Oh, thank you so much for replying :-)
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-02-2021
Ran by lucil (administrator) on LAPTOP-SC4SBHDD (LENOVO 81LY) (05-02-2021 10:35:31)
Running from C:\Users\lucil\Downloads
Loaded Profiles: lucil
Platform: Windows 10 Home Version 1909 18363.1316 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amddvr.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository͔259.inf_amd64_9c1fcd1df26ce806\B354183\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository͔259.inf_amd64_9c1fcd1df26ce806\B354183\atiesrxx.exe
(CYBERLINKCOM CORPORATION) C:\Program Files\WindowsApps\CyberLinkCorp.th.Power2GoforLenovo_8.0.11322.0_x86__m916jedk64snt\Power2Go8\CLMLSvc_P2G8.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~2.INF\DAX3API.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_925ded1d9428eaee\DAX3API.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrlHelper.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDTouch.exe
(eRAD, Inc. -> eRAD, Inc.) C:\Program Files\PracticeBuilder\pbuilder.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <47>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\Lenovo.Vantage.AddinHost.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.2.1.0_x64__5grkq8ppsgwt4\VFS\ProgramFilesX64\Lenovo\LenovoUtility\utility.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\lucil\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.331.288.0.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.13530.20440.0_x86__8wekyb3d8bbwe\Office16\SDXHelperBgt.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CredentialUIBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MpCmdRun.exe <2>
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Softland S.R.L. -> Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe
(Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Users\lucil\AppData\Roaming\Zoom\bin\Zoom.exe <2>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1086248 2020-05-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-3832506118-1344407595-661541514-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3411232 2020-12-20] (Valve -> Valve Corporation)
HKLM\...\Windows x64\Print Processors\Canon MX880 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAN.DLL [29696 2010-10-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor MX880 series: C:\WINDOWS\system32\CNCALAN.DLL [302080 2010-11-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MX880 series: C:\WINDOWS\system32\CNMLMAN.DLL [374784 2010-10-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\novaPDF Port Monitor: C:\WINDOWS\system32\novamn8.dll [18944 2015-02-27] (Softland) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.146\Installer\chrmstp.exe [2021-02-05] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\eRAD PACS Viewer.lnk [2020-12-04]
ShortcutTarget: eRAD PACS Viewer.lnk -> C:\Windows\Installer\{DC3738E0-E464-4613-A012-8A46C7038F94}\pbuilder.ico () [File not signed]
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {021430FA-2E7C-4878-AD7A-8007AB71068D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {14C8E688-ED06-402D-B7F9-CFED09290CDA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1F777A02-814B-4CCC-A4EB-4170280497E2} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {41298F78-D33F-4C4A-8BF3-CADA083C10E5} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe [63880 2019-01-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {5512CCF0-8870-4A89-B977-5199D23F1237} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-10-09] (Google Inc -> Google LLC)
Task: {5E12C5A6-CFD7-4C70-B3A4-8782A24219B9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-10-09] (Google Inc -> Google LLC)
Task: {5F2198F7-D1E3-4452-83C5-3C6B7D29E5A3} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\923a29f3-869b-4fe5-af3d-e5123c321365 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81840 2021-01-11] (Lenovo -> Lenovo Group Ltd.)
Task: {6993957F-79AC-4AC6-A420-01FD17229899} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\0befa231-dd0f-4e5e-b51f-42a50540521a => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81840 2021-01-11] (Lenovo -> Lenovo Group Ltd.)
Task: {6C3CCA32-602F-45F7-833B-DF46441D4D6F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\eb57a4b6-2854-472a-8772-0926c6ca809f => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81840 2021-01-11] (Lenovo -> Lenovo Group Ltd.)
Task: {7EABDE7E-1B4D-4885-B4E5-EC8C3FD8E8BA} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\7cb7ae2b-2cdc-4b9e-9bf1-8c483f9d69cd => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81840 2021-01-11] (Lenovo -> Lenovo Group Ltd.)
Task: {84DCAD92-F2DE-4130-AF8C-8C8045EDE37E} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [49032 2019-01-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {A6BE6735-77F0-4CD8-B461-3E56F230ACF6} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\ScheduleEventAction.exe [24368 2020-12-29] (Lenovo -> Lenovo Group Ltd.)
Task: {AE50BA22-491D-4A9D-9E68-0F6D65679F02} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [61872 2021-01-11] (Lenovo -> Lenovo Group Ltd.)
Task: {B281DA86-5FC8-49BB-B8BD-3E80197C5311} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [144280 2020-12-29] (Lenovo -> Lenovo Group Ltd.)
Task: {B5C9BA5A-D009-4D04-9CA1-7C393DEACD0E} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {D5D5C6B4-FBA9-4804-8626-188DB4338752} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E2DA7683-9CF9-4FFB-9170-BDE72812BB5E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E456A202-F03F-41E2-B046-CF2C67F4A337} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {F7384048-335F-4D39-A369-6B6887001D9C} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{05a60f97-1092-43d4-9966-dace830789d1}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{0ecf6b23-2624-4ea6-a0dc-8b53a584f5db}: [DhcpNameServer] 192.168.1.254
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\lucil\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-04]
FireFox:
========
FF Plugin HKU\S-1-5-21-3832506118-1344407595-661541514-1001: @ringcentral.com/RingCentralMeetingsPlugin -> C:\Users\lucil\AppData\Roaming\RingCentralMeetings\bin\nprcmsplugin.dll [2021-02-03] (RingCentral, Inc. -> RingCentral Video Communications, Inc. and RingCentral Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\lucil\AppData\Local\Google\Chrome\User Data\Default [2021-02-05]
CHR Notifications: Default -> hxxps://bathtrendsusa.com; hxxps://chatsupport.apple.com; hxxps://meet.google.com; hxxps://www.cleverism.com; hxxps://www.evernote.com; hxxps://www.facebook.com; hxxps://www.palmbeachpost.com; hxxps://www.youtube.com
CHR StartupUrls: Default -> "hxxps://mail.google.com/mail/u/0/#inbox","hxxps://mail.google.com/mail/u/3/#inbox","hxxps://mail.google.com/mail/u/1/","hxxps://mail.google.com/mail/u/2/","hxxps://www.facebook.com/"
CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> duckduckgo.com
CHR DefaultNewTabURL: Default -> hxxps://duckduckgo.com/chrome_newtab
CHR DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
CHR Extension: (Slides) - C:\Users\lucil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-10-09]
CHR Extension: (Docs) - C:\Users\lucil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-10-09]
CHR Extension: (Google Drive) - C:\Users\lucil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-31]
CHR Extension: (YouTube) - C:\Users\lucil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-10-09]
CHR Extension: (Sheets) - C:\Users\lucil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-10-09]
CHR Extension: (Google Docs Offline) - C:\Users\lucil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\lucil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\lucil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-31]
CHR Extension: (Chrome Media Router) - C:\Users\lucil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-01]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_925ded1d9428eaee\DAX3API.exe [2205144 2020-12-22] (Dolby Laboratories, Inc. -> Dolby Laboratories)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [359808 2019-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81840 2021-01-11] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\LenovoVantageService.exe [29488 2020-12-29] (Lenovo -> Lenovo Group Ltd.)
S3 McSecDashboardService; C:\Program Files\McAfeeDashboard\McSecDashboardService.exe [1270536 2019-02-26] (McAfee, Inc. -> McAfee, Inc.)
R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [35616 2015-02-27] (Softland S.R.L. -> Microsoft)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZoomCptService; "C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe" -user_path "C:\Users\lucil\AppData\Roaming\Zoom"
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 SnapCameraVirtualDevice; C:\WINDOWS\System32\drivers\SnapCameraVirtualDevice.sys [2800232 2020-10-12] (Snap Inc. -> Windows ® Win 7 DDK provider)
S3 TDKLIB; c:\windows\TempInst\TdkLib64.sys [37288 2021-02-02] (Phoenix Technologies Ltd. -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-05 10:35 - 2021-02-05 10:37 - 000018109 _____ C:\Users\lucil\Downloads\FRST.txt
2021-02-05 10:34 - 2021-02-05 10:36 - 000000000 ____D C:\FRST
2021-02-05 10:33 - 2021-02-05 10:33 - 002297856 _____ (Farbar) C:\Users\lucil\Downloads\Unconfirmed 658216.crdownload
2021-02-05 10:33 - 2021-02-05 10:33 - 002297856 _____ (Farbar) C:\Users\lucil\Downloads\FRST64.exe
2021-02-03 16:53 - 2021-02-03 16:53 - 010795629 _____ C:\Users\lucil\Downloads\725732_10151361070587123_1692956683_n.mp4
2021-02-03 11:05 - 2021-02-03 11:05 - 000002200 _____ C:\Users\lucil\Desktop\RingCentral Meetings.lnk
2021-02-03 11:05 - 2021-02-03 11:05 - 000000000 ____D C:\Users\lucil\AppData\Roaming\RingCentralMeetings
2021-02-03 11:05 - 2021-02-03 11:05 - 000000000 ____D C:\Users\lucil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RingCentral Meetings
2021-02-02 12:55 - 2021-02-02 12:55 - 000000080 ___SH C:\bootTel.dat
2021-02-02 09:28 - 2021-02-02 09:28 - 000000000 _____ C:\Users\lucil\sfc
2021-02-01 16:39 - 2021-02-01 16:39 - 000040714 _____ C:\Users\lucil\Downloads\Conversation_Starters.pdf
2021-02-01 16:04 - 2021-02-01 16:04 - 000639657 _____ C:\Users\lucil\Downloads\Paycheck Protection Program.pdf
2021-02-01 15:57 - 2021-02-01 15:57 - 000000000 _____ C:\Users\lucil\Downloads\OF FLORIDA (2).pdf
2021-02-01 09:17 - 2021-02-01 09:17 - 000058028 _____ C:\Users\lucil\Downloads\ResumeStevenMezidor.pdf
2021-01-29 16:44 - 2021-01-29 16:44 - 002258782 _____ C:\Users\lucil\Downloads\OF FLORIDA (1).pdf
2021-01-29 16:01 - 2021-01-29 16:01 - 000000000 _____ C:\Users\lucil\Downloads\OF FLORIDA.pdf
2021-01-29 15:59 - 2021-01-29 15:59 - 000690637 _____ C:\Users\lucil\Downloads\Legacy Secure Portal - Cusotmer Guide.pdf
2021-01-29 09:48 - 2021-01-29 09:48 - 000049771 _____ C:\Users\lucil\Downloads\Corp docs (1).pdf
2021-01-29 08:47 - 2021-01-29 08:47 - 003440962 _____ C:\Users\lucil\Downloads\updated_folder.pdf
2021-01-28 13:45 - 2021-01-28 13:45 - 000082572 _____ C:\Users\lucil\Downloads\EFAX Corp.pdf
2021-01-28 13:19 - 2021-01-28 13:19 - 000130842 _____ C:\Users\lucil\Downloads\LOA.pdf
2021-01-28 08:48 - 2021-01-28 08:48 - 000057354 _____ C:\Users\lucil\Downloads\Week_4_Templates_Cheatsheet (1).pdf
2021-01-27 18:04 - 2021-01-29 08:51 - 000010968 _____ C:\Users\lucil\Documents\Statements.xlsx
2021-01-26 11:37 - 2021-01-26 11:37 - 001459480 _____ C:\Users\lucil\Downloads\application.pdf
2021-01-26 11:31 - 2021-01-26 11:31 - 001030226 _____ C:\Users\lucil\Downloads\folder.pdf
2021-01-25 17:30 - 2021-01-25 17:30 - 000086408 _____ C:\Users\lucil\Downloads\EZBIS.ScreenConnect.Client (6).exe
2021-01-25 16:18 - 2021-01-25 16:18 - 000014887 _____ C:\Users\lucil\Downloads\463771934.597662782.20210108.pdf
2021-01-25 16:17 - 2021-01-25 16:17 - 000018371 _____ C:\Users\lucil\Downloads\21007003037.pdf
2021-01-25 11:23 - 2021-01-25 11:23 - 000026496 _____ C:\Users\lucil\Downloads\INITIAL_CHECKLIST.pdf
2021-01-21 11:40 - 2021-01-21 11:40 - 000128546 _____ C:\Users\lucil\Downloads\Lisa Martz Resume Jan
2021-01-21 09:32 - 2021-01-21 09:32 - 000378666 _____ C:\Users\lucil\Downloads\2017-06_Visitor Host Team Manual.pdf
2021-01-21 08:34 - 2021-01-21 08:34 - 000013994 _____ C:\Users\lucil\Downloads\Chapter_Visitor_Registration_Report_01-21-2021_8-34_AM.xls
2021-01-20 15:55 - 2021-01-20 15:55 - 000093846 _____ C:\Users\lucil\Downloads\Hubspot_Setup_Cheatsheet.pdf
2021-01-20 12:36 - 2021-01-20 12:36 - 000057354 _____ C:\Users\lucil\Downloads\Week_4_Templates_Cheatsheet.pdf
2021-01-18 14:32 - 2021-01-18 14:32 - 000073313 _____ C:\Users\lucil\Downloads\How_to_Set_Up_Indeed_Ad_Cheatsheet.pdf
2021-01-18 09:23 - 2021-01-18 09:23 - 000094133 _____ C:\Users\lucil\Downloads\Organic_Outreach_Message_Process1.pdf
2021-01-15 11:11 - 2021-01-15 11:11 - 000526217 _____ C:\Users\lucil\Downloads\Details for Reference Number_ 21015000569.pdf
2021-01-15 10:20 - 2021-01-15 10:20 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-15 10:20 - 2021-01-15 10:20 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-15 10:20 - 2021-01-15 10:20 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-15 10:20 - 2021-01-15 10:20 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-15 10:20 - 2021-01-15 10:20 - 000094720 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-15 10:20 - 2021-01-15 10:20 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-15 10:19 - 2021-01-15 10:19 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-15 10:19 - 2021-01-15 10:19 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-15 10:19 - 2021-01-15 10:19 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-15 10:19 - 2021-01-15 10:19 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-15 10:19 - 2021-01-15 10:19 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-15 10:19 - 2021-01-15 10:19 - 000053248 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-15 10:18 - 2021-01-15 10:18 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-15 10:18 - 2021-01-15 10:18 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-15 10:18 - 2021-01-15 10:18 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-15 10:18 - 2021-01-15 10:18 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-15 10:18 - 2021-01-15 10:18 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-15 10:17 - 2021-01-15 10:17 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-15 10:17 - 2021-01-15 10:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-01-15 10:17 - 2021-01-15 10:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-01-15 10:17 - 2021-01-15 10:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-01-15 10:17 - 2021-01-15 10:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-01-15 10:17 - 2021-01-15 10:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-01-15 10:17 - 2021-01-15 10:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-01-15 10:17 - 2021-01-15 10:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-01-15 10:17 - 2021-01-15 10:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-01-15 10:17 - 2021-01-15 10:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2021-01-15 10:17 - 2021-01-15 10:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2021-01-15 10:17 - 2021-01-15 10:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2021-01-15 10:17 - 2021-01-15 10:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2021-01-15 10:17 - 2021-01-15 10:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-01-15 10:17 - 2021-01-15 10:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-01-15 10:17 - 2021-01-15 10:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-01-15 10:17 - 2021-01-15 10:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2021-01-15 10:16 - 2021-01-15 10:16 - 001101312 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-15 10:16 - 2021-01-15 10:16 - 000458240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-15 10:16 - 2021-01-15 10:16 - 000208384 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-15 10:15 - 2021-01-15 10:15 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-15 10:14 - 2021-01-15 10:14 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-15 10:14 - 2021-01-15 10:14 - 000331264 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-15 10:13 - 2021-01-15 10:13 - 002590720 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-15 10:13 - 2021-01-15 10:13 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-15 10:13 - 2021-01-15 10:13 - 000186368 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-15 10:12 - 2021-01-15 10:12 - 000549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-15 10:11 - 2021-01-15 10:11 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-15 10:11 - 2021-01-15 10:11 - 000266752 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-15 10:10 - 2021-01-15 10:10 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-15 10:10 - 2021-01-15 10:10 - 000164864 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-15 10:09 - 2021-01-15 10:09 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-15 10:09 - 2021-01-15 10:09 - 000453632 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-15 10:09 - 2021-01-15 10:09 - 000061440 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-13 14:31 - 2021-01-13 14:31 - 007095620 _____ C:\Users\lucil\Downloads\9_x_12.zip
2021-01-12 13:30 - 2021-01-12 13:30 - 002075980 _____ C:\Users\lucil\Downloads\CV_redacted.pdf
2021-01-11 10:41 - 2021-01-11 10:41 - 000000000 _____ C:\Users\lucil\Downloads\Cannella Legal.pdf
2021-01-08 12:50 - 2021-01-08 12:50 - 000036341 _____ C:\Users\lucil\Downloads\RPMworksheet (1).pdf
2021-01-08 12:39 - 2021-01-08 12:39 - 000036341 _____ C:\Users\lucil\Downloads\RPMworksheet.pdf
2021-01-07 08:08 - 2021-01-07 08:09 - 032506535 _____ C:\Users\lucil\Downloads\BNI Chapter Meeting Agenda (6).pptx
2021-01-06 15:56 - 2021-01-06 15:56 - 000000000 ____D C:\Users\Public\CyberLink
2021-01-06 15:35 - 2021-01-06 15:35 - 000086408 _____ C:\Users\lucil\Downloads\EZBIS.ScreenConnect.Client (5).exe
2021-01-06 15:24 - 2021-01-06 15:24 - 000207623 _____ C:\Users\lucil\Downloads\Partnership Tracking Sheet - Dr. Huffman.xlsx
2021-01-06 14:01 - 2021-01-06 14:01 - 000086408 _____ C:\Users\lucil\Downloads\EZBIS.ScreenConnect.Client (4).exe
2021-01-06 10:27 - 2021-01-06 10:27 - 000086408 _____ C:\Users\lucil\Downloads\EZBIS.ScreenConnect.Client (3).exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-05 10:29 - 2019-03-18 23:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-05 09:41 - 2020-03-28 11:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-05 09:03 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-05 08:31 - 2019-10-09 14:33 - 000000000 ___RD C:\Users\lucil\Documents\BNI
2021-02-05 08:23 - 2019-10-09 11:21 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-05 08:23 - 2019-10-09 11:21 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-02-05 08:23 - 2019-10-09 11:21 - 000002267 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-02-05 08:13 - 2020-11-20 08:42 - 000004166 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{1C484CF8-7E9F-49B7-89C8-AC1A017DE72F}
2021-02-03 18:30 - 2019-10-09 13:07 - 000007778 _____ C:\Users\lucil\AppData\Roaming\EZUser.ini
2021-02-03 17:39 - 2020-09-11 15:19 - 000000000 ____D C:\opal
2021-02-03 13:22 - 2019-03-18 23:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-03 11:05 - 2019-10-10 02:23 - 000000000 ____D C:\Users\lucil\AppData\Local\D3DSCache
2021-02-02 13:09 - 2019-07-06 01:10 - 000000000 ____D C:\WINDOWS\system32\dolbyaposvc
2021-02-02 13:09 - 2019-03-18 23:50 - 000000000 ____D C:\WINDOWS\INF
2021-02-02 12:58 - 2020-07-01 12:11 - 000000000 ____D C:\Program Files (x86)\Steam
2021-02-02 12:56 - 2020-03-28 11:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-02 12:56 - 2019-07-06 01:10 - 000000134 _____ C:\WINDOWS\system32\regtest.txt
2021-02-02 09:34 - 2019-03-18 23:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-02-02 09:28 - 2020-03-28 11:33 - 000000000 ____D C:\Users\lucil
2021-02-02 08:45 - 2019-10-10 02:22 - 000000000 ____D C:\Users\lucil\AppData\Local\Packages
2021-02-02 08:36 - 2020-03-27 08:44 - 000000000 ____D C:\WINDOWS\TempInst
2021-02-02 08:32 - 2019-11-08 10:38 - 000000000 ____D C:\BIOS
2021-02-02 08:26 - 2020-11-18 11:08 - 000003248 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2021-02-02 08:12 - 2019-07-06 01:16 - 000000000 ____D C:\ProgramData\McAfee
2021-01-31 11:53 - 2020-06-21 22:00 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-31 11:53 - 2020-06-21 22:00 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-01-31 11:53 - 2020-06-21 22:00 - 000002283 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-01-29 09:00 - 2020-03-28 11:43 - 000841376 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-25 17:40 - 2021-01-04 10:54 - 000000000 ____D C:\ProgramData\scre..tion_b15b0581876c57b7_0014.0008_66db381fcb1b6383
2021-01-25 17:31 - 2021-01-04 10:53 - 000000000 ____D C:\Users\lucil\AppData\Local\Deployment
2021-01-22 16:58 - 2019-12-19 08:55 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-01-19 17:44 - 2019-10-10 02:22 - 000000000 ___RD C:\Users\lucil\3D Objects
2021-01-19 17:44 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2021-01-19 17:44 - 2018-09-19 13:11 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-01-19 17:42 - 2020-03-28 11:27 - 000257904 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-19 17:38 - 2019-03-18 23:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-19 17:38 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-19 17:38 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-19 17:37 - 2019-03-18 23:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-19 17:37 - 2019-03-18 23:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-19 17:37 - 2019-03-18 23:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-19 17:37 - 2019-03-18 23:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-19 17:37 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-19 17:37 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-19 17:37 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-19 17:37 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-19 17:37 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-19 17:37 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-19 17:37 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-19 17:37 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-19 17:37 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-19 17:37 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-01-19 17:37 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-19 17:37 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-19 17:37 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-19 17:36 - 2019-03-18 23:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-19 17:36 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-19 17:36 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-19 17:36 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-19 17:36 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\IME
2021-01-19 17:35 - 2019-03-19 01:20 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-19 17:35 - 2019-03-19 01:20 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-19 17:35 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-19 17:35 - 2019-03-18 23:52 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-17 09:42 - 2020-06-21 22:00 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-17 09:42 - 2020-06-21 22:00 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-01-15 10:42 - 2019-03-18 23:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-15 10:40 - 2019-10-09 14:53 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-15 10:38 - 2019-10-09 14:52 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-15 10:09 - 2020-03-28 11:30 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-01-13 14:32 - 2017-10-02 10:41 - 000628666 _____ C:\Users\lucil\Desktop\9x12.pdf
2021-01-11 21:13 - 2020-03-12 07:21 - 000429952 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2021-01-11 21:13 - 2020-03-12 07:21 - 000107952 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll
2021-01-11 21:13 - 2020-03-12 07:21 - 000061872 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe
2021-01-11 21:13 - 2019-07-06 00:32 - 000107952 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.CoInstaller.dll
2021-01-08 12:53 - 2020-12-20 20:29 - 000000000 ____D C:\Users\lucil\Documents\Yamaro Chiropracrtic
2021-01-06 15:56 - 2020-04-01 18:50 - 000000000 ___HD C:\ProgramData\CyberLink
==================== Files in the root of some directories ========
2019-10-09 13:07 - 2021-02-03 18:30 - 000007778 _____ () C:\Users\lucil\AppData\Roaming\EZUser.ini
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-02-2021
Ran by lucil (05-02-2021 10:42:49)
Running from C:\Users\lucil\Downloads
Windows 10 Home Version 1909 18363.1316 (X64) (2020-03-28 16:49:32)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3832506118-1344407595-661541514-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3832506118-1344407595-661541514-503 - Limited - Disabled)
Guest (S-1-5-21-3832506118-1344407595-661541514-501 - Limited - Disabled)
lucil (S-1-5-21-3832506118-1344407595-661541514-1001 - Administrator - Enabled) => C:\Users\lucil
WDAGUtilityAccount (S-1-5-21-3832506118-1344407595-661541514-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2019.0116.1242.22878 - Advanced Micro Devices, Inc.)
Canon MX880 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX880_series) (Version: - )
eRad PACS Viewer (HKLM\...\{DC3738E0-E464-4613-A012-8A46C7038F94}) (Version: 7.2.236.5 - eRad, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.146 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.5.27.0 - Lenovo Group Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.56 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.71 - )
Microsoft OneDrive (HKU\S-1-5-21-3832506118-1344407595-661541514-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft PowerPoint Viewer 97 (HKLM-x32\...\PPTView97) (Version: - )
Microsoft SQL Server 2012 Native Client (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29112 (HKLM-x32\...\{0f770e99-3916-4b0c-8f9b-83822826bcbf}) (Version: 14.27.29112.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29112 (HKLM-x32\...\{be826f5f-eda5-45a2-a3fe-c2cb5c1b9842}) (Version: 14.27.29112.0 - Microsoft Corporation)
novaPDF 8 Printer Driver (HKLM\...\{48CFCB4B-0488-4711-B54E-E8E3F5929166}) (Version: 8.2.929 - Softland)
OpalRAD Image Viewer (remove only) (HKLM-x32\...\OpalRAD Image Viewer) (Version: - )
RingCentral Meetings (HKU\S-1-5-21-3832506118-1344407595-661541514-1001\...\RingCentralMeetings) (Version: 20.2 - Zoom Video Communications, Inc. and RingCentral Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.6 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
WE6.0 Pro (HKLM-x32\...\{6CA199AA-06F4-47E7-84D9-CBA8CD00E452}) (Version: 1.00.0000 - Spine Research Institute of San Diego)
Zoom (HKU\S-1-5-21-3832506118-1344407595-661541514-1001\...\ZoomUMX) (Version: 5.4.6 (59296.1207) - Zoom Video Communications, Inc.)
Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10027.0_x64__0a9344xs7nr4m [2020-12-17] (Advanced Micro Devices Inc.) [Startup Task]
AMD Radeon™ Settings Lite -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.59462344778C5_10.19.40016.0_x64__0a9344xs7nr4m [2020-10-06] (Advanced Micro Devices Inc.)
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.20800.804.0_x64__rz1tebttyb220 [2020-12-17] (Dolby Laboratories)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2101.29.0_x64__k1h2ywk1493x8 [2021-01-25] (LENOVO INC.)
LenovoUtility -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.2.1.0_x64__5grkq8ppsgwt4 [2021-01-20] (LENOVO INC) [Startup Task]
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-10-09] (LinkedIn)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.13530.20440.0_x86__8wekyb3d8bbwe [2021-01-28] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-10-09] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-10-09] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.13530.20440.0_x86__8wekyb3d8bbwe [2021-01-28] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.13530.20440.0_x86__8wekyb3d8bbwe [2021-01-28] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.13530.20440.0_x86__8wekyb3d8bbwe [2021-01-28] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.13530.20440.0_x86__8wekyb3d8bbwe [2021-01-28] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.13530.20440.0_x86__8wekyb3d8bbwe [2021-01-28] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-01] (Microsoft Studios) [MS Ad]
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.13530.20440.0_x86__8wekyb3d8bbwe [2021-01-28] (Microsoft Corporation)
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-10-09] (Microsoft Corporation)
Power2Go for Lenovo -> C:\Program Files\WindowsApps\CyberLinkCorp.th.Power2GoforLenovo_8.0.11322.0_x86__m916jedk64snt [2020-07-28] (CYBERLINKCOM CORPORATION) [Startup Task]
PowerDVD for Lenovo -> C:\Program Files\WindowsApps\CyberLinkCorp.th.PowerDVDforLenovo_14.2.2520.0_x86__m916jedk64snt [2020-07-22] (CYBERLINKCOM CORPORATION)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.12.219.0_x64__dt26b99r8h8gj [2020-08-14] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0 [2021-01-29] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-01-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\lucil\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2018-07-17 18:18 - 2018-07-17 18:18 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2018-07-17 18:18 - 2018-07-17 18:18 - 002552832 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2020-12-21 09:13 - 2020-05-30 14:58 - 001280000 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll
2015-02-27 11:46 - 2015-02-27 11:46 - 000018944 _____ (Softland) [File not signed] C:\WINDOWS\System32\novamn8.dll
2020-06-19 19:47 - 2020-04-09 08:17 - 000944840 _____ (SQLite Development Team) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000040960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000345600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000502272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 001413120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2019-01-16 14:41 - 2019-01-16 14:41 - 005785088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 006304256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 001077248 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000323584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 003556352 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 003699712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000331264 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000355328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 076168704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 005591552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000461312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000187904 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 002821632 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000327680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000089600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\styles\qwindowsvistastyle.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3832506118-1344407595-661541514-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3832506118-1344407595-661541514-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
SearchScopes: HKU\S-1-5-21-3832506118-1344407595-661541514-1001 -> DefaultScope {7FD36A9F-BD01-4C22-9722-796E55C8C2EB} URL =
SearchScopes: HKU\S-1-5-21-3832506118-1344407595-661541514-1001 -> {7FD36A9F-BD01-4C22-9722-796E55C8C2EB} URL =
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-09-15 02:31 - 2018-09-15 02:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3832506118-1344407595-661541514-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\lucil\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img1.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{AA64A18C-470F-467F-AD1E-38DA79CF25D9}] => (Allow) C:\Users\lucil\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{B100122C-03E4-4B3E-B66B-2D726EDEEFCC}] => (Allow) C:\Users\lucil\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{8FAFE472-5931-41CB-977F-2DB75E722083}] => (Allow) LPort=3306
FirewallRules: [{3C3220C4-735D-48A4-A05D-53931E80F313}] => (Allow) LPort=443
FirewallRules: [{75929029-3A75-4E17-9FE7-51DF8DFF0E07}] => (Allow) LPort=21
FirewallRules: [{5D8404C6-3ECA-4511-8500-A10EAD6310A2}] => (Allow) LPort=20
FirewallRules: [{4E449D0D-1CF5-4E1A-B292-241F74621AE4}] => (Allow) \\DESKTOP-HC3NRH3\EZBIS\Setup\..\IUpdate.exe => No File
FirewallRules: [{7DC3AB2A-6161-41A3-B694-691F3398CB88}] => (Allow) \\DESKTOP-HC3NRH3\EZBIS\Setup\..\Front.exe => No File
FirewallRules: [{3AC1031B-DE69-4FBC-BC79-9C9F02A15C8A}] => (Allow) \\DESKTOP-HC3NRH3\EZBIS\Setup\..\Filing.exe => No File
FirewallRules: [{FD294432-3B7A-4872-808C-87698EBF7F52}] => (Allow) \\DESKTOP-HC3NRH3\EZBIS\Setup\..\EZTrans.exe => No File
FirewallRules: [{8325A831-8E24-4B08-9A7C-801C7DDB4AE2}] => (Allow) \\DESKTOP-HC3NRH3\EZBIS\Setup\..\Delivery.exe => No File
FirewallRules: [{1009969F-C579-49C7-85C1-142736521EA5}] => (Allow) \\DESKTOP-HC3NRH3\EZBIS\Setup\..\Check.exe => No File
FirewallRules: [{086C2CC4-8D1C-4D17-ADE1-ACF8094B7958}] => (Allow) \\DESKTOP-HC3NRH3\EZBIS\Setup\..\ApptRem.exe => No File
FirewallRules: [{6CC1BD00-CB99-462C-90EA-4BA89CF6A936}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16040.10730.20103.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe => No File
FirewallRules: [{5060A085-8B99-4ECE-BF0C-49DC3F5A3AE6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{8169F14C-7C4A-4434-87C0-E567DDDEB7C1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{3D113E24-BC20-4EC0-AF6D-422F877284A3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{0E553E28-1551-4E36-8867-4FB508FB1A4E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B81ACCB3-3629-48AD-8961-B21200180812}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Jackbox Party Pack 3\The Jackbox Party Pack 3.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [{C8AE4689-3745-4233-8E0E-D3D606668082}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Jackbox Party Pack 3\The Jackbox Party Pack 3.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [{52087038-A9B6-4205-9FB2-182DF3CA15DE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B0BC9C21-E046-4704-BA2A-74EE7E452E4C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{0B57CE5C-8ED2-4594-807A-ABC39DAFC4FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\L.A.Noire\LANLauncher.exe (Take-Two Interactive Software, Inc. -> Rockstar Games)
FirewallRules: [{60A49E99-DAA0-4F97-8889-B55DF57FEB20}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\L.A.Noire\LANLauncher.exe (Take-Two Interactive Software, Inc. -> Rockstar Games)
FirewallRules: [{4F1A8E62-0F68-4C09-8467-1C33CE08D33A}] => (Allow) LPort=8501
FirewallRules: [{9116D63C-B761-4EE3-B0A1-AA117F619910}] => (Allow) LPort=8501
FirewallRules: [{7D98B9EF-9FF1-43CB-B3DB-CA605D851130}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.13530.20440.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F91A7E3F-AD08-4AD2-874A-8D42C4CB4404}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1D053EC3-BB23-4705-B7BC-CF8C6E9FDD12}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D5254277-0E32-4EC2-976C-44F2D80C7767}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{69D9D43F-7438-4C23-98A2-E3EA8E8B50B1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{40E81EFF-8DA8-448A-A217-C8AA60CE5403}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8AD2133B-045F-4B05-AD1B-299E8A7F6328}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3E963F4F-FC89-4CB1-A5F6-2179F493804A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{83C56827-30D5-4CC2-8C46-FBBADC2762FC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1FA222A8-05A0-4E4C-907F-CFFF01F8185B}] => (Allow) C:\Users\lucil\AppData\Roaming\RingCentralMeetings\bin\RingCentralMeetings.exe (RingCentral, Inc. -> RingCentral Video Communications, Inc. and RingCentral Inc.)
FirewallRules: [{087BD8F8-565E-4897-A25C-24664AAA2C67}] => (Allow) C:\Users\lucil\AppData\Roaming\RingCentralMeetings\bin\airhost.exe (RingCentral, Inc. -> RingCentral Video Communications, Inc. and RingCentral Inc.)
FirewallRules: [{512F3F11-026B-4628-BAAA-A549E3177B42}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.13628.20274.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AD456FC8-8A6C-4009-A227-0444BDC83778}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DB7BEEB2-8E05-4594-9AA5-C94EB5C6FD49}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{30443BBF-7AF4-46A2-856B-547AF9746AD7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6AA2803C-973C-40F6-8D6C-000EDA9AAFEF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{20936E79-C089-4BB4-8A6A-30BD8CB40841}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
22-01-2021 15:47:54 Scheduled Checkpoint
01-02-2021 10:28:22 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/05/2021 10:20:33 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15948,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (02/05/2021 09:22:10 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9072,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (02/05/2021 09:12:26 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15852,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (02/05/2021 08:38:05 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program WORD.EXE because of this error.
Program: WORD.EXE
File:
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
Additional Data
Error value: C00000BE
Disk type: 0
Error: (02/05/2021 08:38:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WORD.EXE, version: 0.0.0.0, time stamp: 0x59b318cc
Faulting module name: WORD.EXE, version: 0.0.0.0, time stamp: 0x59b318cc
Exception code: 0xc0000006
Fault offset: 0x0000ad26
Faulting process id: 0x3004
Faulting application start time: 0x01d6fa75800fcc05
Faulting application path: \\DESKTOP-HC3NRH3\EZBIS\WORD.EXE
Faulting module path: \\DESKTOP-HC3NRH3\EZBIS\WORD.EXE
Report Id: e985597a-49e8-4609-b991-4bf125dd1b64
Faulting package full name:
Faulting package-relative application ID:
Error: (02/05/2021 08:31:55 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program EZTRANS.EXE because of this error.
Program: EZTRANS.EXE
File:
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
Additional Data
Error value: C00000BE
Disk type: 0
Error: (02/05/2021 08:31:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: EZTRANS.EXE, version: 0.0.0.0, time stamp: 0x59b319e6
Faulting module name: OLEAUT32.dll, version: 10.0.18362.1110, time stamp: 0xf7cff508
Exception code: 0xc0000006
Fault offset: 0x000149c0
Faulting process id: 0x2d0
Faulting application start time: 0x01d6fa75377b5e47
Faulting application path: \\DESKTOP-HC3NRH3\EZBIS\EZTRANS.EXE
Faulting module path: C:\WINDOWS\System32\OLEAUT32.dll
Report Id: 2d96b5e9-fc2b-48d3-84c7-a8f6b3a992c0
Faulting package full name:
Faulting package-relative application ID:
Error: (02/05/2021 08:31:53 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program REPORT.EXE because of this error.
Program: REPORT.EXE
File:
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
Additional Data
Error value: C00000BE
Disk type: 0
System errors:
=============
Error: (02/05/2021 09:06:00 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-SC4SBHDD)
Description: The server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
Error: (02/05/2021 08:20:26 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-SC4SBHDD)
Description: The server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
Error: (02/04/2021 12:27:03 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-SC4SBHDD)
Description: The server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
Error: (02/04/2021 08:36:56 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-SC4SBHDD)
Description: The server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
Error: (02/03/2021 01:24:41 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: ApplicationSet-CFQ7TTC0K56C-Microsoft.Office.Desktop.
Error: (02/03/2021 12:31:44 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-SC4SBHDD)
Description: The server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
Error: (02/03/2021 09:01:38 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-SC4SBHDD)
Description: The server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
Error: (02/02/2021 01:26:47 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-SC4SBHDD)
Description: The server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
Windows Defender:
===================================
Date: 2021-02-05 09:16:39.777
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {48952407-D0B1-46C7-BCFE-D63363B5A1B6}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-02-05 08:58:00.645
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {C84A850A-DEE3-4314-9281-43E2CB1FBD14}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-02-03 14:58:03.745
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {1CFC9842-0E12-4F4A-8388-CD45D9B297A1}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-02-01 09:26:52.025
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {A4E83C06-EAEC-4F57-9D87-569AA6A95400}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-01-28 15:32:27.714
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {1E986482-9489-4AFC-8F68-2BE39FA8DFE0}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-01-22 15:06:30.638
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.329.2585.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17700.4
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2021-01-22 13:55:31.820
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.329.2585.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17700.4
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2021-01-07 08:04:53.582
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.329.1817.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17700.4
Error code: 0x8050a003
Error description: This package does not contain up-to-date definition files for this program. For more information, see Help and Support.
Date: 2021-01-07 08:04:53.581
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.329.1817.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17700.4
Error code: 0x8050a003
Error description: This package does not contain up-to-date definition files for this program. For more information, see Help and Support.
Date: 2021-01-07 08:04:53.580
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.329.1817.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17700.4
Error code: 0x8050a003
Error description: This package does not contain up-to-date definition files for this program. For more information, see Help and Support.
CodeIntegrity:
===================================
Date: 2020-10-27 14:00:09.557
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-10-27 14:00:09.548
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-10-27 14:00:07.125
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-10-27 14:00:07.084
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-10-27 14:00:07.049
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-10-27 14:00:07.039
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-10-27 14:00:03.933
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-10-27 14:00:03.695
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: LENOVO ARCN35WW 10/13/2020
Motherboard: LENOVO LNVNB161216
Processor: AMD Ryzen 5 3500U with Radeon Vega Mobile Gfx
Percentage of memory in use: 93%
Total physical RAM: 6020.26 MB
Available physical RAM: 420.71 MB
Total Virtual: 13188.26 MB
Available Virtual: 4207.18 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:930.27 GB) (Free:856.68 GB) NTFS
\\?\Volume{d840036f-c4da-407b-9d04-5c1e7a4a4d63}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.54 GB) NTFS
\\?\Volume{9e8cc00d-177e-43c3-87c1-ac9d2aea6ec4}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 8E5AAAE3)
Partition: GPT.
==================== End of Addition.txt =======================