Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

File Explorer Keeps Crashing [Closed]


  • This topic is locked This topic is locked

#1
lucille123

lucille123

    Member

  • Member
  • PipPipPip
  • 100 posts

I've gone through a series of 10 steps (I think save for one) without success at this link https://recoverit.wo...s-crashing.html.

 

I did a checkfile operation through DOS (Took a few hours to run) and have updated both my windows 10 and the Lenovo Advantage program.  I have deleted the McAfee web something or the other tool, I found on my computer. I have changed the settings in a few different ways through the file explorer settings.  I have noticed that my file explorer runs faster, but it still crashes.  Sometimes I am able to open files, but most of the time I cannot.  I have a Lenovo Ideapad L340 with Windows 10.

 

 


  • 0

Advertisements


#2
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,422 posts

Hi
 
Welcome :)
 
I'll be helping you with your computer.
 
Please read this post completely before beginning. If there's anything that you do not understand, please don't hesitate to ask before proceeding.
 
Please take note of the guidelines for this fix:

  • Please note that I am a volunteer. I do have a family, a career, and other endeavors that may prevent immediate responses that meet your schedule. Do note that the differences in time zones could present a problem as well. Your patience and understanding will be greatly appreciated.
  • First of all, the procedures we are about to perform are specific to your problem and should only be used on this specific computer.
  • Do not make any changes to your computer that include installing/uninstalling programs, deleting files, modifying the registry, nor running scanners or tools of any kind unless specifically requested by me.
  • Please read ALL instructions carefully and perform the steps fully and in the order they are written.
  • If things appear to be better, let me know. Just because the symptoms no longer exist as before, does not mean that you are clean.
  • Continue to read and follow my instructions until I tell you that your machine is clean.
  • If you have any questions at all, please do not hesitate to ask before performing the task that I ask of you, and please wait for my reply before you proceed.
  • Scanning with programs and reading the logs do take a fair amount of time. Again, your patience will be necessary. :)

Let's begin... :)
 

Please download Farbar Recovery Scan Tool and save it to your desktop.
 
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click FRST(64) and select Run as administrator.
  • Make sure that under Optional Scans, there is a checkmark on Addition.txt.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also produce another log (Addition.txt ). Please attach this to your reply.

  • 0

#3
lucille123

lucille123

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 100 posts

Oh, thank you so much for replying :-)

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-02-2021
Ran by lucil (administrator) on LAPTOP-SC4SBHDD (LENOVO 81LY) (05-02-2021 10:35:31)
Running from C:\Users\lucil\Downloads
Loaded Profiles: lucil
Platform: Windows 10 Home Version 1909 18363.1316 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amddvr.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository͔259.inf_amd64_9c1fcd1df26ce806\B354183\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository͔259.inf_amd64_9c1fcd1df26ce806\B354183\atiesrxx.exe
(CYBERLINKCOM CORPORATION) C:\Program Files\WindowsApps\CyberLinkCorp.th.Power2GoforLenovo_8.0.11322.0_x86__m916jedk64snt\Power2Go8\CLMLSvc_P2G8.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~2.INF\DAX3API.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_925ded1d9428eaee\DAX3API.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrlHelper.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDTouch.exe
(eRAD, Inc. -> eRAD, Inc.) C:\Program Files\PracticeBuilder\pbuilder.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <47>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\Lenovo.Vantage.AddinHost.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.2.1.0_x64__5grkq8ppsgwt4\VFS\ProgramFilesX64\Lenovo\LenovoUtility\utility.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\lucil\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.331.288.0.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.13530.20440.0_x86__8wekyb3d8bbwe\Office16\SDXHelperBgt.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CredentialUIBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MpCmdRun.exe <2>
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Softland S.R.L. -> Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe
(Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Users\lucil\AppData\Roaming\Zoom\bin\Zoom.exe <2>
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1086248 2020-05-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-3832506118-1344407595-661541514-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3411232 2020-12-20] (Valve -> Valve Corporation)
HKLM\...\Windows x64\Print Processors\Canon MX880 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAN.DLL [29696 2010-10-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor MX880 series: C:\WINDOWS\system32\CNCALAN.DLL [302080 2010-11-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MX880 series: C:\WINDOWS\system32\CNMLMAN.DLL [374784 2010-10-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\novaPDF Port Monitor: C:\WINDOWS\system32\novamn8.dll [18944 2015-02-27] (Softland) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.146\Installer\chrmstp.exe [2021-02-05] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\eRAD PACS Viewer.lnk [2020-12-04]
ShortcutTarget: eRAD PACS Viewer.lnk -> C:\Windows\Installer\{DC3738E0-E464-4613-A012-8A46C7038F94}\pbuilder.ico () [File not signed]
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {021430FA-2E7C-4878-AD7A-8007AB71068D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {14C8E688-ED06-402D-B7F9-CFED09290CDA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1F777A02-814B-4CCC-A4EB-4170280497E2} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {41298F78-D33F-4C4A-8BF3-CADA083C10E5} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe [63880 2019-01-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {5512CCF0-8870-4A89-B977-5199D23F1237} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-10-09] (Google Inc -> Google LLC)
Task: {5E12C5A6-CFD7-4C70-B3A4-8782A24219B9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-10-09] (Google Inc -> Google LLC)
Task: {5F2198F7-D1E3-4452-83C5-3C6B7D29E5A3} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\923a29f3-869b-4fe5-af3d-e5123c321365 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81840 2021-01-11] (Lenovo -> Lenovo Group Ltd.)
Task: {6993957F-79AC-4AC6-A420-01FD17229899} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\0befa231-dd0f-4e5e-b51f-42a50540521a => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81840 2021-01-11] (Lenovo -> Lenovo Group Ltd.)
Task: {6C3CCA32-602F-45F7-833B-DF46441D4D6F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\eb57a4b6-2854-472a-8772-0926c6ca809f => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81840 2021-01-11] (Lenovo -> Lenovo Group Ltd.)
Task: {7EABDE7E-1B4D-4885-B4E5-EC8C3FD8E8BA} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\7cb7ae2b-2cdc-4b9e-9bf1-8c483f9d69cd => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81840 2021-01-11] (Lenovo -> Lenovo Group Ltd.)
Task: {84DCAD92-F2DE-4130-AF8C-8C8045EDE37E} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [49032 2019-01-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {A6BE6735-77F0-4CD8-B461-3E56F230ACF6} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\ScheduleEventAction.exe [24368 2020-12-29] (Lenovo -> Lenovo Group Ltd.)
Task: {AE50BA22-491D-4A9D-9E68-0F6D65679F02} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [61872 2021-01-11] (Lenovo -> Lenovo Group Ltd.)
Task: {B281DA86-5FC8-49BB-B8BD-3E80197C5311} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [144280 2020-12-29] (Lenovo -> Lenovo Group Ltd.)
Task: {B5C9BA5A-D009-4D04-9CA1-7C393DEACD0E} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {D5D5C6B4-FBA9-4804-8626-188DB4338752} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E2DA7683-9CF9-4FFB-9170-BDE72812BB5E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E456A202-F03F-41E2-B046-CF2C67F4A337} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {F7384048-335F-4D39-A369-6B6887001D9C} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{05a60f97-1092-43d4-9966-dace830789d1}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{0ecf6b23-2624-4ea6-a0dc-8b53a584f5db}: [DhcpNameServer] 192.168.1.254
 
Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\lucil\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-04]
 
FireFox:
========
FF Plugin HKU\S-1-5-21-3832506118-1344407595-661541514-1001: @ringcentral.com/RingCentralMeetingsPlugin -> C:\Users\lucil\AppData\Roaming\RingCentralMeetings\bin\nprcmsplugin.dll [2021-02-03] (RingCentral, Inc. -> RingCentral Video Communications, Inc. and RingCentral Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\lucil\AppData\Local\Google\Chrome\User Data\Default [2021-02-05]
CHR Notifications: Default -> hxxps://bathtrendsusa.com; hxxps://chatsupport.apple.com; hxxps://meet.google.com; hxxps://www.cleverism.com; hxxps://www.evernote.com; hxxps://www.facebook.com; hxxps://www.palmbeachpost.com; hxxps://www.youtube.com
CHR StartupUrls: Default -> "hxxps://mail.google.com/mail/u/0/#inbox","hxxps://mail.google.com/mail/u/3/#inbox","hxxps://mail.google.com/mail/u/1/","hxxps://mail.google.com/mail/u/2/","hxxps://www.facebook.com/"
CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> duckduckgo.com
CHR DefaultNewTabURL: Default -> hxxps://duckduckgo.com/chrome_newtab
CHR DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
CHR Extension: (Slides) - C:\Users\lucil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-10-09]
CHR Extension: (Docs) - C:\Users\lucil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-10-09]
CHR Extension: (Google Drive) - C:\Users\lucil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-31]
CHR Extension: (YouTube) - C:\Users\lucil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-10-09]
CHR Extension: (Sheets) - C:\Users\lucil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-10-09]
CHR Extension: (Google Docs Offline) - C:\Users\lucil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\lucil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\lucil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-31]
CHR Extension: (Chrome Media Router) - C:\Users\lucil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-01]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_925ded1d9428eaee\DAX3API.exe [2205144 2020-12-22] (Dolby Laboratories, Inc. -> Dolby Laboratories)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [359808 2019-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81840 2021-01-11] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\LenovoVantageService.exe [29488 2020-12-29] (Lenovo -> Lenovo Group Ltd.)
S3 McSecDashboardService; C:\Program Files\McAfeeDashboard\McSecDashboardService.exe [1270536 2019-02-26] (McAfee, Inc. -> McAfee, Inc.)
R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [35616 2015-02-27] (Softland S.R.L. -> Microsoft)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZoomCptService; "C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe" -user_path "C:\Users\lucil\AppData\Roaming\Zoom"
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 SnapCameraVirtualDevice; C:\WINDOWS\System32\drivers\SnapCameraVirtualDevice.sys [2800232 2020-10-12] (Snap Inc. -> Windows ® Win 7 DDK provider)
S3 TDKLIB; c:\windows\TempInst\TdkLib64.sys [37288 2021-02-02] (Phoenix Technologies Ltd. -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-02-05 10:35 - 2021-02-05 10:37 - 000018109 _____ C:\Users\lucil\Downloads\FRST.txt
2021-02-05 10:34 - 2021-02-05 10:36 - 000000000 ____D C:\FRST
2021-02-05 10:33 - 2021-02-05 10:33 - 002297856 _____ (Farbar) C:\Users\lucil\Downloads\Unconfirmed 658216.crdownload
2021-02-05 10:33 - 2021-02-05 10:33 - 002297856 _____ (Farbar) C:\Users\lucil\Downloads\FRST64.exe
2021-02-03 16:53 - 2021-02-03 16:53 - 010795629 _____ C:\Users\lucil\Downloads\725732_10151361070587123_1692956683_n.mp4
2021-02-03 11:05 - 2021-02-03 11:05 - 000002200 _____ C:\Users\lucil\Desktop\RingCentral Meetings.lnk
2021-02-03 11:05 - 2021-02-03 11:05 - 000000000 ____D C:\Users\lucil\AppData\Roaming\RingCentralMeetings
2021-02-03 11:05 - 2021-02-03 11:05 - 000000000 ____D C:\Users\lucil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RingCentral Meetings
2021-02-02 12:55 - 2021-02-02 12:55 - 000000080 ___SH C:\bootTel.dat
2021-02-02 09:28 - 2021-02-02 09:28 - 000000000 _____ C:\Users\lucil\sfc
2021-02-01 16:39 - 2021-02-01 16:39 - 000040714 _____ C:\Users\lucil\Downloads\Conversation_Starters.pdf
2021-02-01 16:04 - 2021-02-01 16:04 - 000639657 _____ C:\Users\lucil\Downloads\Paycheck Protection Program.pdf
2021-02-01 15:57 - 2021-02-01 15:57 - 000000000 _____ C:\Users\lucil\Downloads\OF FLORIDA (2).pdf
2021-02-01 09:17 - 2021-02-01 09:17 - 000058028 _____ C:\Users\lucil\Downloads\ResumeStevenMezidor.pdf
2021-01-29 16:44 - 2021-01-29 16:44 - 002258782 _____ C:\Users\lucil\Downloads\OF FLORIDA (1).pdf
2021-01-29 16:01 - 2021-01-29 16:01 - 000000000 _____ C:\Users\lucil\Downloads\OF FLORIDA.pdf
2021-01-29 15:59 - 2021-01-29 15:59 - 000690637 _____ C:\Users\lucil\Downloads\Legacy Secure Portal - Cusotmer Guide.pdf
2021-01-29 09:48 - 2021-01-29 09:48 - 000049771 _____ C:\Users\lucil\Downloads\Corp docs (1).pdf
2021-01-29 08:47 - 2021-01-29 08:47 - 003440962 _____ C:\Users\lucil\Downloads\updated_folder.pdf
2021-01-28 13:45 - 2021-01-28 13:45 - 000082572 _____ C:\Users\lucil\Downloads\EFAX Corp.pdf
2021-01-28 13:19 - 2021-01-28 13:19 - 000130842 _____ C:\Users\lucil\Downloads\LOA.pdf
2021-01-28 08:48 - 2021-01-28 08:48 - 000057354 _____ C:\Users\lucil\Downloads\Week_4_Templates_Cheatsheet (1).pdf
2021-01-27 18:04 - 2021-01-29 08:51 - 000010968 _____ C:\Users\lucil\Documents\Statements.xlsx
2021-01-26 11:37 - 2021-01-26 11:37 - 001459480 _____ C:\Users\lucil\Downloads\application.pdf
2021-01-26 11:31 - 2021-01-26 11:31 - 001030226 _____ C:\Users\lucil\Downloads\folder.pdf
2021-01-25 17:30 - 2021-01-25 17:30 - 000086408 _____ C:\Users\lucil\Downloads\EZBIS.ScreenConnect.Client (6).exe
2021-01-25 16:18 - 2021-01-25 16:18 - 000014887 _____ C:\Users\lucil\Downloads\463771934.597662782.20210108.pdf
2021-01-25 16:17 - 2021-01-25 16:17 - 000018371 _____ C:\Users\lucil\Downloads\21007003037.pdf
2021-01-25 11:23 - 2021-01-25 11:23 - 000026496 _____ C:\Users\lucil\Downloads\INITIAL_CHECKLIST.pdf
2021-01-21 11:40 - 2021-01-21 11:40 - 000128546 _____ C:\Users\lucil\Downloads\Lisa Martz Resume Jan
2021-01-21 09:32 - 2021-01-21 09:32 - 000378666 _____ C:\Users\lucil\Downloads\2017-06_Visitor Host Team Manual.pdf
2021-01-21 08:34 - 2021-01-21 08:34 - 000013994 _____ C:\Users\lucil\Downloads\Chapter_Visitor_Registration_Report_01-21-2021_8-34_AM.xls
2021-01-20 15:55 - 2021-01-20 15:55 - 000093846 _____ C:\Users\lucil\Downloads\Hubspot_Setup_Cheatsheet.pdf
2021-01-20 12:36 - 2021-01-20 12:36 - 000057354 _____ C:\Users\lucil\Downloads\Week_4_Templates_Cheatsheet.pdf
2021-01-18 14:32 - 2021-01-18 14:32 - 000073313 _____ C:\Users\lucil\Downloads\How_to_Set_Up_Indeed_Ad_Cheatsheet.pdf
2021-01-18 09:23 - 2021-01-18 09:23 - 000094133 _____ C:\Users\lucil\Downloads\Organic_Outreach_Message_Process1.pdf
2021-01-15 11:11 - 2021-01-15 11:11 - 000526217 _____ C:\Users\lucil\Downloads\Details for Reference Number_ 21015000569.pdf
2021-01-15 10:20 - 2021-01-15 10:20 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-15 10:20 - 2021-01-15 10:20 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-15 10:20 - 2021-01-15 10:20 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-15 10:20 - 2021-01-15 10:20 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-15 10:20 - 2021-01-15 10:20 - 000094720 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-15 10:20 - 2021-01-15 10:20 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-15 10:19 - 2021-01-15 10:19 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-15 10:19 - 2021-01-15 10:19 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-15 10:19 - 2021-01-15 10:19 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-15 10:19 - 2021-01-15 10:19 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-15 10:19 - 2021-01-15 10:19 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-15 10:19 - 2021-01-15 10:19 - 000053248 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-15 10:18 - 2021-01-15 10:18 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-15 10:18 - 2021-01-15 10:18 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-15 10:18 - 2021-01-15 10:18 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-15 10:18 - 2021-01-15 10:18 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-15 10:18 - 2021-01-15 10:18 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-15 10:17 - 2021-01-15 10:17 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-15 10:17 - 2021-01-15 10:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-01-15 10:17 - 2021-01-15 10:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-01-15 10:17 - 2021-01-15 10:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-01-15 10:17 - 2021-01-15 10:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-01-15 10:17 - 2021-01-15 10:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-01-15 10:17 - 2021-01-15 10:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-01-15 10:17 - 2021-01-15 10:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-01-15 10:17 - 2021-01-15 10:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-01-15 10:17 - 2021-01-15 10:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2021-01-15 10:17 - 2021-01-15 10:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2021-01-15 10:17 - 2021-01-15 10:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2021-01-15 10:17 - 2021-01-15 10:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2021-01-15 10:17 - 2021-01-15 10:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-01-15 10:17 - 2021-01-15 10:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-01-15 10:17 - 2021-01-15 10:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-01-15 10:17 - 2021-01-15 10:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2021-01-15 10:16 - 2021-01-15 10:16 - 001101312 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-15 10:16 - 2021-01-15 10:16 - 000458240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-15 10:16 - 2021-01-15 10:16 - 000208384 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-15 10:15 - 2021-01-15 10:15 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-15 10:14 - 2021-01-15 10:14 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-15 10:14 - 2021-01-15 10:14 - 000331264 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-15 10:13 - 2021-01-15 10:13 - 002590720 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-15 10:13 - 2021-01-15 10:13 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-15 10:13 - 2021-01-15 10:13 - 000186368 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-15 10:12 - 2021-01-15 10:12 - 000549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-15 10:11 - 2021-01-15 10:11 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-15 10:11 - 2021-01-15 10:11 - 000266752 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-15 10:10 - 2021-01-15 10:10 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-15 10:10 - 2021-01-15 10:10 - 000164864 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-15 10:09 - 2021-01-15 10:09 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-15 10:09 - 2021-01-15 10:09 - 000453632 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-15 10:09 - 2021-01-15 10:09 - 000061440 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-13 14:31 - 2021-01-13 14:31 - 007095620 _____ C:\Users\lucil\Downloads\9_x_12.zip
2021-01-12 13:30 - 2021-01-12 13:30 - 002075980 _____ C:\Users\lucil\Downloads\CV_redacted.pdf
2021-01-11 10:41 - 2021-01-11 10:41 - 000000000 _____ C:\Users\lucil\Downloads\Cannella Legal.pdf
2021-01-08 12:50 - 2021-01-08 12:50 - 000036341 _____ C:\Users\lucil\Downloads\RPMworksheet (1).pdf
2021-01-08 12:39 - 2021-01-08 12:39 - 000036341 _____ C:\Users\lucil\Downloads\RPMworksheet.pdf
2021-01-07 08:08 - 2021-01-07 08:09 - 032506535 _____ C:\Users\lucil\Downloads\BNI Chapter Meeting Agenda (6).pptx
2021-01-06 15:56 - 2021-01-06 15:56 - 000000000 ____D C:\Users\Public\CyberLink
2021-01-06 15:35 - 2021-01-06 15:35 - 000086408 _____ C:\Users\lucil\Downloads\EZBIS.ScreenConnect.Client (5).exe
2021-01-06 15:24 - 2021-01-06 15:24 - 000207623 _____ C:\Users\lucil\Downloads\Partnership Tracking Sheet - Dr. Huffman.xlsx
2021-01-06 14:01 - 2021-01-06 14:01 - 000086408 _____ C:\Users\lucil\Downloads\EZBIS.ScreenConnect.Client (4).exe
2021-01-06 10:27 - 2021-01-06 10:27 - 000086408 _____ C:\Users\lucil\Downloads\EZBIS.ScreenConnect.Client (3).exe
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-02-05 10:29 - 2019-03-18 23:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-05 09:41 - 2020-03-28 11:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-05 09:03 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-05 08:31 - 2019-10-09 14:33 - 000000000 ___RD C:\Users\lucil\Documents\BNI
2021-02-05 08:23 - 2019-10-09 11:21 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-05 08:23 - 2019-10-09 11:21 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-02-05 08:23 - 2019-10-09 11:21 - 000002267 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-02-05 08:13 - 2020-11-20 08:42 - 000004166 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{1C484CF8-7E9F-49B7-89C8-AC1A017DE72F}
2021-02-03 18:30 - 2019-10-09 13:07 - 000007778 _____ C:\Users\lucil\AppData\Roaming\EZUser.ini
2021-02-03 17:39 - 2020-09-11 15:19 - 000000000 ____D C:\opal
2021-02-03 13:22 - 2019-03-18 23:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-03 11:05 - 2019-10-10 02:23 - 000000000 ____D C:\Users\lucil\AppData\Local\D3DSCache
2021-02-02 13:09 - 2019-07-06 01:10 - 000000000 ____D C:\WINDOWS\system32\dolbyaposvc
2021-02-02 13:09 - 2019-03-18 23:50 - 000000000 ____D C:\WINDOWS\INF
2021-02-02 12:58 - 2020-07-01 12:11 - 000000000 ____D C:\Program Files (x86)\Steam
2021-02-02 12:56 - 2020-03-28 11:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-02 12:56 - 2019-07-06 01:10 - 000000134 _____ C:\WINDOWS\system32\regtest.txt
2021-02-02 09:34 - 2019-03-18 23:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-02-02 09:28 - 2020-03-28 11:33 - 000000000 ____D C:\Users\lucil
2021-02-02 08:45 - 2019-10-10 02:22 - 000000000 ____D C:\Users\lucil\AppData\Local\Packages
2021-02-02 08:36 - 2020-03-27 08:44 - 000000000 ____D C:\WINDOWS\TempInst
2021-02-02 08:32 - 2019-11-08 10:38 - 000000000 ____D C:\BIOS
2021-02-02 08:26 - 2020-11-18 11:08 - 000003248 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2021-02-02 08:12 - 2019-07-06 01:16 - 000000000 ____D C:\ProgramData\McAfee
2021-01-31 11:53 - 2020-06-21 22:00 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-31 11:53 - 2020-06-21 22:00 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-01-31 11:53 - 2020-06-21 22:00 - 000002283 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-01-29 09:00 - 2020-03-28 11:43 - 000841376 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-25 17:40 - 2021-01-04 10:54 - 000000000 ____D C:\ProgramData\scre..tion_b15b0581876c57b7_0014.0008_66db381fcb1b6383
2021-01-25 17:31 - 2021-01-04 10:53 - 000000000 ____D C:\Users\lucil\AppData\Local\Deployment
2021-01-22 16:58 - 2019-12-19 08:55 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-01-19 17:44 - 2019-10-10 02:22 - 000000000 ___RD C:\Users\lucil\3D Objects
2021-01-19 17:44 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2021-01-19 17:44 - 2018-09-19 13:11 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-01-19 17:42 - 2020-03-28 11:27 - 000257904 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-19 17:38 - 2019-03-18 23:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-19 17:38 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-19 17:38 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-19 17:37 - 2019-03-18 23:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-19 17:37 - 2019-03-18 23:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-19 17:37 - 2019-03-18 23:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-19 17:37 - 2019-03-18 23:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-19 17:37 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-19 17:37 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-19 17:37 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-19 17:37 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-19 17:37 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-19 17:37 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-19 17:37 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-19 17:37 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-19 17:37 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-19 17:37 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-01-19 17:37 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-19 17:37 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-19 17:37 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-19 17:36 - 2019-03-18 23:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-19 17:36 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-19 17:36 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-19 17:36 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-19 17:36 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\IME
2021-01-19 17:35 - 2019-03-19 01:20 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-19 17:35 - 2019-03-19 01:20 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-19 17:35 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-19 17:35 - 2019-03-18 23:52 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-17 09:42 - 2020-06-21 22:00 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-17 09:42 - 2020-06-21 22:00 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-01-15 10:42 - 2019-03-18 23:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-15 10:40 - 2019-10-09 14:53 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-15 10:38 - 2019-10-09 14:52 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-15 10:09 - 2020-03-28 11:30 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-01-13 14:32 - 2017-10-02 10:41 - 000628666 _____ C:\Users\lucil\Desktop\9x12.pdf
2021-01-11 21:13 - 2020-03-12 07:21 - 000429952 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2021-01-11 21:13 - 2020-03-12 07:21 - 000107952 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll
2021-01-11 21:13 - 2020-03-12 07:21 - 000061872 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe
2021-01-11 21:13 - 2019-07-06 00:32 - 000107952 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.CoInstaller.dll
2021-01-08 12:53 - 2020-12-20 20:29 - 000000000 ____D C:\Users\lucil\Documents\Yamaro Chiropracrtic
2021-01-06 15:56 - 2020-04-01 18:50 - 000000000 ___HD C:\ProgramData\CyberLink
 
==================== Files in the root of some directories ========
 
2019-10-09 13:07 - 2021-02-03 18:30 - 000007778 _____ () C:\Users\lucil\AppData\Roaming\EZUser.ini
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-02-2021
Ran by lucil (05-02-2021 10:42:49)
Running from C:\Users\lucil\Downloads
Windows 10 Home Version 1909 18363.1316 (X64) (2020-03-28 16:49:32)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3832506118-1344407595-661541514-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3832506118-1344407595-661541514-503 - Limited - Disabled)
Guest (S-1-5-21-3832506118-1344407595-661541514-501 - Limited - Disabled)
lucil (S-1-5-21-3832506118-1344407595-661541514-1001 - Administrator - Enabled) => C:\Users\lucil
WDAGUtilityAccount (S-1-5-21-3832506118-1344407595-661541514-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2019.0116.1242.22878 - Advanced Micro Devices, Inc.)
Canon MX880 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX880_series) (Version:  - )
eRad PACS Viewer (HKLM\...\{DC3738E0-E464-4613-A012-8A46C7038F94}) (Version: 7.2.236.5 - eRad, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.146 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.5.27.0 - Lenovo Group Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.56 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.71 - )
Microsoft OneDrive (HKU\S-1-5-21-3832506118-1344407595-661541514-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft PowerPoint Viewer 97 (HKLM-x32\...\PPTView97) (Version:  - )
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29112 (HKLM-x32\...\{0f770e99-3916-4b0c-8f9b-83822826bcbf}) (Version: 14.27.29112.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29112 (HKLM-x32\...\{be826f5f-eda5-45a2-a3fe-c2cb5c1b9842}) (Version: 14.27.29112.0 - Microsoft Corporation)
novaPDF 8 Printer Driver (HKLM\...\{48CFCB4B-0488-4711-B54E-E8E3F5929166}) (Version: 8.2.929 - Softland)
OpalRAD Image Viewer (remove only) (HKLM-x32\...\OpalRAD Image Viewer) (Version:  - )
RingCentral Meetings (HKU\S-1-5-21-3832506118-1344407595-661541514-1001\...\RingCentralMeetings) (Version: 20.2 - Zoom Video Communications, Inc. and RingCentral Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.6 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
WE6.0 Pro (HKLM-x32\...\{6CA199AA-06F4-47E7-84D9-CBA8CD00E452}) (Version: 1.00.0000 - Spine Research Institute of San Diego)
Zoom (HKU\S-1-5-21-3832506118-1344407595-661541514-1001\...\ZoomUMX) (Version: 5.4.6 (59296.1207) - Zoom Video Communications, Inc.)
 
Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10027.0_x64__0a9344xs7nr4m [2020-12-17] (Advanced Micro Devices Inc.) [Startup Task]
AMD Radeon™ Settings Lite -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.59462344778C5_10.19.40016.0_x64__0a9344xs7nr4m [2020-10-06] (Advanced Micro Devices Inc.)
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.20800.804.0_x64__rz1tebttyb220 [2020-12-17] (Dolby Laboratories)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2101.29.0_x64__k1h2ywk1493x8 [2021-01-25] (LENOVO INC.)
LenovoUtility -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.2.1.0_x64__5grkq8ppsgwt4 [2021-01-20] (LENOVO INC) [Startup Task]
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-10-09] (LinkedIn)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.13530.20440.0_x86__8wekyb3d8bbwe [2021-01-28] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-10-09] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-10-09] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.13530.20440.0_x86__8wekyb3d8bbwe [2021-01-28] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.13530.20440.0_x86__8wekyb3d8bbwe [2021-01-28] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.13530.20440.0_x86__8wekyb3d8bbwe [2021-01-28] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.13530.20440.0_x86__8wekyb3d8bbwe [2021-01-28] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.13530.20440.0_x86__8wekyb3d8bbwe [2021-01-28] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-01] (Microsoft Studios) [MS Ad]
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.13530.20440.0_x86__8wekyb3d8bbwe [2021-01-28] (Microsoft Corporation)
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-10-09] (Microsoft Corporation)
Power2Go for Lenovo -> C:\Program Files\WindowsApps\CyberLinkCorp.th.Power2GoforLenovo_8.0.11322.0_x86__m916jedk64snt [2020-07-28] (CYBERLINKCOM CORPORATION) [Startup Task]
PowerDVD for Lenovo -> C:\Program Files\WindowsApps\CyberLinkCorp.th.PowerDVDforLenovo_14.2.2520.0_x86__m916jedk64snt [2020-07-22] (CYBERLINKCOM CORPORATION)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.12.219.0_x64__dt26b99r8h8gj [2020-08-14] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0 [2021-01-29] (Spotify AB) [Startup Task]
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-01-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\lucil\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
 
==================== Loaded Modules (Whitelisted) =============
 
2018-07-17 18:18 - 2018-07-17 18:18 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2018-07-17 18:18 - 2018-07-17 18:18 - 002552832 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2020-12-21 09:13 - 2020-05-30 14:58 - 001280000 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll
2015-02-27 11:46 - 2015-02-27 11:46 - 000018944 _____ (Softland) [File not signed] C:\WINDOWS\System32\novamn8.dll
2020-06-19 19:47 - 2020-04-09 08:17 - 000944840 _____ (SQLite Development Team) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000040960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000345600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000502272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 001413120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2019-01-16 14:41 - 2019-01-16 14:41 - 005785088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 006304256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 001077248 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000323584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 003556352 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 003699712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000331264 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000355328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 076168704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 005591552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000461312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000187904 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 002821632 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000327680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000089600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2018-07-17 18:18 - 2018-07-17 18:18 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\styles\qwindowsvistastyle.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3832506118-1344407595-661541514-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3832506118-1344407595-661541514-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
SearchScopes: HKU\S-1-5-21-3832506118-1344407595-661541514-1001 -> DefaultScope {7FD36A9F-BD01-4C22-9722-796E55C8C2EB} URL = 
SearchScopes: HKU\S-1-5-21-3832506118-1344407595-661541514-1001 -> {7FD36A9F-BD01-4C22-9722-796E55C8C2EB} URL = 
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2018-09-15 02:31 - 2018-09-15 02:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3832506118-1344407595-661541514-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\lucil\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img1.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{AA64A18C-470F-467F-AD1E-38DA79CF25D9}] => (Allow) C:\Users\lucil\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{B100122C-03E4-4B3E-B66B-2D726EDEEFCC}] => (Allow) C:\Users\lucil\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{8FAFE472-5931-41CB-977F-2DB75E722083}] => (Allow) LPort=3306
FirewallRules: [{3C3220C4-735D-48A4-A05D-53931E80F313}] => (Allow) LPort=443
FirewallRules: [{75929029-3A75-4E17-9FE7-51DF8DFF0E07}] => (Allow) LPort=21
FirewallRules: [{5D8404C6-3ECA-4511-8500-A10EAD6310A2}] => (Allow) LPort=20
FirewallRules: [{4E449D0D-1CF5-4E1A-B292-241F74621AE4}] => (Allow) \\DESKTOP-HC3NRH3\EZBIS\Setup\..\IUpdate.exe => No File
FirewallRules: [{7DC3AB2A-6161-41A3-B694-691F3398CB88}] => (Allow) \\DESKTOP-HC3NRH3\EZBIS\Setup\..\Front.exe => No File
FirewallRules: [{3AC1031B-DE69-4FBC-BC79-9C9F02A15C8A}] => (Allow) \\DESKTOP-HC3NRH3\EZBIS\Setup\..\Filing.exe => No File
FirewallRules: [{FD294432-3B7A-4872-808C-87698EBF7F52}] => (Allow) \\DESKTOP-HC3NRH3\EZBIS\Setup\..\EZTrans.exe => No File
FirewallRules: [{8325A831-8E24-4B08-9A7C-801C7DDB4AE2}] => (Allow) \\DESKTOP-HC3NRH3\EZBIS\Setup\..\Delivery.exe => No File
FirewallRules: [{1009969F-C579-49C7-85C1-142736521EA5}] => (Allow) \\DESKTOP-HC3NRH3\EZBIS\Setup\..\Check.exe => No File
FirewallRules: [{086C2CC4-8D1C-4D17-ADE1-ACF8094B7958}] => (Allow) \\DESKTOP-HC3NRH3\EZBIS\Setup\..\ApptRem.exe => No File
FirewallRules: [{6CC1BD00-CB99-462C-90EA-4BA89CF6A936}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16040.10730.20103.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe => No File
FirewallRules: [{5060A085-8B99-4ECE-BF0C-49DC3F5A3AE6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{8169F14C-7C4A-4434-87C0-E567DDDEB7C1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{3D113E24-BC20-4EC0-AF6D-422F877284A3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{0E553E28-1551-4E36-8867-4FB508FB1A4E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B81ACCB3-3629-48AD-8961-B21200180812}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Jackbox Party Pack 3\The Jackbox Party Pack 3.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [{C8AE4689-3745-4233-8E0E-D3D606668082}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Jackbox Party Pack 3\The Jackbox Party Pack 3.exe (Jackbox Games, Inc.) [File not signed]
FirewallRules: [{52087038-A9B6-4205-9FB2-182DF3CA15DE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B0BC9C21-E046-4704-BA2A-74EE7E452E4C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{0B57CE5C-8ED2-4594-807A-ABC39DAFC4FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\L.A.Noire\LANLauncher.exe (Take-Two Interactive Software, Inc. -> Rockstar Games)
FirewallRules: [{60A49E99-DAA0-4F97-8889-B55DF57FEB20}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\L.A.Noire\LANLauncher.exe (Take-Two Interactive Software, Inc. -> Rockstar Games)
FirewallRules: [{4F1A8E62-0F68-4C09-8467-1C33CE08D33A}] => (Allow) LPort=8501
FirewallRules: [{9116D63C-B761-4EE3-B0A1-AA117F619910}] => (Allow) LPort=8501
FirewallRules: [{7D98B9EF-9FF1-43CB-B3DB-CA605D851130}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.13530.20440.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F91A7E3F-AD08-4AD2-874A-8D42C4CB4404}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1D053EC3-BB23-4705-B7BC-CF8C6E9FDD12}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D5254277-0E32-4EC2-976C-44F2D80C7767}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{69D9D43F-7438-4C23-98A2-E3EA8E8B50B1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{40E81EFF-8DA8-448A-A217-C8AA60CE5403}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8AD2133B-045F-4B05-AD1B-299E8A7F6328}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3E963F4F-FC89-4CB1-A5F6-2179F493804A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{83C56827-30D5-4CC2-8C46-FBBADC2762FC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1FA222A8-05A0-4E4C-907F-CFFF01F8185B}] => (Allow) C:\Users\lucil\AppData\Roaming\RingCentralMeetings\bin\RingCentralMeetings.exe (RingCentral, Inc. -> RingCentral Video Communications, Inc. and RingCentral Inc.)
FirewallRules: [{087BD8F8-565E-4897-A25C-24664AAA2C67}] => (Allow) C:\Users\lucil\AppData\Roaming\RingCentralMeetings\bin\airhost.exe (RingCentral, Inc. -> RingCentral Video Communications, Inc. and RingCentral Inc.)
FirewallRules: [{512F3F11-026B-4628-BAAA-A549E3177B42}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.13628.20274.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AD456FC8-8A6C-4009-A227-0444BDC83778}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DB7BEEB2-8E05-4594-9AA5-C94EB5C6FD49}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{30443BBF-7AF4-46A2-856B-547AF9746AD7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6AA2803C-973C-40F6-8D6C-000EDA9AAFEF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{20936E79-C089-4BB4-8A6A-30BD8CB40841}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
 
==================== Restore Points =========================
 
22-01-2021 15:47:54 Scheduled Checkpoint
01-02-2021 10:28:22 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (02/05/2021 10:20:33 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15948,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (02/05/2021 09:22:10 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9072,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (02/05/2021 09:12:26 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15852,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (02/05/2021 08:38:05 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file  for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program WORD.EXE because of this error.
 
Program: WORD.EXE
File: 
 
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
 
Additional Data
Error value: C00000BE
Disk type: 0
 
Error: (02/05/2021 08:38:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WORD.EXE, version: 0.0.0.0, time stamp: 0x59b318cc
Faulting module name: WORD.EXE, version: 0.0.0.0, time stamp: 0x59b318cc
Exception code: 0xc0000006
Fault offset: 0x0000ad26
Faulting process id: 0x3004
Faulting application start time: 0x01d6fa75800fcc05
Faulting application path: \\DESKTOP-HC3NRH3\EZBIS\WORD.EXE
Faulting module path: \\DESKTOP-HC3NRH3\EZBIS\WORD.EXE
Report Id: e985597a-49e8-4609-b991-4bf125dd1b64
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (02/05/2021 08:31:55 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file  for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program EZTRANS.EXE because of this error.
 
Program: EZTRANS.EXE
File: 
 
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
 
Additional Data
Error value: C00000BE
Disk type: 0
 
Error: (02/05/2021 08:31:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: EZTRANS.EXE, version: 0.0.0.0, time stamp: 0x59b319e6
Faulting module name: OLEAUT32.dll, version: 10.0.18362.1110, time stamp: 0xf7cff508
Exception code: 0xc0000006
Fault offset: 0x000149c0
Faulting process id: 0x2d0
Faulting application start time: 0x01d6fa75377b5e47
Faulting application path: \\DESKTOP-HC3NRH3\EZBIS\EZTRANS.EXE
Faulting module path: C:\WINDOWS\System32\OLEAUT32.dll
Report Id: 2d96b5e9-fc2b-48d3-84c7-a8f6b3a992c0
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (02/05/2021 08:31:53 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file  for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program REPORT.EXE because of this error.
 
Program: REPORT.EXE
File: 
 
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
 
Additional Data
Error value: C00000BE
Disk type: 0
 
 
System errors:
=============
Error: (02/05/2021 09:06:00 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-SC4SBHDD)
Description: The server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
 
Error: (02/05/2021 08:20:26 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-SC4SBHDD)
Description: The server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
 
Error: (02/04/2021 12:27:03 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-SC4SBHDD)
Description: The server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
 
Error: (02/04/2021 08:36:56 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-SC4SBHDD)
Description: The server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
 
Error: (02/03/2021 01:24:41 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: ApplicationSet-CFQ7TTC0K56C-Microsoft.Office.Desktop.
 
Error: (02/03/2021 12:31:44 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-SC4SBHDD)
Description: The server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
 
Error: (02/03/2021 09:01:38 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-SC4SBHDD)
Description: The server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
 
Error: (02/02/2021 01:26:47 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-SC4SBHDD)
Description: The server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
 
 
Windows Defender:
===================================
Date: 2021-02-05 09:16:39.777
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {48952407-D0B1-46C7-BCFE-D63363B5A1B6}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2021-02-05 08:58:00.645
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {C84A850A-DEE3-4314-9281-43E2CB1FBD14}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2021-02-03 14:58:03.745
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {1CFC9842-0E12-4F4A-8388-CD45D9B297A1}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2021-02-01 09:26:52.025
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {A4E83C06-EAEC-4F57-9D87-569AA6A95400}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2021-01-28 15:32:27.714
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {1E986482-9489-4AFC-8F68-2BE39FA8DFE0}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2021-01-22 15:06:30.638
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.329.2585.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17700.4
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
 
Date: 2021-01-22 13:55:31.820
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.329.2585.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17700.4
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
 
Date: 2021-01-07 08:04:53.582
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.329.1817.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17700.4
Error code: 0x8050a003
Error description: This package does not contain up-to-date definition files for this program. For more information, see Help and Support. 
 
Date: 2021-01-07 08:04:53.581
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.329.1817.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17700.4
Error code: 0x8050a003
Error description: This package does not contain up-to-date definition files for this program. For more information, see Help and Support. 
 
Date: 2021-01-07 08:04:53.580
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.329.1817.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17700.4
Error code: 0x8050a003
Error description: This package does not contain up-to-date definition files for this program. For more information, see Help and Support. 
 
CodeIntegrity:
===================================
 
Date: 2020-10-27 14:00:09.557
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2020-10-27 14:00:09.548
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2020-10-27 14:00:07.125
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2020-10-27 14:00:07.084
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2020-10-27 14:00:07.049
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2020-10-27 14:00:07.039
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2020-10-27 14:00:03.933
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2020-10-27 14:00:03.695
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
 
==================== Memory info =========================== 
 
BIOS: LENOVO ARCN35WW 10/13/2020
Motherboard: LENOVO LNVNB161216
Processor: AMD Ryzen 5 3500U with Radeon Vega Mobile Gfx 
Percentage of memory in use: 93%
Total physical RAM: 6020.26 MB
Available physical RAM: 420.71 MB
Total Virtual: 13188.26 MB
Available Virtual: 4207.18 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:930.27 GB) (Free:856.68 GB) NTFS
 
\\?\Volume{d840036f-c4da-407b-9d04-5c1e7a4a4d63}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.54 GB) NTFS
\\?\Volume{9e8cc00d-177e-43c3-87c1-ac9d2aea6ec4}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 8E5AAAE3)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

  • 0

#4
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,422 posts

Highlight the entire content of the quote box below.
 

Start::
CloseProcesses: 
FirewallRules: [{8FAFE472-5931-41CB-977F-2DB75E722083}] => (Allow) LPort=3306 
FirewallRules: [{3C3220C4-735D-48A4-A05D-53931E80F313}] => (Allow) LPort=443 
FirewallRules: [{75929029-3A75-4E17-9FE7-51DF8DFF0E07}] => (Allow) LPort=21 
FirewallRules: [{5D8404C6-3ECA-4511-8500-A10EAD6310A2}] => (Allow) LPort=20 
FirewallRules: [{4F1A8E62-0F68-4C09-8467-1C33CE08D33A}] => (Allow) LPort=8501 
FirewallRules: [{9116D63C-B761-4EE3-B0A1-AA117F619910}] => (Allow) LPort=8501 
FirewallRules: [{4E449D0D-1CF5-4E1A-B292-241F74621AE4}] => (Allow) \\DESKTOP-HC3NRH3\EZBIS\Setup\..\IUpdate.exe => No File 
FirewallRules: [{7DC3AB2A-6161-41A3-B694-691F3398CB88}] => (Allow) \\DESKTOP-HC3NRH3\EZBIS\Setup\..\Front.exe => No File 
FirewallRules: [{3AC1031B-DE69-4FBC-BC79-9C9F02A15C8A}] => (Allow) \\DESKTOP-HC3NRH3\EZBIS\Setup\..\Filing.exe => No File 
FirewallRules: [{FD294432-3B7A-4872-808C-87698EBF7F52}] => (Allow) \\DESKTOP-HC3NRH3\EZBIS\Setup\..\EZTrans.exe => No File 
FirewallRules: [{8325A831-8E24-4B08-9A7C-801C7DDB4AE2}] => (Allow) \\DESKTOP-HC3NRH3\EZBIS\Setup\..\Delivery.exe => No File 
FirewallRules: [{1009969F-C579-49C7-85C1-142736521EA5}] => (Allow) \\DESKTOP-HC3NRH3\EZBIS\Setup\..\Check.exe => No File 
FirewallRules: [{086C2CC4-8D1C-4D17-ADE1-ACF8094B7958}] => (Allow) \\DESKTOP-HC3NRH3\EZBIS\Setup\..\ApptRem.exe => No File 
FirewallRules: [{6CC1BD00-CB99-462C-90EA-4BA89CF6A936}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16040.10730.20103.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe => No File 
CMD: SFC /ScanNow
EMPTYTEMP: 
End::

  • Right click on the highlighted text and select Copy.
  • Start FRST (FRST64) with Administrator privileges
  • Press the Fix button. FRST will process the lines copied above from the clipboard.
  • When finished, a log file (Fixlog.txt) will pop up and saved in the same location the tool was ran from.
  • Please copy and paste its contents in your next reply.
     
    Download AdwCleaner and save it to your desktop.
     
  • Double click AdwCleaner.exe to run it.
  • Click Scan Now ...
  • When the scan has finished a Scan Results window will open.
  • Click Cancel (at this point do not attempt to Quarantine anything that is found)
  • Now click the Log Files tab ...
  • Double click on the latest scan log (Scan logs have a [S0*] suffix, where * is replaced by a number, the latest scan will have the largest number)
  • A Notepad file will open containing the results of the scan.
  • Please post the contents of the file in your next reply.

  • 0

#5
lucille123

lucille123

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 100 posts

Here's the Fixlog.  I didn't see in the directions to paste the lines you wanted copied into the search box in FRST.  I just simply pressed Fix, not really sure if it could just check what was copied onto the clipboard.  Just let me know if I need to redo it with pasting it in.  I'm so grateful you're helping me.  I'll post the next step in just a moment.

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 04-02-2021
Ran by lucil (06-02-2021 09:29:02) Run:1
Running from C:\Users\lucil\Downloads
Loaded Profiles: lucil
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CloseProcesses: 
FirewallRules: [{8FAFE472-5931-41CB-977F-2DB75E722083}] => (Allow) LPort=3306 
FirewallRules: [{3C3220C4-735D-48A4-A05D-53931E80F313}] => (Allow) LPort=443 
FirewallRules: [{75929029-3A75-4E17-9FE7-51DF8DFF0E07}] => (Allow) LPort=21 
FirewallRules: [{5D8404C6-3ECA-4511-8500-A10EAD6310A2}] => (Allow) LPort=20 
FirewallRules: [{4F1A8E62-0F68-4C09-8467-1C33CE08D33A}] => (Allow) LPort=8501 
FirewallRules: [{9116D63C-B761-4EE3-B0A1-AA117F619910}] => (Allow) LPort=8501 
FirewallRules: [{4E449D0D-1CF5-4E1A-B292-241F74621AE4}] => (Allow) \\DESKTOP-HC3NRH3\EZBIS\Setup\..\IUpdate.exe => No File 
FirewallRules: [{7DC3AB2A-6161-41A3-B694-691F3398CB88}] => (Allow) \\DESKTOP-HC3NRH3\EZBIS\Setup\..\Front.exe => No File 
FirewallRules: [{3AC1031B-DE69-4FBC-BC79-9C9F02A15C8A}] => (Allow) \\DESKTOP-HC3NRH3\EZBIS\Setup\..\Filing.exe => No File 
FirewallRules: [{FD294432-3B7A-4872-808C-87698EBF7F52}] => (Allow) \\DESKTOP-HC3NRH3\EZBIS\Setup\..\EZTrans.exe => No File 
FirewallRules: [{8325A831-8E24-4B08-9A7C-801C7DDB4AE2}] => (Allow) \\DESKTOP-HC3NRH3\EZBIS\Setup\..\Delivery.exe => No File 
FirewallRules: [{1009969F-C579-49C7-85C1-142736521EA5}] => (Allow) \\DESKTOP-HC3NRH3\EZBIS\Setup\..\Check.exe => No File 
FirewallRules: [{086C2CC4-8D1C-4D17-ADE1-ACF8094B7958}] => (Allow) \\DESKTOP-HC3NRH3\EZBIS\Setup\..\ApptRem.exe => No File 
FirewallRules: [{6CC1BD00-CB99-462C-90EA-4BA89CF6A936}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16040.10730.20103.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe => No File 
CMD: SFC /ScanNow
EMPTYTEMP: 
 
*****************
 
Processes closed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8FAFE472-5931-41CB-977F-2DB75E722083}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3C3220C4-735D-48A4-A05D-53931E80F313}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{75929029-3A75-4E17-9FE7-51DF8DFF0E07}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5D8404C6-3ECA-4511-8500-A10EAD6310A2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4F1A8E62-0F68-4C09-8467-1C33CE08D33A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9116D63C-B761-4EE3-B0A1-AA117F619910}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4E449D0D-1CF5-4E1A-B292-241F74621AE4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7DC3AB2A-6161-41A3-B694-691F3398CB88}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3AC1031B-DE69-4FBC-BC79-9C9F02A15C8A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FD294432-3B7A-4872-808C-87698EBF7F52}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8325A831-8E24-4B08-9A7C-801C7DDB4AE2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1009969F-C579-49C7-85C1-142736521EA5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{086C2CC4-8D1C-4D17-ADE1-ACF8094B7958}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6CC1BD00-CB99-462C-90EA-4BA89CF6A936}" => removed successfully
 
========= SFC /ScanNow =========
 
 
 
Beginning system scan.  This process will take some time.
 
 
 
Beginning verification phase of system scan.
 
 
Verification 0% complete.
Verification 1% complete.
Verification 1% complete.
Verification 2% complete.
Verification 3% complete.
Verification 3% complete.
Verification 4% complete.
Verification 4% complete.
Verification 5% complete.
Verification 6% complete.
Verification 6% complete.
Verification 7% complete.
Verification 8% complete.
Verification 8% complete.
Verification 9% complete.
Verification 9% complete.
Verification 10% complete.
Verification 11% complete.
Verification 11% complete.
Verification 12% complete.
Verification 13% complete.
Verification 13% complete.
Verification 14% complete.
Verification 14% complete.
Verification 15% complete.
Verification 16% complete.
Verification 16% complete.
Verification 17% complete.
Verification 18% complete.
Verification 18% complete.
Verification 19% complete.
Verification 19% complete.
Verification 20% complete.
Verification 21% complete.
Verification 21% complete.
Verification 22% complete.
Verification 23% complete.
Verification 23% complete.
Verification 24% complete.
Verification 24% complete.
Verification 25% complete.
Verification 26% complete.
Verification 26% complete.
Verification 27% complete.
Verification 28% complete.
Verification 28% complete.
Verification 29% complete.
Verification 29% complete.
Verification 30% complete.
Verification 31% complete.
Verification 31% complete.
Verification 32% complete.
Verification 33% complete.
Verification 33% complete.
Verification 34% complete.
Verification 34% complete.
Verification 35% complete.
Verification 36% complete.
Verification 36% complete.
Verification 37% complete.
Verification 38% complete.
Verification 38% complete.
Verification 39% complete.
Verification 39% complete.
Verification 40% complete.
Verification 41% complete.
Verification 41% complete.
Verification 42% complete.
Verification 43% complete.
Verification 43% complete.
Verification 44% complete.
Verification 44% complete.
Verification 45% complete.
Verification 46% complete.
Verification 46% complete.
Verification 47% complete.
Verification 48% complete.
Verification 48% complete.
Verification 49% complete.
Verification 49% complete.
Verification 50% complete.
Verification 51% complete.
Verification 51% complete.
Verification 52% complete.
Verification 53% complete.
Verification 53% complete.
Verification 54% complete.
Verification 54% complete.
Verification 55% complete.
Verification 56% complete.
Verification 56% complete.
Verification 57% complete.
Verification 57% complete.
Verification 58% complete.
Verification 59% complete.
Verification 59% complete.
Verification 60% complete.
Verification 61% complete.
Verification 61% complete.
Verification 62% complete.
Verification 62% complete.
Verification 63% complete.
Verification 64% complete.
Verification 64% complete.
Verification 65% complete.
Verification 66% complete.
Verification 66% complete.
Verification 67% complete.
Verification 67% complete.
Verification 68% complete.
Verification 69% complete.
Verification 69% complete.
Verification 70% complete.
Verification 71% complete.
Verification 71% complete.
Verification 72% complete.
Verification 72% complete.
Verification 73% complete.
Verification 74% complete.
Verification 74% complete.
Verification 75% complete.
Verification 76% complete.
Verification 76% complete.
Verification 77% complete.
Verification 77% complete.
Verification 78% complete.
Verification 79% complete.
Verification 79% complete.
Verification 80% complete.
Verification 81% complete.
Verification 81% complete.
Verification 82% complete.
Verification 82% complete.
Verification 83% complete.
Verification 84% complete.
Verification 84% complete.
Verification 85% complete.
Verification 86% complete.
Verification 86% complete.
Verification 87% complete.
Verification 87% complete.
Verification 88% complete.
Verification 89% complete.
Verification 89% complete.
Verification 90% complete.
Verification 91% complete.
Verification 91% complete.
Verification 92% complete.
Verification 92% complete.
Verification 93% complete.
Verification 94% complete.
Verification 94% complete.
Verification 95% complete.
Verification 96% complete.
Verification 96% complete.
Verification 97% complete.
Verification 97% complete.
Verification 98% complete.
Verification 99% complete.
Verification 99% complete.
Verification 100% complete.
 
 
Windows Resource Protection did not find any integrity violations.
 
 
========= End of CMD: =========
 
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 29922706 B
Java, Flash, Steam htmlcache => 50288694 B
Windows/system/drivers => 2785058 B
Edge => 1479173 B
Chrome => 733532008 B
Firefox => 0 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 605124529 B
systemprofile32 => 605124529 B
LocalService => 605124529 B
NetworkService => 605863079 B
lucil => 640396249 B
 
RecycleBin => 1330727403 B
EmptyTemp: => 4.9 GB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 

==== End of Fixlog 09:46:42 ====  


  • 0

#6
lucille123

lucille123

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 100 posts
# -------------------------------
# Malwarebytes AdwCleaner 8.0.9.1
# -------------------------------
# Build:    01-20-2021
# Database: 2021-01-26.1 (Cloud)
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    02-06-2021
# Duration: 00:00:28
# OS:       Windows 10 Home
# Scanned:  31956
# Detected: 6
 
 
***** [ Services ] *****
 
No malicious services found.
 
***** [ Folders ] *****
 
PUP.Optional.Amigo              C:\Users\lucil\Desktop\Amigo
 
***** [ Files ] *****
 
No malicious files found.
 
***** [ DLL ] *****
 
No malicious DLLs found.
 
***** [ WMI ] *****
 
No malicious WMI found.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts found.
 
***** [ Tasks ] *****
 
No malicious tasks found.
 
***** [ Registry ] *****
 
No malicious registry entries found.
 
***** [ Chromium (and derivatives) ] *****
 
No malicious Chromium entries found.
 
***** [ Chromium URLs ] *****
 
No malicious Chromium URLs found.
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries found.
 
***** [ Firefox URLs ] *****
 
No malicious Firefox URLs found.
 
***** [ Hosts File Entries ] *****
 
No malicious hosts file entries found.
 
***** [ Preinstalled Software ] *****
 
Preinstalled.LenovoIMController   Folder   C:\ProgramData\LENOVO\IMCONTROLLER 
Preinstalled.LenovoIMController   Folder   C:\Users\lucil\AppData\Local\LENOVO\IMCONTROLLER 
Preinstalled.LenovoIMController   Folder   C:\Windows\LENOVO\IMCONTROLLER 
Preinstalled.LenovoIMController   Folder   C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER 
Preinstalled.LenovoIMController   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1 
 
 
 
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

  • 0

#7
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,422 posts

The Computer seems to be clean. No malware seems to be found, and the integrity of Windows Protected files is in place.

 

Is Explorer still crashing?


  • 0

#8
lucille123

lucille123

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 100 posts

It still hangs up when I double click on a Microsoft Word file.  It says the not responding message at the top. Okay, I can now see I can open photos, PDF's, and notepad files.  It's a problem with Microsoft word files.  Thank you so much for taking the time to help me.


  • 0

#9
lucille123

lucille123

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 100 posts

It still hangs up when I double click on a Microsoft Word file.  It says the not responding message at the top. Okay, I can now see I can open photos, PDF's, and notepad files.  It's a problem with Microsoft word files.  Thank you so much for taking the time to help me.


  • 0

#10
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,422 posts

I don't see Microsoft Office installed in the computer. What version are you running?


  • 0

Advertisements


#11
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,422 posts

If you have an older version, you may need to repair Microsoft Word. For example:

 

Open Word, Click on the Orb, then on Word Options -> Resources ->. Diagnose Word.


  • 0

#12
lucille123

lucille123

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 100 posts

The version I have is 18.2008.12711.0 for office.  I'm going to see if I can open excel files as well.  I'll open word and the orb in just a moment.


  • 0

#13
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,422 posts
Keep me posted.
  • 0

#14
lucille123

lucille123

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 100 posts

Lol, shoot, I think I am having problems locating Word Diagnose.  When I pull up the options menu from the Word screen I can't see where to diagnose.  The menu is General, Display, Proofing, Save, Language, Ease of Access, Advanced, Customize Ribbon, Quick Access Toolbar, Add ins, and Trust Center.  I have tried to find it through google, but for some reason, I'm not figuring it out.


  • 0

#15
lucille123

lucille123

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 100 posts

Lol, shoot, I think I am having problems locating Word Diagnose.  When I pull up the options menu from the Word screen I can't see where to diagnose.  The menu is General, Display, Proofing, Save, Language, Ease of Access, Advanced, Customize Ribbon, Quick Access Toolbar, Add ins, and Trust Center.  I have tried to find it through google, but for some reason, I'm not figuring it out. I can see there's a tool to diagnose Office online for download.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP