canon MB2700 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MB2700_series) (Version: 1.02 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.1.2101 - CDBurnerXP)
Cisco WebEx Meetings (HKLM\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Combined Community Codec Pack 2009-09-09 (HKLM\...\Combined Community Codec Pack_is1) (Version: 2009.09.09.0 - CCCP Project)
Crystal Reports 2008 Runtime SP1 (HKLM\...\{C484CC8D-03CF-4022-89C4-DB4F02E8A15B}) (Version: 12.1.0.882 - Business Objects)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: - )
Dot4 (HKLM\...\{FF359AAB-AA6A-449F-B75F-21201CD86495}) (Version: 1.0.0.0 - HP)
Dropbox (HKU\S-1-5-21-2695042837-3831575686-1124767896-1000\...\Dropbox) (Version: 94.4.384 - Dropbox, Inc.)
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version: - )
Google Chrome (HKLM\...\Google Chrome) (Version: 80.0.3987.163 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GoTo Opener (HKLM\...\{665DF231-32BE-46BA-ABD2-B0D69F8314FF}) (Version: 1.0.494 - LogMeIn, Inc.)
GoToMeeting 8.41.0.12127 (HKU\S-1-5-21-2695042837-3831575686-1124767896-1000\...\GoToMeeting) (Version: 8.41.0.12127 - LogMeIn, Inc.)
HP Officejet Pro 8500 A910 Basic Device Software (HKLM\...\{14BEBF02-A501-4A68-ABEB-286CCB28AE9F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Support Solutions Framework (HKLM\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
ImageMixer3 (HKLM\...\{AB19A235-66D4-47F7-9904-BAF84ED25BB6}) (Version: 3.00.005 - PIXELA)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Juniper Networks Host Checker (HKU\S-1-5-21-2695042837-3831575686-1124767896-1000\...\Neoteris_Host_Checker) (Version: 7.4.0.31481 - Juniper Networks)
Juniper Networks, Inc. Setup Client (HKU\S-1-5-21-2695042837-3831575686-1124767896-1000\...\Juniper_Setup_Client) (Version: 7.4.11.47145 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Juniper Terminal Services Client (HKU\S-1-5-21-2695042837-3831575686-1124767896-1000\...\Juniper_Term_Services) (Version: 7.4.0.31481 - Juniper Networks)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.15 - Lenovo)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.12527.20278 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2695042837-3831575686-1124767896-1000\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
MyLiveChat (HKU\S-1-5-21-2695042837-3831575686-1124767896-1000\...\4435c09f5cdefce5) (Version: 1.0.2.51 - MyLiveChat)
NETGEAR WG111v3 wireless USB 2.0 adapter (HKLM\...\{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}) (Version: 1.01.10 - NETGEAR) Hidden
NETGEAR WG111v3 wireless USB 2.0 adapter (HKLM\...\InstallShield_{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}) (Version: 1.01.10 - NETGEAR)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-0000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
Peachtree Accounting 2012 (HKLM\...\{B4FDAA4D-37BD-4DF4-8531-B4F7ABC74E62}) (Version: 19.00.00 - Sage Software, Inc.) Hidden
Peachtree Accounting 2012 (HKLM\...\InstallShield_{B4FDAA4D-37BD-4DF4-8531-B4F7ABC74E62}) (Version: 19.00.00 - Sage Software, Inc.)
Peachtree Signature Ready Forms (HKLM\...\{BA1EF4A7-AB67-492B-9C7D-4AEE43F5A3C6}) (Version: 6.14.24 - Sage Software SB, Inc.) Hidden
Pervasive PSQL v10 SP2 Workgroup (32-bit) (HKLM\...\{0A3238D7-AB32-1010-B717-F3E3F18B4A8C}) (Version: 10.20.034 - Pervasive Software) Hidden
Pervasive PSQL v10 SP2 Workgroup (32-bit) (HKLM\...\Pervasive PSQL v10 SP2 Workgroup (32-bit)) (Version: 10.10.126 - Pervasive Software)
PHOTOfunSTUDIO -viewer- (HKLM\...\{9A9DBEBC-C800-4776-A970-D76D6AA405B1}) (Version: 1.00.000 - )
Sage Integration Services (HKLM\...\Integration Services) (Version: 2.2.2240 - Sage Technology)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.7 - )
Universal Document Converter Server Edition (HKLM\...\Universal Document Converter_is1) (Version: 5.5 - fCoder Group, Inc.)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
Windows 10 Update and Privacy Settings (HKLM\...\{542CC2C2-ABAF-4604-8723-DA296AF74540}) (Version: 1.0.14.0 - Microsoft Corporation)
Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-01-08] (Adobe Systems Incorporated)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.165.800.0_x86__kgqvnymyfvs32 [2020-04-02] (king.com)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_110.1.671.0_x86__v10z8vjag6ke6 [2020-02-05] (HP Inc.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_4.27.32.0_x86__k1h2ywk1493x8 [2019-03-26] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x86__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.1224.0_x86__8wekyb3d8bbwe [2020-01-31] (Microsoft Studios) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x86__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x86__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x86__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x86__8wekyb3d8bbwe [2020-01-12] (Microsoft Corporation)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-01-08] (Adobe Systems Incorporated)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.129.592.0_x86__zpdnekdrzrea0 [2020-04-01] (Spotify AB) [Startup Task]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-10] (Twitter Inc.)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x86__8wekyb3d8bbwe [2016-05-24] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2695042837-3831575686-1124767896-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Chrissy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2695042837-3831575686-1124767896-1000_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-E4A4737B4AD9} -> [Creative Cloud Files] => C:\Users\Chrissy\Creative Cloud Files [2019-01-08 12:13]
CustomCLSID: HKU\S-1-5-21-2695042837-3831575686-1124767896-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\Chrissy\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2695042837-3831575686-1124767896-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Chrissy\AppData\Local\GoToMeeting\12127\G2MOutlookAddin.dll (LogMeIn, Inc. -> LogMeIn, Inc.)
CustomCLSID: HKU\S-1-5-21-2695042837-3831575686-1124767896-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\Chrissy\AppData\Local\Dropbox\Update\1.3.295.1\DropboxUpdateOnDemand.exe (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2695042837-3831575686-1124767896-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\Chrissy\AppData\Local\Dropbox\Update\1.3.295.1\DropboxUpdateOnDemand.exe (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2695042837-3831575686-1124767896-1000_Classes\CLSID\{A659F7AF-C6B4-40FD-BF17-35CED2DA8C8B}\InprocServer32 -> C:\Users\Chrissy\AppData\Local\Dropbox\Update\1.3.295.1\psuser.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2695042837-3831575686-1124767896-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\Chrissy\AppData\Local\Dropbox\Update\1.3.295.1\DropboxUpdateOnDemand.exe (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2695042837-3831575686-1124767896-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\Chrissy\AppData\Local\Dropbox\Update\1.3.295.1\DropboxUpdateOnDemand.exe (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2695042837-3831575686-1124767896-1000_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Chrissy\Dropbox [2013-08-29 09:20]
CustomCLSID: HKU\S-1-5-21-2695042837-3831575686-1124767896-1000_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1B} -> [dropbox-NamespaceExtensionRole.Business] => 0
CustomCLSID: HKU\S-1-5-21-2695042837-3831575686-1124767896-1000_Classes\CLSID\{E7A37920-253C-4FF1-B169-298A7CE6CAA9}\localserver32 -> C:\Users\Chrissy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2695042837-3831575686-1124767896-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Chrissy\AppData\Roaming\Dropbox\bin\DropboxExt.37.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2695042837-3831575686-1124767896-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chrissy\AppData\Roaming\Dropbox\bin\DropboxExt.37.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2695042837-3831575686-1124767896-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chrissy\AppData\Roaming\Dropbox\bin\DropboxExt.37.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2695042837-3831575686-1124767896-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chrissy\AppData\Roaming\Dropbox\bin\DropboxExt.37.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2695042837-3831575686-1124767896-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chrissy\AppData\Roaming\Dropbox\bin\DropboxExt.37.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2695042837-3831575686-1124767896-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chrissy\AppData\Roaming\Dropbox\bin\DropboxExt.37.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2695042837-3831575686-1124767896-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chrissy\AppData\Roaming\Dropbox\bin\DropboxExt.37.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2695042837-3831575686-1124767896-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chrissy\AppData\Roaming\Dropbox\bin\DropboxExt.37.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2695042837-3831575686-1124767896-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chrissy\AppData\Roaming\Dropbox\bin\DropboxExt.37.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2695042837-3831575686-1124767896-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chrissy\AppData\Roaming\Dropbox\bin\DropboxExt.37.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2695042837-3831575686-1124767896-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chrissy\AppData\Roaming\Dropbox\bin\DropboxExt.37.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2695042837-3831575686-1124767896-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Chrissy\AppData\Roaming\Dropbox\bin\DropboxExt.37.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2695042837-3831575686-1124767896-1000_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\Chrissy\AppData\Local\Dropbox\Update\1.3.295.1\psuser.dll (Dropbox, Inc -> Dropbox, Inc.)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-07] (SUPERAntiSpyware.com -> SuperAdBlocker.com)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files\Common Files\Adobe\CoreSyncExtension\CoreSync_x86.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files\Common Files\Adobe\CoreSyncExtension\CoreSync_x86.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files\Common Files\Adobe\CoreSyncExtension\CoreSync_x86.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chrissy\AppData\Roaming\Dropbox\bin\DropboxExt.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chrissy\AppData\Roaming\Dropbox\bin\DropboxExt.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chrissy\AppData\Roaming\Dropbox\bin\DropboxExt.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chrissy\AppData\Roaming\Dropbox\bin\DropboxExt.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chrissy\AppData\Roaming\Dropbox\bin\DropboxExt.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chrissy\AppData\Roaming\Dropbox\bin\DropboxExt.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chrissy\AppData\Roaming\Dropbox\bin\DropboxExt.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chrissy\AppData\Roaming\Dropbox\bin\DropboxExt.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2009-02-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files\Common Files\Adobe\CoreSyncExtension\CoreSync_x86.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2009-02-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files\Common Files\Adobe\CoreSyncExtension\CoreSync_x86.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1_S-1-5-21-2695042837-3831575686-1124767896-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Chrissy\AppData\Roaming\Dropbox\bin\DropboxExt.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-2695042837-3831575686-1124767896-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Chrissy\AppData\Roaming\Dropbox\bin\DropboxExt.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-2695042837-3831575686-1124767896-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Chrissy\AppData\Roaming\Dropbox\bin\DropboxExt.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.ffds] => C:\Program Files\Combined Community Codec Pack\Filters\FFDShow\ff_vfw.dll [85504 2009-08-31] () [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
Shortcut: C:\Users\Chrissy\AppData\Roaming\Microsoft\Windows\Network Shortcuts\My Web Sites on MSN\target.lnk -> hxxp://www.msnusers.co
==================== Loaded Modules (Whitelisted) =============
2008-12-29 18:13 - 2008-12-29 18:13 - 000204800 _____ () [File not signed] C:\Program Files\NETGEAR\WG111v3\KJLog.dll
2009-03-04 10:52 - 2009-03-04 10:52 - 000372736 _____ () [File not signed] C:\Program Files\NETGEAR\WG111v3\WlanDll.dll
2020-02-22 16:22 - 2015-09-15 17:07 - 000318464 _____ (CANON INC) [File not signed] C:\Program Files\Canon\IJ Network Scanner Selector EX2\scchmpm.dll
2020-02-22 16:22 - 2015-09-01 19:11 - 000194560 _____ (CANON INC.) [File not signed] C:\Program Files\Canon\IJ Network Scanner Selector EX2\cnmpu2.dll
2020-02-22 16:22 - 2015-06-17 17:03 - 000008192 _____ (CANON INC.) [File not signed] C:\Program Files\Canon\IJ Network Scanner Selector EX2\CNS2_ENU.DLL
2020-02-22 16:22 - 2015-06-17 17:00 - 000104960 _____ (CANON INC.) [File not signed] C:\Program Files\Canon\IJ Network Scanner Selector EX2\CNS2_IMG.dll
2020-02-22 16:22 - 2015-05-26 10:44 - 000141312 _____ (CANON INC.) [File not signed] C:\Program Files\Canon\IJ Network Scanner Selector EX2\cnwidsd.dll
2000-09-13 06:00 - 2000-09-13 06:00 - 000032768 _____ (MK Systems CO.,LTD.) [File not signed] C:\WINDOWS\System32\Eplplx02.dll
2002-06-21 06:04 - 2002-06-21 06:04 - 000079872 _____ (MK Systems CO.,LTD.) [File not signed] C:\WINDOWS\System32\Eplpmx02.DLL
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 22:04 - 2009-06-10 17:39 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Pervasive Software\PSQL\bin\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2695042837-3831575686-1124767896-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Chrissy\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-2695042837-3831575686-1124767896-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2695042837-3831575686-1124767896-1000\...\StartupApproved\Run: => "SUPERAntiSpyware"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{1BAB5892-140F-448E-920D-980B907CDA14}] => (Allow) LPort=1583
FirewallRules: [{CEC8D2C1-73EC-4176-B212-86CB84605F07}] => (Allow) LPort=3351
FirewallRules: [{B40B6A1F-6E56-46D5-87A8-3164F2822D18}] => (Allow) C:\Program Files\Pervasive Software\PSQL\bin\w3dbsmgr.exe (Sage Software, Inc. -> Pervasive Software Inc.)
FirewallRules: [{D5403EC3-5302-42CD-9751-1AA5B7BD530A}] => (Allow) C:\Program Files\Pervasive Software\PSQL\bin\w3dbsmgr.exe (Sage Software, Inc. -> Pervasive Software Inc.)
FirewallRules: [{19A9C98F-E89D-4695-BA16-9E8CDF9F3B5D}] => (Allow) C:\Users\Chrissy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{BDA28771-F93B-49A8-BB37-C6111EDEB4D0}] => (Allow) C:\Users\Chrissy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{F03EAF5E-9ED5-464D-877F-2B7651EB52C9}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{FBBB15BA-FC5E-48C7-B479-FC66CE912062}C:\users\chrissy\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\chrissy\appdata\roaming\dropbox\bin\dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [UDP Query User{488A720B-0B63-484E-8041-DB4316130A24}C:\users\chrissy\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\chrissy\appdata\roaming\dropbox\bin\dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{A6FFDB5E-895B-4F4F-AF06-1599D39FB79D}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{61D242F6-5AFA-41A5-800A-6563F7A1AD6C}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{74C50345-F115-45F2-9410-D8B966F7E59F}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{C70921FE-350A-4959-B15E-6323B6FAA85F}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{BF853CAC-7579-42C7-92AF-7DA1CD7B0B6C}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{30D8FD6B-0D55-4237-9756-AEF39C802444}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{FA6BC2F3-4EFE-4127-8FF7-368D3C0EBB61}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2C20420E-2235-4D99-A88C-759DC700D767}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.129.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{210096C6-93D6-4E54-A7B0-7E7153E240E2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.129.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{888CBAEF-12F6-413A-B65D-97BF769D993C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.129.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B4B0D6DF-3A45-4F82-9AFF-725ACFCA568F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.129.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0EF65287-2BFF-42CC-B0FB-F66780DF9984}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.129.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{229AFFC1-8D89-4D26-8CD5-80E7473342CE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.129.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1BC5E894-1004-4AAE-98AF-F3F23C15E851}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.129.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D35FD8D4-6406-435B-A61D-A7A4E3D7EBB2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.129.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5B6395E8-5A38-4ADC-9586-9EB15E908ACD}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
23-03-2020 10:48:11 Scheduled Checkpoint
02-04-2020 09:47:43 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/05/2020 07:02:43 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8388,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/05/2020 05:10:32 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6616,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/05/2020 04:43:54 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4168,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/05/2020 04:35:52 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: Chrissy-PC)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
Error: (04/05/2020 04:31:16 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: NT AUTHORITY)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
Error: (04/05/2020 04:28:38 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (04/05/2020 04:28:38 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (04/05/2020 04:26:11 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: Chrissy-PC)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
System errors:
=============
Error: (04/05/2020 06:35:15 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (04/05/2020 04:32:52 PM) (Source: DCOM) (EventID: 10005) (User: Chrissy-PC)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (04/05/2020 04:32:35 PM) (Source: DCOM) (EventID: 10005) (User: Chrissy-PC)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (04/05/2020 04:32:08 PM) (Source: DCOM) (EventID: 10005) (User: Chrissy-PC)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (04/05/2020 04:32:08 PM) (Source: DCOM) (EventID: 10005) (User: Chrissy-PC)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{9E175B6D-F52A-11D8-B9A5-505054503030}
Error: (04/05/2020 04:32:02 PM) (Source: DCOM) (EventID: 10005) (User: Chrissy-PC)
Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server:
{4991D34B-80A1-4291-83B6-3328366B9097}
Error: (04/05/2020 04:32:01 PM) (Source: DCOM) (EventID: 10005) (User: Chrissy-PC)
Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server:
{4991D34B-80A1-4291-83B6-3328366B9097}
Error: (04/05/2020 04:32:01 PM) (Source: DCOM) (EventID: 10005) (User: Chrissy-PC)
Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server:
{4991D34B-80A1-4291-83B6-3328366B9097}
Windows Defender:
===================================
Date: 2020-04-05 16:32:11.089
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft...72&enterprise=0
Name: Trojan:Win32/Wacatac.C!ml
ID: 2147749372
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Chrissy\Downloads\FRST.exe; webfile:_C:\Users\Chrissy\Downloads\FRST.exe|http://www.geekstogo...305922517181381
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Security intelligence Version: AV: 1.313.839.0, AS: 1.313.839.0, NIS: 1.313.839.0
Engine Version: AM: 1.1.16900.4, NIS: 1.1.16900.4
Date: 2020-04-05 16:03:36.703
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft...72&enterprise=0
Name: Trojan:Win32/Wacatac.C!ml
ID: 2147749372
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Chrissy\Downloads\FRST.exe; webfile:_C:\Users\Chrissy\Downloads\FRST.exe|https://download.ble...305877243129930
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Security intelligence Version: AV: 1.313.839.0, AS: 1.313.839.0, NIS: 1.313.839.0
Engine Version: AM: 1.1.16900.4, NIS: 1.1.16900.4
Date: 2020-04-05 15:52:23.613
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft...72&enterprise=0
Name: Trojan:Win32/Wacatac.C!ml
ID: 2147749372
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Chrissy\Downloads\FRST.exe; webfile:_C:\Users\Chrissy\Downloads\FRST.exe|http://www.geekstogo...305877243129930
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Security intelligence Version: AV: 1.313.839.0, AS: 1.313.839.0, NIS: 1.313.839.0
Engine Version: AM: 1.1.16900.4, NIS: 1.1.16900.4
Date: 2020-04-05 15:49:34.535
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft...72&enterprise=0
Name: Trojan:Win32/Wacatac.C!ml
ID: 2147749372
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Chrissy\Downloads\FRST.exe; webfile:_C:\Users\Chrissy\Downloads\FRST.exe|http://www.geekstogo...305877243129930
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Security intelligence Version: AV: 1.313.839.0, AS: 1.313.839.0, NIS: 1.313.839.0
Engine Version: AM: 1.1.16900.4, NIS: 1.1.16900.4
Date: 2020-04-05 15:48:59.069
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft...72&enterprise=0
Name: Trojan:Win32/Wacatac.C!ml
ID: 2147749372
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Chrissy\Downloads\FRST.exe; webfile:_C:\Users\Chrissy\Downloads\FRST.exe|http://www.geekstogo...305877243129930
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Security intelligence Version: AV: 1.313.839.0, AS: 1.313.839.0, NIS: 1.313.839.0
Engine Version: AM: 1.1.16900.4, NIS: 1.1.16900.4
Date: 2020-04-05 16:29:49.248
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
Date: 2020-04-03 09:02:40.642
Description:
Windows Defender Antivirus has encountered an error trying to load security intelligence and will attempt reverting back to a known-good version.
Security intelligence Attempted: Backup
Error Code: 0x80004004
Error description: Operation aborted
Security intelligence version: 1.313.642.0;1.313.642.0
Engine version: 1.1.16900.4
Date: 2020-04-03 09:02:38.264
Description:
Windows Defender Antivirus has encountered an error trying to load security intelligence and will attempt reverting back to a known-good version.
Security intelligence Attempted: Current
Error Code: 0x80004004
Error description: Operation aborted
Security intelligence version: 1.313.680.0;1.313.680.0
Engine version: 1.1.16900.4
Date: 2020-03-23 07:56:42.073
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.311.1615.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16900.4
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2020-03-15 00:33:03.862
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.311.1231.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16800.2
Error code: 0x80070102
Error description: The wait operation timed out.
CodeIntegrity:
===================================
Date: 2020-04-05 16:35:45.807
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.
Date: 2020-04-05 16:25:28.501
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.
Date: 2020-04-05 14:55:31.648
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.
Date: 2020-04-03 17:33:31.833
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2020-04-03 17:33:31.704
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2020-04-03 17:33:31.609
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2020-04-03 17:33:31.070
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2020-04-03 17:33:30.982
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO 7UET79WW (3.09 ) 10/13/2009
Motherboard: LENOVO 7439W6R
Processor: Intel® Core2 Duo CPU P8600 @ 2.40GHz
Percentage of memory in use: 86%
Total physical RAM: 1944.02 MB
Available physical RAM: 260.13 MB
Total Virtual: 4760.02 MB
Available Virtual: 1639.94 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:148.35 GB) (Free:62.13 GB) NTFS
\\?\Volume{73b17344-af71-11e1-a62f-806e6f6e6963}\ (System) (Fixed) (Total:0.2 GB) (Free:0.15 GB) NTFS
\\?\Volume{8d91f07f-0000-0000-0000-402325000000}\ () (Fixed) (Total:0.5 GB) (Free:0.15 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 149.1 GB) (Disk ID: 8D91F07F)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=148.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=510 MB) - (Type=27)
==================== End of Addition.txt =======================
Thanks and have a wonderful week ahead.
-Doug