For the last few years I have been having strange things happen on my computer. I believe someone might have put monitoring software on my computer back in the beginning of 2017. When I come in sometimes my computer will be signed out or shut down completely. My desktop will change at times. I can no longer access my event files on some things. I am not sure if Adobe software is able to backup but there was a time when I didn't have access to my files. I contacted Adobe and the sign-in didn't belong to me but someone else had paid for a pro subscription for my email. They released it but wouldn't tell me who had paid for it. I am hoping someone can verify if my files are somehow being backed up.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-05-2021
Ran by Renee (administrator) on RENEE-DELL (Dell Inc. OptiPlex 3040) (13-05-2021 14:02:46)
Running from C:\Users\renee\Desktop
Loaded Profiles: VeriatoService & Renee & SQLTELEMETRY$VERIATO360
Platform: Windows 10 Pro Version 2004 19041.928 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(A. & M. Neuber Software -> Neuber Software - www.neuber.com) C:\Program Files (x86)\Security Task Manager\SpyProtector.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Binary Fortress Software Ltd -> Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
(ConnectWise, LLC -> ) C:\Program Files (x86)\ScreenConnect Client (15747732edbf6a63)\ScreenConnect.ClientService.exe
(ConnectWise, LLC -> ScreenConnect Software) C:\Program Files (x86)\ScreenConnect Client (15747732edbf6a63)\ScreenConnect.WindowsClient.exe
(CONTINUUM MANAGED SERVICES, LLC -> ) C:\Program Files (x86)\ITSPlatform\agentcore\platform-agent-core.exe
(CONTINUUM MANAGED SERVICES, LLC -> ) C:\Program Files (x86)\ITSPlatform\agentmanager\platform-agent-manager.exe
(CONTINUUM MANAGED SERVICES, LLC -> ) C:\Program Files (x86)\ITSPlatform\plugin\eventlog\platform-eventlog-plugin.exe
(CONTINUUM MANAGED SERVICES, LLC -> ) C:\Program Files (x86)\ITSPlatform\plugin\sysevents\platform-sysevents-plugin.exe
(CONTINUUM MANAGED SERVICES, LLC -> Continuum Managed Service LLC.) C:\Program Files (x86)\SAAZOD\SAAZScheduler.exe
(CONTINUUM MANAGED SERVICES, LLC -> Continuum Managed Services LLC.) C:\Program Files (x86)\SAAZOD\SAAZDPMACTL.exe
(CONTINUUM MANAGED SERVICES, LLC -> Continuum Managed Services LLC.) C:\Program Files (x86)\SAAZOD\SAAZServerPlus.exe
(CONTINUUM MANAGED SERVICES, LLC -> Continuum Managed Services LLC.) C:\Program Files (x86)\SAAZOD\SAAZWatchDog.exe
(CONTINUUM MANAGED SERVICES, LLC -> Continuum Managed Services LLC.) C:\Program Files (x86)\SAAZOD\zRealTime\SAAZappr.exe
(Continuum Managed Solutions Pvt. Ltd. -> Continuum Managed Services LLC.) C:\Program Files (x86)\SAAZOD\zRealTime\rtHlpDk.exe
(Dassault Systemes SolidWorks Corp. -> Dassault Systèmes) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe
(Dell Inc. -> Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(FLEXquarters.com Limited -> FLEXquarters.com Limited) C:\Program Files (x86)\QODBC Driver for QuickBooks\QRemote\Server\QRemoteServer.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5f0421f78ff0cab8\igfxCUIService.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5f0421f78ff0cab8\igfxEM.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5f0421f78ff0cab8\IntelCpHDCPSvc.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5f0421f78ff0cab8\IntelCpHeciSvc.exe
(Intuit Inc.) [File not signed] C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
(Intuit, Inc. -> ) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBWebConnector3.0\Intuit.QBDT.Webconnector.Application.exe
(Intuit, Inc. -> ) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBWebConnector3.0\Intuit.QBDT.Webconnector.QBWCMonitor.exe
(Intuit, Inc. -> Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Intuit, Inc. -> Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBWebConnector\QBWebConnector.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\ramaint.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Users\renee\AppData\Local\Microsoft\OffCAT\OffCAT_RTS.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL13.VERIATO360\MSSQL\Binn\sqlceip.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL13.VERIATO360\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SurfaceWirelessDisplayAdapter_4.227.139.0_x64__8wekyb3d8bbwe\Desktop\WDADesktopService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wksprt.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wscript.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe <2>
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Techporch Incorporated -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Techporch Incorporated -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Veriato, Inc.) [File not signed] C:\Program Files\Veriato\Deployment Manager\Veriato360.Deployment.Manager.exe
(Veriato, Inc.) [File not signed] C:\Program Files\Veriato\Deployment\Veriato360.Deployment.Dispatcher.exe
(Veriato, Inc.) [File not signed] C:\Program Files\Veriato\ExchangeRecorder\ExchangeRecorder.exe
(Veriato, Inc.) [File not signed] C:\Program Files\Veriato\Notification Services\Veriato360.Notification.Services.exe
(Veriato, Inc.) [File not signed] C:\Program Files\Veriato\Scheduler\Veriato360.Scheduling.SchedulerService.exe
(Veriato, Inc.) [File not signed] C:\Program Files\Veriato\Service\Veriato360.Windows.Services.exe
(Veriato, Inc.) [File not signed] C:\Program Files\Veriato\SignalR\SignalRService.exe
(Veriato, Inc.) [File not signed] C:\Program Files\Veriato\WebUIDataService\WebUIDataServiceHost.exe
(Webroot Inc. -> Webroot) C:\Program Files (x86)\Webroot\WRSA.exe <2>
(Webroot Inc. -> Webroot, Inc.) C:\Program Files\Webroot\Core\WRCoreService.x64.exe
(Webroot Inc. -> Webroot, Inc.) C:\Program Files\Webroot\Core\WRSkyClient.x64.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
Failed to access process -> explorer.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [322120 2016-04-29] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [456904 2021-03-29] (LogMeIn, Inc. -> LogMeIn, Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9230296 2019-03-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489400 2019-03-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489400 2019-03-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [723928 2017-01-26] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2084920 2019-09-27] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [WRSVC] => C:\Program Files (x86)\Webroot\WRSA.exe [4918152 2020-12-09] (Webroot Inc. -> Webroot)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [8172264 2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5237416 2021-03-05] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [WDDiscovery] => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe [81376496 2019-10-26] (Western Digital Technologies, Inc. -> Western Digital Corporation)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [2311840 2019-06-26] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [24720 2019-06-27] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1319208 2019-05-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Spy Protector] => C:\Program Files (x86)\Security Task Manager\SpyProtector.exe [145280 2018-10-19] (A. & M. Neuber Software -> Neuber Software - www.neuber.com)
HKLM-x32\...\Run: [QRemoteServer] => C:\Program Files (x86)\QODBC Driver for QuickBooks\QRemote\Server\QRemoteServer.exe [1412120 2021-01-18] (FLEXquarters.com Limited -> FLEXquarters.com Limited)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [109324536 2021-03-12] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\Run: [OffCAT] => C:\Users\renee\AppData\Local\Microsoft\OffCAT\OffCAT_RTS.exe [365440 2016-08-01] (Microsoft Corporation -> Microsoft Corp.)
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\Run: [com.squirrel.Teams.Teams] => C:\Users\renee\AppData\Local\Microsoft\Teams\Update.exe [1780096 2019-04-05] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\Run: [DisplayFusion] => C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [12684224 2020-12-28] (Binary Fortress Software Ltd -> Binary Fortress Software)
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\Run: [EPSDNMON] => ""
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5536424 2021-03-05] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\Run: [Zoom] => [X]
HKLM\...\Windows x64\Print Processors\DELG1PC: C:\Windows\System32\spool\prtprocs\x64\DELG1pc.dll [33792 2008-08-25] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Server 2003 DDK provider)
HKLM\...\Windows x64\Print Processors\dellopd: C:\Windows\System32\spool\prtprocs\x64\dellopd.ppr.dll [202512 2019-03-21] (Dell Inc. -> DELL)
HKLM\...\Windows x64\Print Processors\LogMeIn Print Processor: C:\Windows\System32\spool\prtprocs\x64\LMIproc.dll [60416 2016-01-29] (LogMeIn, Inc. -> LogMeIn, Inc.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65496 2020-10-22] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\C287SeriesPCL Language Monitor: C:\WINDOWS\system32\KOAXWJ_L.DLL [25568 2017-11-14] (Microsoft Windows Hardware Compatibility Publisher -> KONICA MINOLTA, INC.)
HKLM\...\Print\Monitors\DELG1 Langmon: C:\WINDOWS\system32\DELG1L6.DLL [27648 2008-08-25] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\LogMeIn Printer Port Monitor: C:\WINDOWS\system32\LMIport.dll [35328 2016-01-29] (LogMeIn, Inc. -> LogMeIn, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-11] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{5de81d42-ce2b-4a7e-b1b7-1312fa11c82b}] -> C:\WINDOWS\system32\GoToAssistUnlock64.dll [2020-12-28] (LogMeIn, Inc. -> )
HKLM\Software\...\Authentication\Credential Providers: [{65CD7F9B-E8F3-4bb0-82EB-6F6875B745DF}] -> C:\WINDOWS\system32\LMIinit.dll [2021-03-29] (LogMeIn, Inc. -> LogMeIn, Inc.)
HKLM\Software\...\Winlogon\GPExtensions: [{6490DB9D-2802-4956-BCCB-EC84EA0887BB}] -> C:\Program Files\Windows Small Business Server\Bin\SBSCSE.dll [2010-11-08] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{D7300225-081C-4CED-9FAD-BFCF9EC3D1D3}] -> C:\Program Files\Windows Small Business Server\Bin\SBSCSE.dll [2010-11-08] (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk [2021-01-12]
ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit, Inc. -> Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2021-01-12]
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit, Inc. -> Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Web Connector.lnk [2021-01-12]
ShortcutTarget: QuickBooks Web Connector.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBWebConnector\QBWebConnector.exe (Intuit, Inc. -> Intuit)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk [2021-01-12]
ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 21.0\QBW32.EXE (Intuit, Inc. -> Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2017 Fast Start.lnk [2019-10-30]
ShortcutTarget: SOLIDWORKS 2017 Fast Start.lnk -> C:\Windows\Installer\{BB965FD0-077F-4CA4-BFD1-39FFEFF15770}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS Background Downloader.lnk [2019-10-29]
ShortcutTarget: SOLIDWORKS Background Downloader.lnk -> C:\Program Files (x86)\Common Files\SOLIDWORKS Installation Manager\BackgroundDownloading\sldBgDwld.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corp.)
Startup: C:\Users\renee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Cricut Taskbar Application.lnk [2019-12-13]
ShortcutTarget: Cricut Taskbar Application.lnk -> C:\Users\renee\AppData\Roaming\Cricut Design Space\Web\taskbar-application-win32\Release\CricutTaskbarApplication.exe (Provo Craft & Novelty, Inc. -> Cricut, Inc.)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {15B19E85-1801-4D6B-9583-53682627A21A} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\
[email protected]\Start Workspace Runtime at logon => {4F1DFCA6-3AAD-48E1-8406-4BC21A501D7C} C:\WINDOWS\system32\wksprt.exe [450048 2021-04-19] (Microsoft Windows -> Microsoft Corporation)
Task: {1D926214-ACDB-4452-A6A4-F52F77752416} - System32\Tasks\Dell Cleanup => c:\windows\system32\oem\startmenufix.vbs [1595 2016-09-14] () [File not signed]
Task: {39956F82-1DF1-4A28-BD0B-ED98904C05E5} - System32\Tasks\G2MUploadTask-S-1-5-21-3262525730-2997792904-2310648795-1158 => C:\Users\renee\AppData\Local\GoToMeeting\19598\g2mupload.exe [31320 2021-04-11] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {416749ED-BFA1-45FB-8529-59093616CDA3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-26] (Adobe Inc. -> Adobe Inc.)
Task: {44C87797-69B0-4F3D-A92D-8506EFC3FBE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-29] (Google Inc -> Google Inc.)
Task: {4C3212A7-F25F-4020-AE1E-99DCD3EAC401} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1154008 2016-09-13] (Dell Inc. -> PC-Doctor, Inc.)
Task: {51871BD7-336A-4E74-901C-82B36C58B3C9} - System32\Tasks\WD Device Agent Task renee => C:\Users\renee\AppData\Roaming\WD Discovery\plugins\com.wdc.plugin.catalog\current\library\WD Device Agent.exe [720432 2019-09-26] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
Task: {6224818E-ED48-4DE8-BFA2-01DB78D11CB9} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-12-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {62735B0B-529C-486D-857C-A5916929A368} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202} => C:\WINDOWS\system32\gpupdate.exe [30720 2021-04-19] (Microsoft Windows -> Microsoft Corporation)
Task: {657E4C83-D8E1-47CA-8654-60AA343E2B5A} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489400 2019-03-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {66B7BB76-D486-410E-9F6D-BF6CAC039522} - System32\Tasks\QBScheduledReport => C:\Program Files (x86)\Common Files\Intuit\QuickBooks\ScheduledReports\ScheduledReports.Scheduler.exe [382792 2021-04-10] (Intuit, Inc. -> Intuit Inc.)
"C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot" could not be unlocked. <==== ATTENTION
Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot
Task: {74D6F9D5-864B-4F72-9A4D-9F9C110EED1D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145792 2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {788EA99C-EE1C-4587-906E-CF5A18A91E63} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} => C:\WINDOWS\system32\gpupdate.exe [30720 2021-04-19] (Microsoft Windows -> Microsoft Corporation)
Task: {7C37926F-1066-4449-B06F-37771F527516} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {7DF4434F-88F1-4AEC-A8A0-CC1A3B9595DD} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {8483C8F9-463E-4EB9-ADB6-BABAE6494532} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-12-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {8A84A87D-9AC1-446D-BF52-554B88ED1CC9} - System32\Tasks\WD Discovery Service Task renee => C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe [75504 2019-10-26] (Western Digital Technologies, Inc. -> )
Task: {8B4E0E71-581D-4B6C-9B22-1A97AE46DC75} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\
[email protected]\Update connections => %SYSTEMROOT%\System32\RUNDLL32 tsworkspace,TaskUpdateWorkspaces2
Task: {8DBE5E22-ACA7-4B71-8FBE-2A23FFE515F9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764936 2021-04-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {8E1DE0A6-6A49-4826-83AD-F0F318D9E038} - System32\Tasks\PlasmaCAM-VM-Renee => C:\Program Files (x86)\PlasmaCAM\Video Manual\Vhelp.exe [659456 2019-03-06] () [File not signed]
Task: {A2968C3A-D933-4BD1-BB70-CB3F60B76E51} - System32\Tasks\WD Device Agent Task jenny => C:\Users\Jenny\AppData\Roaming\WD Discovery\plugins\com.wdc.plugin.catalog\current\library\WD Device Agent.exe
Task: {A37EAF6B-71DA-4768-99D3-1D1DED0A3601} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [436696 2016-09-13] (Dell Inc. -> PC-Doctor, Inc.)
Task: {ABFDB7DF-2AD8-4CF0-91C6-2917E81BBCD4} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\Explorer.EXE /NOUACCHECK
Task: {AFD6BB01-8980-4BB7-AE89-81C85F673D87} - System32\Tasks\G2MUpdateTask-S-1-5-21-3262525730-2997792904-2310648795-1158 => C:\Users\renee\AppData\Local\GoToMeeting\19598\g2mupdate.exe [31320 2021-04-11] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {BF705969-9A18-4F4A-B19A-CBBA315E6DCC} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\
[email protected]\Report update status => %SYSTEMROOT%\System32\RUNDLL32 tsworkspace,WorkspaceStatusNotify2
Task: {C68E60DF-54F3-4C4F-9342-B26B74E13275} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-29] (Google Inc -> Google Inc.)
Task: {C8822FC4-3B77-4A18-A7AD-1E04B3B76D07} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3499888 2019-03-11] (Easeware Technology Limited -> Easeware)
Task: {D1824BC0-DEB4-4DA5-AA93-CDE2BF71F76C} - System32\Tasks\PCDDataUploadTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1154008 2016-09-13] (Dell Inc. -> PC-Doctor, Inc.)
Task: {DB41133B-BDF7-40E2-A413-AC5128EB8671} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1154008 2016-09-13] (Dell Inc. -> PC-Doctor, Inc.)
Task: {DC8E9933-A33E-4541-9702-54ED7630B34F} - System32\Tasks\EPSON ES-50 Update => C:\Program Files (x86)\epson\Epson Scan 2\Update\e_dtsksd.exe [690176 2019-01-21] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {EEA3C3B3-02DA-4DAF-A5AE-0DEAB32DE94D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145792 2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {F9715B59-7832-461D-A1CE-CC7E1C0066D3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764936 2021-04-02] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\EPSON ES-50 Update.job => C:\Program Files (x86)\epson\Epson Scan 2\Update\e_dtsksd.exe./EXE_S:EPSON ES-50,ES017E.DAT /F:UpdateIMFINC\reneeĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3262525730-2997792904-2310648795-1158.job => C:\Users\renee\AppData\Local\GoToMeeting\19598\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3262525730-2997792904-2310648795-1158.job => C:\Users\renee\AppData\Local\GoToMeeting\19598\g2mupload.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.16.10
Tcpip\..\Interfaces\{e0559567-d1ac-45fc-ad7a-7f58dd15c45c}: [DhcpNameServer] 192.168.16.10
Edge:
=======
DownloadDir: C:\Users\renee\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\renee\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-13]
Edge Extension: (Web Threat Shield) - C:\Users\renee\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fmkaflbamgddpjacdmjlkhbnpnlemaea [2021-04-26]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: 3ds.com/ComposerPlayerWebPlugin_x86_64 -> C:\PROGRA~1\SOLIDW~1\SOLIDW~3\Bin\NPCOMP~1.DLL [2017-08-11] (Dassault Systemes SE -> Dassault Systemes)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: 3ds.com/ComposerPlayerWebPlugin -> C:\PROGRA~1\SOLIDW~1\SOLIDW~3\Bin\x86\NPCOMP~1.DLL [2017-08-11] (Dassault Systemes SE -> Dassault Systemes)
FF Plugin-x32: @glance.net/GlanceClient -> C:\Program Files (x86)\GlanceGuest\npglance.dll [2018-06-23] (Glance Networks Inc -> Glance Networks, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-25] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-25] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-03-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-05-13]
CHR Extension: (Slides) - C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-04]
CHR Extension: (Docs) - C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-04]
CHR Extension: (Google Drive) - C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-28]
CHR Extension: (YouTube) - C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-04]
CHR Extension: (Sheets) - C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-04]
CHR Extension: (Google Docs Offline) - C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-26]
CHR Extension: (Gmail) - C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-28]
CHR Extension: (Chrome Media Router) - C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-16]
CHR Profile: C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 2 [2021-02-18]
CHR Extension: (Slides) - C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-13]
CHR Extension: (Docs) - C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-13]
CHR Extension: (Google Drive) - C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-28]
CHR Extension: (YouTube) - C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-13]
CHR Extension: (Adobe Acrobat) - C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-01-28]
CHR Extension: (Sheets) - C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-13]
CHR Extension: (Google Docs Offline) - C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-01-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-13]
CHR Extension: (Gmail) - C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-28]
CHR Extension: (Chrome Media Router) - C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-28]
CHR Profile: C:\Users\renee\AppData\Local\Google\Chrome\User Data\System Profile [2021-03-30]
CHR HKLM\...\Chrome\Extension: [gemcaenpcldkhfkohjjkfgfopgghpkng]
CHR HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gemcaenpcldkhfkohjjkfgfopgghpkng]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [kjeghcllfecehndceplomkocgfbklffd]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-26] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [823352 2019-09-27] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 BootstrapService; C:\WINDOWS\InstallerService.exe [1449472 2020-11-25] () [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8854920 2021-04-01] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-12-28] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-12-28] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44272 2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
S4 dcu-oobe; C:\Program Files (x86)\Dell\CommandUpdate\OobeService.exe [84408 2016-06-07] (Dell Inc. -> Dell Inc.)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-10-13] (Techporch Incorporated -> Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2016-10-13] (Techporch Incorporated -> Dell Inc.)
R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [10570704 2020-12-28] (Binary Fortress Software Ltd -> Binary Fortress Software)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [206304 2020-05-19] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S3 impi_hydra; C:\Program Files\Common Files\SolidWorks Shared\Simulation Worker Agent\hydra_service.exe [880296 2017-08-11] (Intel® Software Development Products -> Intel Corporation)
R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 ITSPlatform; C:\Program Files (x86)\ITSPlatform\agentcore\platform-agent-core.exe [13882256 2021-04-26] (CONTINUUM MANAGED SERVICES, LLC -> )
R2 ITSPlatformManager; C:\Program Files (x86)\ITSPlatform\agentmanager\platform-agent-manager.exe [8839048 2020-09-21] (CONTINUUM MANAGED SERVICES, LLC -> )
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [420048 2021-03-29] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [583888 2021-03-29] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2015-06-15] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-11] (Malwarebytes Inc -> Malwarebytes)
R2 MSSQL$VERIATO360; C:\Program Files\Microsoft SQL Server\MSSQL13.VERIATO360\MSSQL\Binn\sqlservr.exe [392384 2017-07-06] (Microsoft Corporation -> Microsoft Corporation)
S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [65536 2020-12-06] (Intuit Inc.) [File not signed]
R2 QBVSS; C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [1537536 2020-12-06] (Intuit Inc.) [File not signed]
R2 QBWCMonitor; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBWebConnector3.0\Intuit.QBDT.Webconnector.QBWCMonitor.exe [40784 2021-04-09] (Intuit, Inc. -> )
S4 QuickBooksDB31; C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 21.0\QBDBMgrN.exe [127816 2021-04-10] (Intuit, Inc. -> SAP SE or an SAP affiliate company)
R2 SAAZappr; C:\Program Files (x86)\SAAZOD\zRealTime\SAAZappr.exe [91016 2019-09-21] (CONTINUUM MANAGED SERVICES, LLC -> Continuum Managed Services LLC.)
S4 SAAZapsc; C:\Program Files (x86)\SAAZOD\zRealTime\SAAZapsc.exe [91016 2019-09-21] (CONTINUUM MANAGED SERVICES, LLC -> Continuum Managed Services LLC.)
R2 SAAZDPMACTL; C:\Program Files (x86)\SAAZOD\SAAZDPMACTL.exe [95112 2019-09-21] (CONTINUUM MANAGED SERVICES, LLC -> Continuum Managed Services LLC.)
S4 SAAZRemoteSupport; C:\Program Files (x86)\SAAZOD\SAAZRemoteSupport.exe [86960 2017-02-10] (Continuum Managed Solutions Pvt. Ltd. -> Continuum Managed Services LLC.)
R2 SAAZScheduler; C:\Program Files (x86)\SAAZOD\SAAZScheduler.exe [91016 2019-09-21] (CONTINUUM MANAGED SERVICES, LLC -> Continuum Managed Service LLC.)
R2 SAAZServerPlus; C:\Program Files (x86)\SAAZOD\SAAZServerPlus.exe [91016 2019-09-21] (CONTINUUM MANAGED SERVICES, LLC -> Continuum Managed Services LLC.)
R2 SAAZWatchDog; C:\Program Files (x86)\SAAZOD\SAAZWatchDog.exe [95112 2019-09-21] (CONTINUUM MANAGED SERVICES, LLC -> Continuum Managed Services LLC.)
R2 ScreenConnect Client (15747732edbf6a63); C:\Program Files (x86)\ScreenConnect Client (15747732edbf6a63)\ScreenConnect.ClientService.exe [90736 2021-04-27] (ConnectWise, LLC -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5361256 2021-04-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2019-10-30] (SolidWorks) [File not signed]
S2 SQLAgent$VERIATO360; C:\Program Files\Microsoft SQL Server\MSSQL13.VERIATO360\MSSQL\Binn\SQLAGENT.EXE [565952 2017-07-06] (Microsoft Corporation -> Microsoft Corporation)
R2 SQLTELEMETRY$VERIATO360; C:\Program Files\Microsoft SQL Server\MSSQL13.VERIATO360\MSSQL\Binn\sqlceip.exe [198848 2016-04-30] (Microsoft Corporation -> Microsoft Corporation)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31704 2016-10-24] (Dell Inc. -> Dell Inc.)
R2 SWVisualize2017.Queue.Server; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe [26008 2017-08-11] (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes)
R2 Veriato360Deployment; C:\Program Files\Veriato\Deployment\Veriato360.Deployment.Dispatcher.exe [17408 2018-04-20] (Veriato, Inc.) [File not signed]
R2 Veriato360DeploymentManager; C:\Program Files\Veriato\Deployment Manager\Veriato360.Deployment.Manager.exe [19968 2018-04-20] (Veriato, Inc.) [File not signed]
R2 Veriato360NotificationServices; C:\Program Files\Veriato\Notification Services\Veriato360.Notification.Services.exe [15872 2018-04-20] (Veriato, Inc.) [File not signed]
R2 Veriato360SchedulerService; C:\Program Files\Veriato\Scheduler\Veriato360.Scheduling.SchedulerService.exe [23552 2018-04-20] (Veriato, Inc.) [File not signed]
R2 Veriato360Service; C:\Program Files\Veriato\Service\Veriato360.Windows.Services.exe [11264 2018-04-20] (Veriato, Inc.) [File not signed]
R2 VeriatoExchangeRecorder; C:\Program Files\Veriato\ExchangeRecorder\ExchangeRecorder.exe [148480 2018-04-20] (Veriato, Inc.) [File not signed]
R2 VeriatoSignalR; C:\Program Files\Veriato\SignalR\SignalRService.exe [7168 2018-04-20] (Veriato, Inc.) [File not signed]
R2 VeriatoWebUIDataService; C:\Program Files\Veriato\WebUIDataService\WebUIDataServiceHost.exe [8192 2018-04-20] (Veriato, Inc.) [File not signed]
S3 WD Backup Drive Helper; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [19256 2021-04-19] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [19256 2021-04-19] (Microsoft Windows -> Microsoft Corporation)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [367232 2019-06-26] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WRCoreService; C:\Program Files\Webroot\Core\WRCoreService.x64.exe [2037856 2020-08-25] (Webroot Inc. -> Webroot, Inc.)
R3 WRSkyClient; C:\Program Files\Webroot\Core\WRSkyClient.x64.exe [3002624 2020-08-25] (Webroot Inc. -> Webroot, Inc.)
R2 WRSVC; C:\Program Files (x86)\Webroot\WRSA.exe [4918152 2020-12-09] (Webroot Inc. -> Webroot)
S4 zEvtSVC; C:\Program Files (x86)\SAAZOD\zSCC\zEvtSVC.exe [1655176 2019-10-15] (CONTINUUM MANAGED SERVICES, LLC -> Continuum Managed Services LLC)
S4 QuickBooksDB28; C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 18.0\QBDBMgrN.exe -hvQuickBooksDB28 [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [32352 2016-10-13] (Techporch Incorporated -> Dell Inc.)
R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [32952 2016-10-13] (Techporch Incorporated -> Dell Computer Corporation)
R2 LMIInfo; C:\WINDOWS\system32\drivers\LMIInfo.sys [30432 2017-01-11] (LogMeIn, Inc. -> LogMeIn, Inc.)
S4 LMIRfsClientNP; no ImagePath
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [216056 2020-08-14] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-06-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [226448 2020-03-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-06-04] (Malwarebytes Inc -> Malwarebytes)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2016-12-21] (Apple Inc.) [File not signed]
S4 RsFx0401; C:\WINDOWS\System32\DRIVERS\RsFx0401.sys [260816 2016-03-29] (Microsoft Corporation -> Microsoft Corporation)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-12-21] (Apple, Inc.) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 wdfsconnect2017; C:\WINDOWS\system32\drivers\wdfsconnect2017.sys [468112 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 wdvpnpbus; C:\WINDOWS\System32\drivers\wdvpnpbus.sys [20624 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
S0 WRBoot; C:\WINDOWS\System32\drivers\WRBoot.sys [15792 2020-04-20] (Microsoft Windows Early Launch Anti-malware Publisher -> )
R1 WRCore; C:\Program Files\Webroot\Core\WRCore.x64.sys [268720 2020-06-15] (Webroot Inc. -> Webroot, Inc.)
R0 WRkrn; C:\WINDOWS\System32\drivers\WRkrn.sys [149224 2020-02-18] (Webroot Inc. -> Webroot)
R3 wrUrlFlt; C:\Windows\system32\DRIVERS\wrUrlFlt.sys [58304 2020-06-03] (Webroot, Inc -> Webroot)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-05-13 13:09 - 2021-05-13 13:09 - 000000000 ____D C:\Users\renee\Desktop\FRST-OlderVersion
2021-05-13 12:11 - 2021-05-13 12:51 - 000000000 ___HD C:\WINDOWS\msdownld.tmp
2021-05-13 00:22 - 2021-05-13 00:22 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2021-05-13 00:22 - 2021-05-13 00:22 - 000000000 ____D C:\WINDOWS\SysWOW64\es
2021-05-13 00:22 - 2021-05-13 00:22 - 000000000 ____D C:\WINDOWS\system32\es
2021-05-12 16:10 - 2021-05-13 13:21 - 000078647 _____ C:\Users\renee\Desktop\Addition.txt
2021-05-12 16:02 - 2021-05-13 14:04 - 000047554 _____ C:\Users\renee\Desktop\FRST.txt
2021-05-12 16:00 - 2021-05-12 16:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-05-12 15:58 - 2021-05-13 14:03 - 000000000 ____D C:\FRST
2021-05-12 15:58 - 2021-05-13 13:09 - 002299392 _____ (Farbar) C:\Users\renee\Desktop\FRST64.exe
2021-05-12 15:36 - 2021-05-12 15:36 - 000001631 _____ C:\Users\renee\Documents\wordConfigSummary.txt
2021-05-12 15:29 - 2021-05-12 15:29 - 000187492 _____ C:\Users\renee\Documents\wordGpResult.htm
2021-05-12 15:29 - 2021-05-12 15:29 - 000001631 _____ C:\Users\renee\Documents\ConfigSummaryword.txt
2021-05-12 14:30 - 2021-05-13 12:22 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3262525730-2997792904-2310648795-1158
2021-05-12 14:29 - 2021-05-12 14:29 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2021-05-12 14:29 - 2021-05-12 14:29 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-05-12 14:29 - 2021-05-12 14:29 - 000002452 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-05-12 14:29 - 2021-05-12 14:29 - 000002409 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2021-05-12 14:29 - 2021-05-12 14:29 - 000002403 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2021-05-12 14:29 - 2021-05-12 14:29 - 000000000 ____D C:\Program Files (x86)\Teams Installer
2021-05-12 14:28 - 2021-05-12 14:28 - 000002416 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2021-05-12 14:28 - 2021-05-12 14:28 - 000002415 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-05-12 14:28 - 2021-05-12 14:28 - 000002395 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2021-05-12 14:28 - 2021-05-12 14:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-05-12 14:27 - 2021-05-12 14:28 - 031774960 _____ C:\Users\renee\Documents\HKCUOffice.reg
2021-05-12 14:27 - 2021-05-12 14:27 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2021-05-12 14:15 - 2021-05-12 14:28 - 000000000 ____D C:\Program Files\Microsoft Office
2021-05-12 14:15 - 2021-05-12 14:15 - 000000000 ____D C:\Program Files\Microsoft Office 15
2021-05-12 13:33 - 2021-05-12 13:33 - 000008293 _____ C:\Users\renee\Documents\Assoc.txt
2021-05-11 16:25 - 2021-05-11 16:25 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-05-11 16:25 - 2021-05-11 16:25 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-05-11 16:25 - 2021-05-11 16:25 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-05-11 16:25 - 2021-05-11 16:25 - 000044272 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-05-11 10:12 - 2021-05-11 10:12 - 014486872 _____ (Glance Networks, Inc.) C:\Users\renee\Downloads\GlanceGuestSetup_4.17.1 (1).exe
2021-05-10 15:08 - 2021-05-10 15:10 - 612188160 _____ C:\Users\renee\Desktop\Industrial Metal Fabrication, Inc (Backup May 10,2021 03 08 PM).QBB
2021-05-10 12:02 - 2021-05-10 12:02 - 000194864 _____ C:\Users\renee\Documents\SBDC ResponseSummary.pdf
2021-05-10 12:01 - 2021-05-10 12:01 - 000189918 _____ C:\Users\renee\Downloads\ResponseSummary.pdf
2021-05-10 11:06 - 2021-05-10 11:06 - 000000520 _____ C:\Users\renee\Desktop\Microsoft Support and Recovery Assistant.appref-ms
2021-05-10 11:06 - 2021-05-10 11:06 - 000000000 ____D C:\Users\renee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Corporation
2021-05-10 11:06 - 2021-05-10 11:06 - 000000000 ____D C:\Users\renee\AppData\Local\SaRALogs
2021-05-10 11:05 - 2021-05-13 13:00 - 000000000 ____D C:\Users\renee\AppData\Local\Deployment
2021-05-06 13:35 - 2021-05-06 13:35 - 000898242 _____ C:\WINDOWS\system32\perfh00A.dat
2021-05-06 13:35 - 2021-05-06 13:35 - 000346834 _____ C:\WINDOWS\system32\perfi00A.dat
2021-05-06 13:35 - 2021-05-06 13:35 - 000199438 _____ C:\WINDOWS\system32\perfc00A.dat
2021-05-06 13:35 - 2021-05-06 13:35 - 000043954 _____ C:\WINDOWS\system32\perfd00A.dat
2021-05-04 10:27 - 2021-05-04 10:27 - 000000000 ____D C:\Users\renee\Documents\User cwnoc
2021-04-29 08:51 - 2021-04-29 08:51 - 000064258 _____ C:\Users\renee\Desktop\NoteBalanceReport_PDF20210429.pdf
2021-04-29 06:59 - 2021-04-29 06:59 - 000000000 ____D C:\Program Files (x86)\ScreenConnect Client (15747732edbf6a63)
2021-04-28 09:53 - 2021-05-07 14:42 - 000000000 ____D C:\Users\renee\Documents\Budgeting Class
2021-04-26 09:58 - 2015-04-22 10:06 - 000060588 _____ C:\Users\renee\Downloads\results.xsl
2021-04-25 05:05 - 2021-04-25 05:05 - 000000000 ____D C:\Users\NOC_HelpDesk\AppData\Local\D3DSCache
2021-04-25 04:46 - 2021-04-25 04:46 - 000000000 ____D C:\Users\NOC_HelpDesk\AppData\Local\Comms
2021-04-25 04:45 - 2021-04-25 04:45 - 000000000 ____D C:\Users\NOC_HelpDesk\AppData\Local\ElevatedDiagnostics
2021-04-25 04:43 - 2021-04-25 04:43 - 000000000 ____D C:\Users\NOC_HelpDesk\AppData\LocalLow\Adobe
2021-04-25 04:41 - 2021-04-25 04:43 - 000000000 ____D C:\Users\NOC_HelpDesk\AppData\Local\Adobe
2021-04-25 04:32 - 2021-04-25 04:33 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3262525730-2997792904-2310648795-3170
2021-04-25 04:32 - 2021-04-25 04:33 - 000000000 ___RD C:\Users\NOC_HelpDesk\OneDrive
2021-04-25 04:30 - 2021-04-25 04:31 - 000000000 ____D C:\Users\NOC_HelpDesk\AppData\Local\PlaceholderTileLogoFolder
2021-04-25 04:30 - 2021-04-25 04:30 - 000000000 ____D C:\Users\NOC_HelpDesk\AppData\Roaming\QODBC Driver for QuickBooks
2021-04-25 04:30 - 2021-04-25 04:30 - 000000000 ____D C:\Users\NOC_HelpDesk\AppData\Roaming\Epson
2021-04-25 04:30 - 2021-04-25 04:30 - 000000000 ____D C:\Users\NOC_HelpDesk\AppData\Local\Publishers
2021-04-25 04:30 - 2021-04-25 04:30 - 000000000 ____D C:\Users\NOC_HelpDesk\AppData\Local\LogMeIn
2021-04-25 04:29 - 2021-04-25 04:48 - 000000000 ____D C:\Users\NOC_HelpDesk\AppData\Local\Packages
2021-04-25 04:29 - 2021-04-25 04:43 - 000000000 ____D C:\Users\NOC_HelpDesk\AppData\Roaming\Adobe
2021-04-25 04:29 - 2021-04-25 04:30 - 000000000 ____D C:\Users\NOC_HelpDesk\AppData\Local\VirtualStore
2021-04-25 04:29 - 2021-04-25 04:30 - 000000000 ____D C:\Users\NOC_HelpDesk\AppData\Local\Intuit
2021-04-25 04:29 - 2021-04-25 04:30 - 000000000 ____D C:\Users\NOC_HelpDesk\AppData\Local\Intel
2021-04-25 04:29 - 2021-04-25 04:29 - 000000000 __SHD C:\Users\NOC_HelpDesk\IntelGraphicsProfiles
2021-04-25 04:29 - 2021-04-25 04:29 - 000000000 ___RD C:\Users\NOC_HelpDesk\3D Objects
2021-04-25 04:29 - 2021-04-25 04:29 - 000000000 ____D C:\Users\NOC_HelpDesk\AppData\LocalLow\Intel
2021-04-25 04:29 - 2021-04-25 04:29 - 000000000 ____D C:\Users\NOC_HelpDesk\AppData\Local\Google
2021-04-25 04:28 - 2021-04-25 04:33 - 000002432 _____ C:\Users\NOC_HelpDesk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-04-25 04:28 - 2021-04-25 04:32 - 000000000 ____D C:\Users\NOC_HelpDesk
2021-04-25 04:28 - 2021-04-25 04:29 - 000000000 ____D C:\Users\NOC_HelpDesk\AppData\Local\ConnectedDevicesPlatform
2021-04-25 04:28 - 2021-04-25 04:28 - 000000020 ___SH C:\Users\NOC_HelpDesk\ntuser.ini
2021-04-25 04:28 - 2021-04-25 04:28 - 000000000 ____D C:\Users\NOC_HelpDesk\AppData\Roaming\Windows Small Business Server
2021-04-25 04:28 - 2018-01-25 23:35 - 000000000 ____D C:\Users\NOC_HelpDesk\AppData\Local\Microsoft Help
2021-04-22 13:30 - 2021-04-22 13:30 - 000000000 ____D C:\Users\renee\Desktop\bartender template
2021-04-22 13:29 - 2021-04-22 13:29 - 001436351 _____ C:\Users\renee\Desktop\bartender template.zip
2021-04-22 08:43 - 2021-04-22 08:43 - 000000000 ____D C:\Users\Jimmy\AppData\Roaming\Autodesk
2021-04-22 08:43 - 2021-04-22 08:43 - 000000000 ____D C:\Users\Jimmy\AppData\Local\D3DSCache
2021-04-22 08:43 - 2021-04-22 08:43 - 000000000 ____D C:\Users\Jimmy\AppData\Local\Autodesk
2021-04-22 08:37 - 2021-04-22 08:37 - 000000000 ____D C:\Users\Jimmy\AppData\Roaming\QODBC Driver for QuickBooks
2021-04-22 08:36 - 2021-04-22 08:36 - 000000000 ____D C:\Users\Jimmy\AppData\LocalLow\Intel
2021-04-20 16:27 - 2021-04-21 09:50 - 000011354 _____ C:\Users\renee\Desktop\RTO Labor Quotes and Actuals.xlsx
2021-04-20 15:07 - 2021-04-20 15:07 - 000015702 _____ C:\Users\renee\Downloads\profit-loss template - Copy (1).xlsx
2021-04-20 15:06 - 2021-04-20 15:06 - 000015702 _____ C:\Users\renee\Downloads\profit-loss template - Copy.xlsx
2021-04-20 09:19 - 2021-05-08 10:52 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-20 09:19 - 2021-05-08 10:52 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-04-20 09:19 - 2021-05-08 10:52 - 000002278 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-04-19 17:03 - 2021-04-19 17:03 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-04-19 17:03 - 2021-04-19 17:03 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-04-19 17:03 - 2021-04-19 17:03 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-04-19 17:03 - 2021-04-19 17:03 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2021-04-19 17:03 - 2021-04-19 17:03 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-04-19 17:02 - 2021-04-19 17:02 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-04-19 17:02 - 2021-04-19 17:02 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-04-19 17:02 - 2021-04-19 17:02 - 000480256 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-04-19 17:02 - 2021-04-19 17:02 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-04-19 17:02 - 2021-04-19 17:02 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-04-19 17:02 - 2021-04-19 17:02 - 000138056 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2021-04-19 17:02 - 2021-04-19 17:02 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-04-19 17:02 - 2021-04-19 17:02 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-04-19 17:02 - 2021-04-19 17:02 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-04-19 17:02 - 2021-04-19 17:02 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-04-19 17:01 - 2021-04-19 17:01 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-04-19 17:01 - 2021-04-19 17:01 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-04-19 17:01 - 2021-04-19 17:01 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-04-19 17:01 - 2021-04-19 17:01 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-04-19 17:01 - 2021-04-19 17:01 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2021-04-19 17:00 - 2021-04-19 17:00 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-04-19 17:00 - 2021-04-19 17:00 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-04-19 17:00 - 2021-04-19 17:00 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-04-19 17:00 - 2021-04-19 17:00 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-04-19 17:00 - 2021-04-19 17:00 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-04-19 17:00 - 2021-04-19 17:00 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-04-19 16:59 - 2021-04-19 16:59 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-04-19 16:59 - 2021-04-19 16:59 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-04-19 16:59 - 2021-04-19 16:59 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-04-19 16:58 - 2021-04-19 16:58 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-04-19 16:58 - 2021-04-19 16:58 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2021-04-19 16:58 - 2021-04-19 16:58 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2021-04-19 16:57 - 2021-04-19 16:57 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-04-19 16:57 - 2021-04-19 16:57 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-04-19 16:57 - 2021-04-19 16:57 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-04-19 16:57 - 2021-04-19 16:57 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-04-19 16:56 - 2021-04-19 16:56 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-04-19 16:56 - 2021-04-19 16:56 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-04-19 16:56 - 2021-04-19 16:56 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-04-19 16:56 - 2021-04-19 16:56 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-04-19 16:56 - 2021-04-19 16:56 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2021-04-19 16:56 - 2021-04-19 16:56 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-04-19 16:56 - 2021-04-19 16:56 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2021-04-19 16:56 - 2021-04-19 16:56 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2021-04-19 16:55 - 2021-04-19 16:55 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-04-19 16:54 - 2021-04-19 16:54 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-04-19 16:54 - 2021-04-19 16:54 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-04-19 16:53 - 2021-04-19 16:53 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-04-19 16:53 - 2021-04-19 16:53 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-04-19 16:53 - 2021-04-19 16:53 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-04-19 16:53 - 2021-04-19 16:53 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-04-19 16:53 - 2021-04-19 16:53 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-04-19 16:53 - 2021-04-19 16:53 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-04-19 16:53 - 2021-04-19 16:53 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-04-19 16:52 - 2021-04-19 16:52 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-04-19 16:52 - 2021-04-19 16:52 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2021-04-19 16:51 - 2021-04-19 16:51 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-04-19 16:51 - 2021-04-19 16:51 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-04-19 16:51 - 2021-04-19 16:51 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-04-19 16:51 - 2021-04-19 16:51 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-04-19 16:51 - 2021-04-19 16:51 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-04-19 16:51 - 2021-04-19 16:51 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2021-04-19 16:51 - 2021-04-19 16:51 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2021-04-19 16:50 - 2021-04-19 16:50 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-04-19 16:50 - 2021-04-19 16:50 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-04-19 16:49 - 2021-04-19 16:49 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-04-19 16:49 - 2021-04-19 16:49 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-04-19 16:49 - 2021-04-19 16:49 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-04-19 16:48 - 2021-04-19 16:48 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-04-19 16:48 - 2021-04-19 16:48 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-04-19 16:48 - 2021-04-19 16:48 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-04-19 16:48 - 2021-04-19 16:48 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2021-04-19 16:48 - 2021-04-19 16:48 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-04-19 16:48 - 2021-04-19 16:48 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-04-19 16:48 - 2021-04-19 16:48 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-04-19 16:48 - 2021-04-19 16:48 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2021-04-19 16:48 - 2021-04-19 16:48 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2021-04-19 16:48 - 2021-04-19 16:48 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-04-19 16:02 - 2021-04-19 16:02 - 000000000 ____D C:\WINDOWS\Firmware
2021-04-19 15:59 - 2020-04-27 22:44 - 000143160 _____ C:\WINDOWS\system32\ze_validation_layer.dll
2021-04-19 15:59 - 2020-04-27 22:43 - 001785712 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-04-19 15:59 - 2020-04-27 22:43 - 001376328 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-04-19 15:59 - 2020-04-27 22:43 - 001095280 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-04-19 15:59 - 2020-04-27 22:43 - 000955000 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-04-19 15:59 - 2020-04-27 22:43 - 000437568 _____ C:\WINDOWS\system32\ze_loader.dll
2021-04-19 15:59 - 2020-04-27 22:43 - 000163592 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2021-04-19 15:59 - 2020-04-27 22:43 - 000138344 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2021-04-19 15:59 - 2020-04-27 22:43 - 000128336 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-04-19 15:59 - 2020-04-27 22:43 - 000112976 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-04-19 15:59 - 2020-04-27 22:42 - 000292672 _____ C:\WINDOWS\system32\igfxCPL.cpl
2021-04-13 15:32 - 2021-04-13 15:32 - 000000000 ____D C:\Users\renee\Downloads\New folder
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-05-13 14:04 - 2018-01-19 11:25 - 000000000 ____D C:\Program Files (x86)\SAAZOD
2021-05-13 13:15 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-13 13:15 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-13 13:14 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-13 13:09 - 2017-05-02 14:37 - 000000000 ____D C:\Users\renee\Documents\Outlook Files
2021-05-13 12:59 - 2019-07-30 15:32 - 000000000 ____D C:\Users\renee\AppData\Local\CrashDumps
2021-05-13 12:55 - 2018-01-19 11:38 - 000001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2021-05-13 12:54 - 2019-10-23 14:31 - 000002136 _____ C:\Users\renee\Desktop\IMF Data.lnk
2021-05-13 12:54 - 2017-03-10 15:52 - 000000000 __SHD C:\Users\renee\IntelGraphicsProfiles
2021-05-13 12:53 - 2018-01-19 11:36 - 000270680 _____ (Webroot) C:\WINDOWS\SysWOW64\WRusr.dll
2021-05-13 12:53 - 2018-01-19 11:36 - 000225736 _____ (Webroot) C:\WINDOWS\system32\WRusr.dll
2021-05-13 12:53 - 2018-01-19 11:36 - 000000000 ____D C:\ProgramData\WRData
2021-05-13 12:52 - 2020-11-30 01:01 - 000000000 ____D C:\ProgramData\ScreenConnect Client (15747732edbf6a63)
2021-05-13 12:52 - 2020-08-31 14:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-13 12:52 - 2017-03-10 15:16 - 000000120 _____ C:\WINDOWS\system32\config\netlogon.ftl
2021-05-13 12:52 - 2017-01-12 20:34 - 000000000 ____D C:\Intel
2021-05-13 12:51 - 2019-12-07 04:03 - 001835008 _____ C:\WINDOWS\system32\config\BBI
2021-05-13 12:22 - 2020-08-31 13:16 - 000002411 _____ C:\Users\renee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-13 12:22 - 2017-03-10 15:53 - 000000000 ___RD C:\Users\renee\OneDrive
2021-05-13 11:52 - 2019-10-01 08:25 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-05-13 11:52 - 2019-10-01 08:25 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2021-05-13 11:25 - 2020-08-31 14:11 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-05-13 11:12 - 2020-08-31 13:12 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-05-13 10:50 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-13 10:39 - 2018-01-26 00:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-13 10:29 - 2018-01-26 00:05 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-13 00:52 - 2017-03-10 15:17 - 000043446 __RSH C:\ProgramData\ntuser.pol
2021-05-13 00:30 - 2020-08-31 13:16 - 000000000 ____D C:\Users\renee
2021-05-13 00:26 - 2020-08-31 13:12 - 001406160 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-13 00:22 - 2019-12-07 04:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-05-13 00:22 - 2019-12-07 04:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-05-13 00:22 - 2019-12-07 04:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-05-13 00:22 - 2019-12-07 04:50 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2021-05-13 00:22 - 2019-12-07 04:50 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-05-13 00:22 - 2019-12-07 04:50 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2021-05-13 00:22 - 2019-12-07 04:50 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2021-05-13 00:22 - 2019-12-07 04:50 - 000000000 ____D C:\WINDOWS\system32\winrm
2021-05-13 00:22 - 2019-12-07 04:50 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-05-13 00:22 - 2019-12-07 04:50 - 000000000 ____D C:\WINDOWS\system32\slmgr
2021-05-13 00:22 - 2019-12-07 04:50 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\system32\dsc
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\MUI
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\IME
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-05-13 00:22 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\servicing
2021-05-13 00:19 - 2018-01-19 11:27 - 000001312 _____ C:\WINDOWS\SysWOW64\ipstuffNew.txt
2021-05-13 00:05 - 2018-01-19 11:38 - 000000000 ____D C:\ProgramData\LogMeIn
2021-05-12 21:42 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\security
2021-05-12 16:14 - 2019-12-07 04:13 - 000000000 ____D C:\WINDOWS\INF
2021-05-12 16:01 - 2018-12-28 13:49 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-05-12 15:08 - 2018-01-29 15:29 - 000000000 ____D C:\Users\renee\AppData\Local\Packages
2021-05-12 14:52 - 2017-03-10 15:52 - 000000000 ____D C:\Users\renee\AppData\Local\ConnectedDevicesPlatform
2021-05-12 14:28 - 2019-12-07 04:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-05-12 14:01 - 2018-12-28 13:49 - 000000000 ____D C:\Users\renee\AppData\Local\Dropbox
2021-05-12 13:48 - 2018-12-28 13:53 - 000000000 ___RD C:\Users\renee\Dropbox
2021-05-12 13:32 - 2019-07-23 19:11 - 000000753 _____ C:\Users\renee\Documents\ConfigSummary.txt
2021-05-11 18:14 - 2018-01-09 13:57 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-11 18:14 - 2018-01-09 13:57 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-05-11 18:14 - 2018-01-09 13:57 - 000002262 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-05-11 15:54 - 2018-09-26 15:07 - 000002240 ____H C:\Users\renee\Documents\Default.rdp
2021-05-11 12:02 - 2018-02-09 13:01 - 000000000 ____D C:\Users\renee\AppData\Local\Glance
2021-05-11 10:13 - 2018-09-28 12:28 - 000000000 ____D C:\Program Files (x86)\GlanceGuest
2021-05-10 11:24 - 2016-07-16 06:47 - 000000131 _____ C:\WINDOWS\win.ini
2021-05-06 00:37 - 2018-12-28 13:49 - 000000920 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2021-05-06 00:37 - 2018-12-28 13:49 - 000000916 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2021-05-04 19:51 - 2020-08-31 14:11 - 000003980 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2021-05-04 19:51 - 2020-08-31 14:11 - 000003748 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2021-05-04 12:15 - 2018-01-10 09:21 - 000000000 ____D C:\ProgramData\SecTaskMan
2021-05-02 18:02 - 2017-03-22 09:50 - 000000000 ____D C:\ProgramData\Intuit
2021-05-01 00:37 - 2020-08-31 13:16 - 000000000 ____D C:\Users\VeriatoService
2021-05-01 00:37 - 2020-08-31 13:16 - 000000000 ____D C:\Users\SQLTELEMETRY$VERIATO360
2021-04-29 01:14 - 2021-01-23 01:13 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-04-27 08:29 - 2017-03-22 09:50 - 000000111 _____ C:\WINDOWS\QBChanUtil_Trigger.ini
2021-04-27 08:26 - 2018-08-22 10:01 - 000000000 ____D C:\Users\renee\AppData\Roaming\QuickBooks
2021-04-25 19:45 - 2021-04-04 05:39 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-25 19:45 - 2021-04-04 05:39 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-04-25 04:46 - 2019-12-07 04:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-04-25 04:30 - 2018-01-19 11:33 - 000000000 ____D C:\ProgramData\SAAZOD
2021-04-25 04:29 - 2017-01-12 21:10 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-04-23 23:25 - 2020-10-09 12:20 - 000002136 _____ C:\Users\Jimmy\Desktop\IMF Data.lnk
2021-04-23 08:38 - 2020-08-31 14:11 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3262525730-2997792904-2310648795-1146
2021-04-23 08:38 - 2020-08-31 13:16 - 000002411 _____ C:\Users\Jimmy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-04-23 08:38 - 2018-07-10 10:16 - 000000000 ___RD C:\Users\Jimmy\OneDrive
2021-04-22 08:44 - 2018-07-10 10:14 - 000000000 ____D C:\Users\Jimmy\AppData\Local\Google
2021-04-22 08:43 - 2019-10-29 12:32 - 000002280 _____ C:\Users\Public\Desktop\DWG TrueView 2020 - English.lnk
2021-04-22 08:43 - 2019-10-29 12:32 - 000002280 _____ C:\ProgramData\Desktop\DWG TrueView 2020 - English.lnk
2021-04-22 08:43 - 2019-10-29 12:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DWG TrueView 2020 - English
2021-04-22 08:43 - 2019-10-29 12:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2021-04-22 08:39 - 2018-07-10 10:14 - 000000000 ____D C:\Users\Jimmy\AppData\Local\Packages
2021-04-22 08:35 - 2018-07-10 10:14 - 000000000 __SHD C:\Users\Jimmy\IntelGraphicsProfiles
2021-04-22 08:35 - 2018-07-10 10:14 - 000000000 ____D C:\Users\Jimmy\AppData\Local\Intuit
2021-04-22 00:53 - 2020-08-31 13:34 - 002098286 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-20 19:08 - 2020-08-31 14:11 - 000003418 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-04-20 19:08 - 2020-08-31 14:11 - 000003294 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-04-20 17:20 - 2019-07-30 12:46 - 000000000 ____D C:\Users\renee\AppData\Local\DisplayFusion
2021-04-19 17:18 - 2019-12-07 04:54 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-04-19 17:18 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-04-19 17:18 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-04-19 17:18 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-04-19 17:18 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-04-19 17:18 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-04-19 17:18 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-04-19 17:18 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-04-19 17:18 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-04-19 17:18 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-04-19 17:18 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-04-19 17:18 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-04-19 17:18 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-04-19 17:18 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-04-19 17:18 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-04-19 17:18 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-04-19 17:18 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-04-19 17:17 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-04-19 17:17 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-04-19 17:17 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-04-19 17:17 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-04-19 17:13 - 2019-12-07 04:54 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-04-19 17:13 - 2019-12-07 04:54 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-04-19 16:47 - 2020-08-31 13:17 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-04-14 11:43 - 2021-04-05 09:40 - 000000000 ____D C:\Users\QBDataServiceUser31.RENEE-DELL
2021-04-13 11:43 - 2017-03-22 09:54 - 000000000 ____D C:\Users\renee\AppData\Local\Intuit
2021-04-13 11:37 - 2019-01-15 13:56 - 000000648 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3262525730-2997792904-2310648795-1158.job
2021-04-13 11:37 - 2019-01-15 13:56 - 000000552 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3262525730-2997792904-2310648795-1158.job
==================== Files in the root of some directories ========
2017-12-14 10:02 - 2017-12-14 10:02 - 000003774 _____ () C:\Program Files (x86)\desktop.ico
2018-01-19 11:33 - 2018-01-19 11:33 - 000000007 _____ () C:\Program Files (x86)\zsccVerWPStatus.txt
2021-01-12 10:14 - 2021-01-12 10:15 - 000040150 _____ () C:\Users\renee\AppData\Roaming\QBFileDrTool.log
2021-01-14 16:47 - 2021-01-14 16:52 - 000059705 _____ () C:\Users\renee\AppData\Roaming\QBFileDrTool_RENEE-DELL.log
2017-12-01 10:49 - 2017-12-11 12:08 - 000000149 _____ () C:\Users\renee\AppData\Roaming\WB.CFG
2019-04-16 18:13 - 2019-04-16 18:13 - 000284653 _____ () C:\Users\renee\AppData\Local\ClaPyncR
2018-01-29 17:36 - 2018-01-29 17:36 - 000000052 _____ () C:\Users\renee\AppData\Local\ClaPyncRAj
2019-08-20 11:30 - 2019-12-06 16:20 - 000010240 _____ () C:\Users\renee\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-09-26 09:18 - 2018-09-26 09:18 - 000000000 _____ () C:\Users\renee\AppData\Local\oobelibMkey.log
2017-10-25 14:48 - 2019-09-05 11:41 - 000007602 _____ () C:\Users\renee\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-05-2021
Ran by Renee (13-05-2021 14:08:08)
Running from C:\Users\renee\Desktop
Windows 10 Pro Version 2004 19041.928 (X64) (2020-08-31 19:12:53)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1037252052-873270737-574051151-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1037252052-873270737-574051151-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-1037252052-873270737-574051151-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-1037252052-873270737-574051151-501 - Limited - Disabled)
QBDataServiceUser28 (S-1-5-21-1037252052-873270737-574051151-1008 - Limited - Enabled) => C:\Users\QBDataServiceUser28
QBDataServiceUser31 (S-1-5-21-1037252052-873270737-574051151-1011 - Limited - Enabled) => C:\Users\QBDataServiceUser31.RENEE-DELL
Remote Support (S-1-5-21-1037252052-873270737-574051151-1009 - Administrator - Enabled) => C:\Users\Remote Support
VeriatoService (S-1-5-21-1037252052-873270737-574051151-1005 - Limited - Enabled) => C:\Users\VeriatoService
WDAGUtilityAccount (S-1-5-21-1037252052-873270737-574051151-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Webroot SecureAnywhere (Enabled - Up to date) {EA22F846-E33A-0128-9418-185509C86920}
AV: Webroot SecureAnywhere (Enabled - Up to date) {DF901FA1-F926-253B-C464-B01C79DCAD48}
AV: Webroot SecureAnywhere (Enabled - Up to date) {A16A5B28-D1C0-417E-771B-123558EECC69}
AS: Webroot SecureAnywhere (Enabled - Up to date) {64F1FE45-DF1C-2AB5-FED4-8B6E025BE7F5}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 21.001.20145 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.001.20145 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.0.0.354 - Adobe Systems Incorporated)
Adobe Illustrator 2020 (HKLM-x32\...\ILST_24_0_1) (Version: 24.0.1 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\LRCC_3_0) (Version: 3.0 - Adobe Systems Incorporated)
Autodesk Design Review (HKLM-x32\...\Autodesk Design Review) (Version: 14.0.0.177 - Autodesk)
Autodesk DWG TrueView 2020 - English (HKLM\...\DWG TrueView 2020 - English) (Version: 23.1.48.0 - Autodesk)
Belarc Advisor 9.0 (HKLM-x32\...\Belarc Advisor) (Version: 9.0.0.0 - Belarc Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Browser for SQL Server 2016 (HKLM-x32\...\{5B860485-0F07-41DC-BA8C-3A839A141FBA}) (Version: 13.0.1601.5 - Microsoft Corporation)
Cisco Webex Meetings (HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\ActiveTouchMeetingClient) (Version: - Cisco Webex LLC)
ClipGrab 3.8.11 (HKLM-x32\...\{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1) (Version: - The ClipGrab Project)
Core (HKLM\...\{48CD9577-944F-496C-B8AE-F6150240C2D1}) (Version: 1.1.227 - Webroot) Hidden
Cricut Design Space (HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\{113DD42F-AE80-489B-8F15-FB8499306C48}) (Version: 5.11.54 - Cricut, Inc.)
Cricut Design Space (HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\Cricut Design Space 4.6.4) (Version: 4.6.4 - Cricut, Inc.)
Cricut Design Space Client (HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\Cricut Design Space Client) (Version: 5.8.1902.081258 - Provo Craft)
Critical Update for SQL Server 2016 MSVCRT Prerequisites (KB4019088) (64-bit) (HKLM\...\KB4019088) (Version: 13.0.1742.0 - Microsoft Corporation)
Dell Command | Update (HKLM-x32\...\{EC542D5D-B608-4145-A8F7-749C02BE6D94}) (Version: 2.2.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{99B7C4B5-DC14-441D-A5B6-7340F682BC81}) (Version: 3.1.1117.0 - Dell Products, LP)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.61 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{CD2DF2B3-01E7-47FF-AF9C-725FC5FF6409}) (Version: 1.3.2.3 - Dell)
DisplayFusion 9.7.1 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 9.7.1.0 - Binary Fortress Software)
Divar 2.30 PC Software (HKLM-x32\...\{EEC2E4A4-7E1B-11D6-B2AB-00508B911B9B}) (Version: 2.30 - Bosch Security Systems)
Driver Easy 5.6.9 (HKLM\...\DriverEasy_is1) (Version: 5.6.9 - Easeware)
Dropbox (HKLM-x32\...\Dropbox) (Version: 122.4.4867 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.459.1 - Dropbox, Inc.) Hidden
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 1.3.6855.61 - PC-Doctor, Inc.) Hidden
Epson ES Series User’s Guide (HKLM-x32\...\UsersGuideEpson ES Series User’s Guide_is1) (Version: 1.0 - Epson America, Inc.)
Epson Event Manager (HKLM-x32\...\{49048EBF-3803-4AA4-8943-675E6E8D5B30}) (Version: 3.11.0030 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
Epson Scan OCR Component Pro (HKLM-x32\...\{7C3DDC52-B63F-463D-B41E-9D619EF93823}) (Version: 1.0.7 - Seiko Epson Corporation)
EPSON Scan PDF EXtensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.02 - SEIKO EPSON Corp.)
Epson ScanSmart (HKLM-x32\...\{B9D455F0-E479-43BD-9401-C108D1AA46F9}) (Version: 3.5.4 - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{2359E008-3C32-45B9-B984-39D46CDCA47B}) (Version: 4.6.0 - Seiko Epson Corporation)
GlanceGuest version 4.17.1.19 (HKLM-x32\...\{F5AC5408-CC29-47C0-AD53-1BBBF268B364}_is1) (Version: 4.17.1.19 - Glance Networks, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.212 - Google LLC)
Google Earth Pro (HKLM-x32\...\{59F21DFB-6977-434B-9CB9-67783D6E7B6B}) (Version: 7.3.3.7786 - Google)
GoTo Opener (HKLM-x32\...\{D144D2C2-4F96-48B7-BB2A-E9185050B619}) (Version: 1.0.491 - LogMeIn, Inc.)
GoToMeeting 10.16.0.19598 (HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\GoToMeeting) (Version: 10.16.0.19598 - LogMeIn, Inc.)
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1167 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4836 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.9.1053 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
ITSPlatform (HKLM-x32\...\{1C78F4DD-ED19-4D76-A276-7038D66DA0C3}) (Version: 1.0.789 - ITSupport247)
ITSPlatform (HKLM-x32\...\{7ac03588-f73f-41c3-889e-7ef4cad3063d}) (Version: 1.0.789 - ITSupport247) Hidden
ITSupport247-DPMA (HKLM-x32\...\SAAZOD) (Version: 5.5.1 - ITSupport247)
LogMeIn (HKLM-x32\...\{4BA0A633-1A0C-4936-8BF5-9EA537E36BA8}) (Version: 4.1.9768 - LogMeIn, Inc.)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.9060.3 - Waves Audio Ltd.) Hidden
Microsoft 365 Apps for business - en-us (HKLM\...\O365BusinessRetail - en-us) (Version: 16.0.13127.21506 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft Assessment and Planning Toolkit (HKLM-x32\...\{efc9da38-9049-44f6-a3da-f50e96eec31f}) (Version: 9.9.13.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.56 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 90.0.818.56 - Microsoft Corporation)
Microsoft ODBC Driver 13 for SQL Server (HKLM\...\{DB7B2107-C3C9-439E-BDA8-823CCC152977}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Office Configuration Analyzer Tool 2.2 (HKLM-x32\...\{EA5C0F11-00CA-0321-0801-141002021782}) (Version: 2.2.6018.801 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\OneDriveSetup.exe) (Version: 21.073.0411.0002 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{1385D3DB-8E80-427B-91D2-B7535862B8E4}) (Version: 11.3.6518.0 - Microsoft Corporation)
Microsoft SQL Server 2016 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2016) (Version: - Microsoft Corporation)
Microsoft SQL Server 2016 Setup (English) (HKLM\...\{9916613E-6D6C-43B9-834F-91F438D4F403}) (Version: 13.0.1742.0 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service (HKLM\...\{FE3BF1DD-677E-4793-9770-C07AECC88882}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom (HKLM\...\{D091DE8C-EA0F-49AF-8DE3-BD6C79737C6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server Data-Tier Application Framework (x86) (HKLM-x32\...\{5084D16B-E1D2-4F25-8B86-A03B4F9E1A72}) (Version: 13.0.3225.4 - Microsoft Corporation)
Microsoft Support and Recovery Assistant (HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\0527a644a4ddd31d) (Version: 17.0.6523.5 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\Teams) (Version: 1.2.00.3961 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27033 (HKLM-x32\...\{624ba875-fdfc-4efa-9c66-b170dfebc3ec}) (Version: 14.16.27033.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2016 (HKLM\...\{3E013EB4-FF9E-4CCA-BAB6-318932614FAE}) (Version: 13.0.1601.5 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13127.21064 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13127.21506 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13127.21064 - Microsoft Corporation) Hidden
PanelPilot ACE Design Studio (HKLM-x32\...\{8748AA92-4C0A-41F5-8EC3-DA9598A3B5C9}) (Version: 4.0.2.4064 - Lascar Electronics Ltd.) Hidden
PanelPilot ACE Design Studio (HKLM-x32\...\InstallShield_{8748AA92-4C0A-41F5-8EC3-DA9598A3B5C9}) (Version: 4.0.2.4064 - Lascar Electronics Ltd.)
proDAD Adorage 3.0 (HKLM-x32\...\proDAD-Adorage-3.0) (Version: 3.0.114.1 - proDAD GmbH)
QODBC Driver (HKLM-x32\...\QODBC Driver) (Version: - )
QuickBooks (HKLM-x32\...\{8FAA979A-67A1-4B58-8AA2-A93A13C7FBE2}) (Version: 31.0.4005.3103 - Intuit Inc.) Hidden
QuickBooks Advanced Reporting (HKLM\...\{07D0B043-1082-4667-9FBA-E2EFB35A42E5}) (Version: 2.9.1.0 - Intuit Inc.)
QuickBooks Advanced Reporting (HKLM\...\{496496A0-6C22-4C5E-A428-DC13B60171CD}) (Version: 2.9.1.0 - Intuit Inc.) Hidden
QuickBooks Desktop File Doctor (HKLM-x32\...\{07441683-C1C3-43BC-B3E7-F213B3A69B76}) (Version: 4.6.0.0 - Intuit Inc.)
QuickBooks Enterprise Solutions: Mfg and Whsle Edition 21.0 (HKLM-x32\...\{C334B95F-60B0-4BF6-B421-370BDDD6D40D}) (Version: 31.0.4005.3103 - Intuit Inc.)
QuickBooks Runtime Redistributable (HKLM\...\{F2A4F809-2DE6-4D27-888B-4D2BB8DAF20E}) (Version: 1.00.0000 - Intuit Inc.)
QuickBooks Tool Hub (HKLM-x32\...\{5A43047E-1ACD-4F89-99E6-69988300E6AB}) (Version: 1.4.0.0 - Intuit Inc.)
Quicken (HKLM-x32\...\{62D93E3E-2F8E-42BD-9343-896F4F0031D3}) (Version: 27.1.31.20 - Quicken)
Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6124 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.4 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.4 - VS Revo Group, Ltd.)
ScreenConnect Client (15747732edbf6a63) (HKLM-x32\...\{24DA9058-985A-4101-AB2F-8F45E665233A}) (Version: 21.6.3172.7787 - ScreenConnect Software)
Security Task Manager 2.4 (HKLM-x32\...\Security Task Manager) (Version: 2.4 - Neuber Software)
SOLIDWORKS 2017 SP04.1 (HKLM\...\{BB965FD0-077F-4CA4-BFD1-39FFEFF15770}) (Version: 25.141.1 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS 2017 SP04.1 (HKLM-x32\...\SolidWorks Installation Manager 20170-40401-1100-100) (Version: 25.4.1.1 - SolidWorks Corporation)
SOLIDWORKS Composer Player 2017 SP04.1 (HKLM\...\{2F5D372A-EE3F-4201-8899-AA717AB91110}) (Version: 25.41.1 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS eDrawings 2017 SP04.1 (HKLM\...\{CB113D0F-B49B-47DC-973D-491AD5E5012E}) (Version: 17.4.1001 - Dassault Systèmes SolidWorks Corp) Hidden
SOLIDWORKS Explorer 2017 SP04.1 (HKLM\...\{41487B2B-99A9-4E1B-90A3-433F6C228C72}) (Version: 25.41.1 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS Visualize 2017 SP04.1 (HKLM\...\{D802560E-F2DA-4CCD-85EB-C29437F112F2}) (Version: 25.41.1 - Dassault Systemes SolidWorks Corp) Hidden
SQL Server 2016 Batch Parser (HKLM\...\{D7A905DB-9A1E-4670-9488-F979F8A77A58}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
SQL Server 2016 Common Files (HKLM\...\{16F3645F-1343-4462-92DC-9AE66A2E68A3}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
SQL Server 2016 Common Files (HKLM\...\{57846DA8-8B5D-4466-B850-E8CDFC94046C}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
SQL Server 2016 Connection Info (HKLM\...\{74940EE5-66DB-42E3-AC30-295D13B461A7}) (Version: 13.0.14500.10 - Microsoft Corporation) Hidden
SQL Server 2016 Connection Info (HKLM\...\{8A3AE1F0-0752-435D-A01C-033BDD629C8B}) (Version: 13.0.14500.10 - Microsoft Corporation) Hidden
SQL Server 2016 Database Engine Services (HKLM\...\{0C457EC3-E998-4041-B856-908D5A2C1708}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
SQL Server 2016 Database Engine Services (HKLM\...\{51574D2C-DE28-4441-BDC2-967F0FFC0918}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
SQL Server 2016 Database Engine Shared (HKLM\...\{686A81C0-C8E4-46F6-952F-B19A28E8C430}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
SQL Server 2016 Database Engine Shared (HKLM\...\{81CABA93-27C0-4BD9-9B5E-227C76B59F46}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
SQL Server 2016 DMF (HKLM\...\{2FFF0757-4360-42F5-8814-16BB5CF0145F}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
SQL Server 2016 DMF (HKLM\...\{34A20DEE-6AD4-44A6-95FF-DFF95CD22B8C}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
SQL Server 2016 Shared Management Objects (HKLM\...\{D3FC7A31-F127-4E2A-96F6-B24FA7D3FFAF}) (Version: 13.0.14500.10 - Microsoft Corporation) Hidden
SQL Server 2016 Shared Management Objects (HKLM\...\{F8001E21-CFCC-47AD-A3B1-6B3EB6D35E48}) (Version: 13.0.14500.10 - Microsoft Corporation) Hidden
SQL Server 2016 Shared Management Objects Extensions (HKLM\...\{B6E1A5EB-1C58-4A04-B76B-E5FE1BE22CA1}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
SQL Server 2016 Shared Management Objects Extensions (HKLM\...\{FA548BCB-5732-40F8-85B0-61515D18D9C1}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
SQL Server 2016 SQL Diagnostics (HKLM\...\{766BE25E-D2B5-4E76-BCB0-29B801BADB3F}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
SQL Server 2016 XEvent (HKLM\...\{8CF2CA8E-3984-46B9-B493-F844F3774FA1}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
SQL Server 2016 XEvent (HKLM\...\{E6FFAAAF-D8B5-4D46-8514-26E96D9F3D8D}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (HKLM\...\{0D9BD39A-A870-4FDF-B590-1E9787CF16D9}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.7174 - Microsoft Corporation)
ToolSetup (HKLM-x32\...\{2440F52B-9D1B-43DC-A745-D846CF432A6E}) (Version: 1.0.0 - Default Company Name)
TurboMeeting (HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\TurboMeeting) (Version: 3.0.580 - RHUB Communications, Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Veriato 360 (HKLM-x32\...\{c0dee753-0166-4f0e-b5a4-409ca58100c3}) (Version: 9.0.3.52292 - Veriato Inc.)
Veriato 360 Database Setup (HKLM\...\{F478C59B-F3F6-4176-B497-E10579F23266}) (Version: 9.0.3.52292 - Veriato Inc.) Hidden
Veriato 360 Deployment Manager (HKLM\...\{B81A29FB-B794-4EE9-B1CB-9D8AF9C4CD44}) (Version: 9.0.3.52292 - Veriato Inc.) Hidden
Veriato 360 Deployment Service (HKLM\...\{CC5BF9F5-2DFF-4A77-A6F0-742DCCFF32DB}) (Version: 9.0.3.52292 - Veriato Inc.) Hidden
Veriato 360 Notification Services (HKLM\...\{3B237B2B-8A2C-4556-B11E-D1D6AB246E93}) (Version: 9.0.3.52292 - Veriato Inc.) Hidden
Veriato 360 Prerequisites (HKLM\...\{1502125B-C41E-4741-BFA3-A4EC68C0D60B}) (Version: 9.0.3.52292 - Veriato Inc.) Hidden
Veriato 360 Scheduler Service (HKLM\...\{43DDE7A0-C8D6-4D08-9B36-36A411382707}) (Version: 9.0.3.52292 - Veriato Inc.) Hidden
Veriato 360 Service (HKLM\...\{1ED14082-1AFE-423F-973C-AD3E3D50DC26}) (Version: 9.0.3.52292 - Veriato Inc.) Hidden
Veriato 360 SignalR Service (HKLM\...\{ADFC97EF-2CA7-4018-A62B-79A2A5A88CF3}) (Version: 9.0.3.52292 - Veriato Inc.) Hidden
Veriato 360 Web UI Data Service (HKLM\...\{FE6757A9-89A0-47A1-B7E0-7694E8AC9A40}) (Version: 9.0.3.52292 - Veriato Inc.) Hidden
Veriato Exchange Recorder (HKLM\...\{51C29BD7-C57E-44B7-AE81-619843ADF436}) (Version: 9.0.3.52292 - Veriato Inc.) Hidden
Veriato Management Console (HKLM\...\{2289D522-3840-4D54-BA23-53C7A6FF634A}) (Version: 9.0.3.52292 - Veriato Inc.) Hidden
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-3) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WD Backup (HKLM-x32\...\{786f930d-c00a-441a-9e9b-b74103f8acbb}) (Version: 1.9.7117.6823 - Western Digital Technologies, Inc.)
WD Backup (HKLM-x32\...\{BD6A391C-1CBE-4193-BCE6-89F550252C3B}) (Version: 1.9.7117.6823 - Western Digital Technologies, Inc) Hidden
WD Desktop App 2.1.0.246 (HKLM-x32\...\{efa29edd-d423-4291-b1d0-71428a78579f}) (Version: 2.1.0.246 - Western Digital Corporation) Hidden
WD Desktop App 2.1.0.246 (x64) (HKLM\...\{CA7F7232-526E-41BD-971A-47BE28C18516}) (Version: 2.1.0.246 - Western Digital Corporation) Hidden
WD Discovery (HKLM-x32\...\WDDiscovery) (Version: 3.5.152 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{C24328D2-3D94-4281-B174-3AD6F92012F7}) (Version: 2.0.0.63 - Western Digital Technologies, Inc.) Hidden
WD Drive Utilities (HKLM-x32\...\{d4b2783c-7832-4902-bca3-bbfccdda2fad}) (Version: 2.0.0.63 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{9CC1378D-FDA5-49EF-B2AE-7DF54DECCC26}) (Version: 2.0.0.63 - Western Digital Technologies, Inc.) Hidden
WD Security (HKLM-x32\...\{af0fc1d4-5f37-40f2-a7c4-390d6ce1d270}) (Version: 2.0.0.63 - Western Digital Technologies, Inc.)
WD SES Driver Setup (HKLM-x32\...\{924A274D-38B6-4930-8859-F3F51CFA8DDD}) (Version: 1.1.0.25 - Western Digital) Hidden
Webroot SecureAnywhere (HKLM-x32\...\{98C3BECF-DD5F-44D2-8EF3-48A904180103}) (Version: 9.24.49 - Webroot)
Webroot SecureAnywhere (HKLM-x32\...\{98C3BECF-DD5F-44D2-8EF3-48A943290225}) (Version: 9.18.44 - Webroot)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation)
Windows Driver Package - Provo Craft & Novelty, Inc. (usbser) Ports (08/01/2016 1.3.0.0) (HKLM\...\17736CDD02DF8CFDD0CC1097668A82C013C969F3) (Version: 08/01/2016 1.3.0.0 - Provo Craft & Novelty, Inc.)
Windows Small Business Server 2011 Standard ClientAgent (HKLM\...\{5C72F8A3-BF39-4733-B41E-0ED7EF622E37}) (Version: 6.1.7900.1 - Microsoft Corporation)
WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft)
Zoom (HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\ZoomUMX) (Version: 5.3.1 (52879.0927) - Zoom Video Communications, Inc.)
ZoomInfo Contact Contributor (HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\ZoomInfo Contact Contributor) (Version: 59 - )
Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-07-26] (Adobe Systems Incorporated)
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2019-07-26] (Adobe Systems Incorporated)
Adobe Photoshop Express: Image Editor, Adjustments, Filters, Effects, Borders -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobePhotoshopExpress_3.4.8.0_x64__ynb6jyjzte8ga [2020-11-12] (Adobe Inc.)
Adobe Reader Touch -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobeReader_3.1.8.7675_x86__ynb6jyjzte8ga [2017-06-28] (Adobe Systems Incorporated)
BreeZip -> C:\Program Files\WindowsApps\3138AweZip.AweZip_1.4.1.0_x86__ffd303wmbhcjt [2021-05-07] (BreeZip) [MS Ad]
Code Writer -> C:\Program Files\WindowsApps\ActiproSoftwareLLC.562882FEEB491_4.2.42.0_x64__24pqs290vpjk0 [2021-03-04] (Actipro Software LLC)
Crafty File Viewer -> C:\Program Files\WindowsApps\BallardAppCraftery.CraftyFileViewer_1.1.0.24_neutral__epyrqhfctk40t [2018-02-05] (Ballard App Craftery)
Dell Document Hub -> C:\Program Files\WindowsApps\DellPrinter.DellDocumentHub_1.7.0.6_x64__nmdn7k89bxsn6 [2021-04-25] (DELL GLOBAL B.V. (SINGAPORE BRANCH))
Duolingo - Learn Languages for Free -> C:\Program Files\WindowsApps\D5EA27B7.Duolingo-LearnLanguagesforFree_2017.112.1.0_x64__yx6k7tf7xvsea [2018-01-29] (Duolingo Inc.)
Eclipse Manager -> C:\Program Files\WindowsApps\46928bounde.EclipseManager_4.0.21.0_neutral__a5h4egax66k6y [2020-07-09] (Ounce Digital)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa [2021-04-26] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-05-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-05-07] (Microsoft Corporation) [MS Ad]
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.1810.0_x64__8wekyb3d8bbwe [2021-03-05] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5060.0_x64__8wekyb3d8bbwe [2021-05-10] (Microsoft Studios) [MS Ad]
Microsoft Wireless Display Adapter -> C:\Program Files\WindowsApps\Microsoft.SurfaceWirelessDisplayAdapter_4.227.139.0_x64__8wekyb3d8bbwe [2020-11-28] (Microsoft Corporation) [Startup Task]
Network Speed Test -> C:\Program Files\WindowsApps\Microsoft.NetworkSpeedTest_1.0.0.23_x64__8wekyb3d8bbwe [2018-01-29] (Microsoft Research)
Pandora -> C:\Program Files\WindowsApps\PandoraMediaInc.29680B314EFC2_15.0.3.0_x64__n619g4d5j0fnw [2019-11-19] (Pandora Media Inc) [Startup Task]
Power BI -> C:\Program Files\WindowsApps\Microsoft.MicrosoftPowerBIForWindows_3221.30502.33830.0_x64__8wekyb3d8bbwe [2021-05-07] (Microsoft Corporation)
Power BI Desktop -> C:\Program Files\WindowsApps\Microsoft.MicrosoftPowerBIDesktop_2.93.641.0_x64__8wekyb3d8bbwe [2021-05-13] (Microsoft Corporation)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-06-20] (Adobe Systems Incorporated)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3262525730-2997792904-2310648795-1158_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-FADEE8DE10F5} -> [Creative Cloud Files] => C:\Users\renee\Creative Cloud Files [2018-01-17 16:20]
CustomCLSID: HKU\S-1-5-21-3262525730-2997792904-2310648795-1158_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\renee\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19029.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3262525730-2997792904-2310648795-1158_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2020 - English\en-US\dwgviewrficn.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3262525730-2997792904-2310648795-1158_Classes\CLSID\{74D0CE91-F931-4FAC-BEA9-EE32E43EAD37}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2020 - English\dwgviewr.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3262525730-2997792904-2310648795-1158_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\renee\AppData\Local\GoToMeeting\15939\G2MOutlookAddin64.dll => No File
CustomCLSID: HKU\S-1-5-21-3262525730-2997792904-2310648795-1158_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\renee\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19029.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3262525730-2997792904-2310648795-1158_Classes\CLSID\{DAE467D6-5C66-404A-BD99-4AC8261A733A}\InprocServer32 -> C:\Users\renee\AppData\Local\Microsoft\OffCAT\OffCATv2Addin.dll (Microsoft Corporation -> Microsoft)
CustomCLSID: HKU\S-1-5-21-3262525730-2997792904-2310648795-1158_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\renee\Dropbox [2018-12-28 13:53]
CustomCLSID: HKU\S-1-5-21-3262525730-2997792904-2310648795-1158_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
SSODL: WDFSMountNotificator-wdfsconnect2017 - {C6CC5486-937C-49ED-9D1B-4FDCDF4966BF} - C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
SSODL-x32: WDFSMountNotificator-wdfsconnect2017 - {C6CC5486-937C-49ED-9D1B-4FDCDF4966BF} - C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
ShellServiceObjects: Virtual Storage Mount Notification -> {C6CC5486-937C-49ED-9D1B-4FDCDF4966BF} => C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
ShellServiceObjects-x32: Virtual Storage Mount Notification -> {C6CC5486-937C-49ED-9D1B-4FDCDF4966BF} => C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay01] -> {4F8A325E-9DAF-44B8-A825-1A14DFA0FA78} => C:\Program Files\WD Desktop App\kda.DLL [2019-07-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay02] -> {0176BDDE-B59A-4A1E-808B-CAD461415CCA} => C:\Program Files\WD Desktop App\kda.DLL [2019-07-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay03] -> {B65909D1-57AF-41F5-AB94-BEB733F62B35} => C:\Program Files\WD Desktop App\kda.DLL [2019-07-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay04] -> {C6C2397D-8238-4332-8935-86C39C7C165F} => C:\Program Files\WD Desktop App\kda.DLL [2019-07-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay05] -> {E7B3BCF9-0386-4B5F-AE6A-91B9F1423973} => C:\Program Files\WD Desktop App\kda.DLL [2019-07-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay06] -> {564EA121-D9DA-485D-82C2-C2ED7BFCCEAD} => C:\Program Files\WD Desktop App\kda.DLL [2019-07-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2019-02-08] (Autodesk, Inc. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2019-02-08] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-02-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1-x32: [Autodesk.DWF.ContextMenu] -> {6C18531F-CA85-45F7-8278-FF33CF0A5964} => C:\Program Files (x86)\Common Files\Autodesk Shared\DWF Common\DWFShellExtension.dll [2017-03-09] (Autodesk, Inc.) [File not signed]
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [WDDesktopContextMenu] -> {47625ad9-51e4-3519-92d0-07ecd5b8f771} => C:\Program Files\WD Desktop App\kda.DLL [2019-07-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ContextMenuHandlers1: [WRShellExt] -> {69D72956-317C-44bd-B369-8E44D4EF9802} => C:\Windows\system32\WRusr.dll [2021-05-13] (Webroot Inc. -> Webroot)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-03-11] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [WDDesktopContextMenu] -> {47625ad9-51e4-3519-92d0-07ecd5b8f771} => C:\Program Files\WD Desktop App\kda.DLL [2019-07-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5f0421f78ff0cab8\igfxDTCM.dll [2020-04-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-02-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-03-11] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WRShellExt] -> {69D72956-317C-44bd-B369-8E44D4EF9802} => C:\Windows\system32\WRusr.dll [2021-05-13] (Webroot Inc. -> Webroot)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.pDAD] => C:\Windows\SysWOW64\prodad-codec.dll [506392 2016-04-27] (proDAD GmbH -> proDAD GmbH)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\renee\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.htm
ShortcutWithArgument: C:\Users\renee\Desktop\Renee (
[email protected]) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\renee\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\
[email protected] - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) =============
2016-10-24 18:34 - 2016-10-24 18:34 - 000010240 _____ (Dell Inc.) [File not signed] [File is in use] C:\Program Files (x86)\Dell\SupportAssistAgent\bin\ChatServer.dll
2017-02-13 14:54 - 2017-02-13 14:54 - 000132096 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\epnsm.dll
2018-03-05 16:41 - 2018-03-05 16:41 - 000057856 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\EPNWPSHDevFinder.DLL
2009-10-21 17:39 - 2009-10-21 17:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\LcMgr.dll
2016-10-24 18:33 - 2016-10-24 18:33 - 000315392 _____ (The Apache Software Foundation) [File not signed] [File is in use] C:\Program Files (x86)\Dell\SupportAssistAgent\bin\log4net.dll
2019-10-23 12:21 - 2017-11-10 12:51 - 000180224 _____ (Western Digital Technologies, Inc.) [File not signed] C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ScreenConnect Client (15747732edbf6a63) => ""="Service"
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-1037252052-873270737-574051151-1005\Software\Classes\exefile: "%1" %* <==== ATTENTION
HKU\S-1-5-21-1037252052-873270737-574051151-1005\Software\Classes\.exe: exefile => "%1" %* <==== ATTENTION
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\Software\Classes\exefile: "%1" %* <==== ATTENTION
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\Software\Classes\.exe: exefile => "%1" %* <==== ATTENTION
HKU\S-1-5-80-1932595877-2366943647-1318061336-960667907-2026828537\Software\Classes\exefile: "%1" %* <==== ATTENTION
HKU\S-1-5-80-1932595877-2366943647-1318061336-960667907-2026828537\Software\Classes\.exe: exefile => "%1" %* <==== ATTENTION
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google/
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://www.msn.com/?pc=U220&ocid=U220DHP&osmkt=en-us
SearchScopes: HKLM -> DefaultScope {D607C6D1-B158-4DB7-BE5A-644D3A74FBEF} URL =
SearchScopes: HKLM-x32 -> DefaultScope {D607C6D1-B158-4DB7-BE5A-644D3A74FBEF} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {D607C6D1-B158-4DB7-BE5A-644D3A74FBEF} URL =
SearchScopes: HKU\S-1-5-21-3262525730-2997792904-2310648795-1158 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
SearchScopes: HKU\S-1-5-21-3262525730-2997792904-2310648795-1158 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
SearchScopes: HKU\S-1-5-21-3262525730-2997792904-2310648795-1158 -> {0CE02FFA-A6B0-46F6-BA2F-BD32C3630126} URL =
SearchScopes: HKU\S-1-5-21-3262525730-2997792904-2310648795-1158 -> {5D17039F-E3FB-4274-B966-92E8E7A58336} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-3262525730-2997792904-2310648795-1158 -> {D607C6D1-B158-4DB7-BE5A-644D3A74FBEF} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-05-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: No Name -> {C6CC5486-937C-49ED-9D1B-4FDCDF4966BF}' -> No File
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-05-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-05-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: No Name -> {C6CC5486-937C-49ED-9D1B-4FDCDF4966BF}' -> No File
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-05-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-05-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-05-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2019-01-25] (Belarc, Inc. -> Belarc, Inc.)
Handler-x32: intu-help-qb14 - {C854407F-AA78-4036-A9C1-54EBA9BD3608} - C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 21.0\HelpAsyncPluggableProtocol.dll [2021-04-10] (Intuit, Inc. -> Intuit, Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\SysWOW64\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\sharepoint.com -> hxxps://imfincnewton-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 06:47 - 2016-07-16 06:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\130\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files\Microsoft SQL Server\130\DTS\Binn\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files (x86)\Common Files\Bosch Security Systems;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\Common Files\Intuit\QBPOSSDKRuntime
HKU\S-1-5-21-1037252052-873270737-574051151-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1037252052-873270737-574051151-1005\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1037252052-873270737-574051151-1008\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1037252052-873270737-574051151-1009\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1037252052-873270737-574051151-1011\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\Control Panel\Desktop\\Wallpaper -> C:\Users\renee\AppData\Local\DisplayFusion\Wallpaper_2.png
HKU\S-1-5-80-1932595877-2366943647-1318061336-960667907-2026828537\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.16.10
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "QuickBooks_Standard_21.lnk"
HKLM\...\StartupApproved\StartupFolder: => "QuickBooks Update Agent.lnk"
HKLM\...\StartupApproved\StartupFolder: => "SOLIDWORKS 2017 Fast Start.lnk"
HKLM\...\StartupApproved\StartupFolder: => "SOLIDWORKS Background Downloader.lnk"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "RtHDVBg_MAXX6"
HKLM\...\StartupApproved\Run: => "RtHDVCpl"
HKLM\...\StartupApproved\Run: => "WavesSvc"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "RtHDVBg_PushButton"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "WDAppManager"
HKLM\...\StartupApproved\Run32: => "WDDiscovery"
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\StartupApproved\StartupFolder: => "Cricut Taskbar Application.lnk"
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\StartupApproved\Run: => "AppleIEDAV"
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\StartupApproved\Run: => "AutoStartVMA"
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\StartupApproved\Run: => "Cricut Design Space3"
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\StartupApproved\Run: => "DisplayFusion"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{F8C28A28-8542-4BBD-9BED-9986A588B36E}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{B6D51E18-FCA8-4B59-B2A0-5E2B303A8E87}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [UDP Query User{BCBC65C9-20C3-4A12-9C60-125263501725}C:\users\renee\appdata\roaming\cricut design space\web\taskbar-application-win32\release\cricuttaskbarapplication.exe] => (Allow) C:\users\renee\appdata\roaming\cricut design space\web\taskbar-application-win32\release\cricuttaskbarapplication.exe (Provo Craft & Novelty, Inc. -> Cricut, Inc.)
FirewallRules: [TCP Query User{EF6F7731-A2DA-4796-B14C-524D1CF0E5A0}C:\users\renee\appdata\roaming\cricut design space\web\taskbar-application-win32\release\cricuttaskbarapplication.exe] => (Allow) C:\users\renee\appdata\roaming\cricut design space\web\taskbar-application-win32\release\cricuttaskbarapplication.exe (Provo Craft & Novelty, Inc. -> Cricut, Inc.)
FirewallRules: [{B40A8FB9-B2EB-4F75-BBF3-DABEEB16CB5C}] => (Allow) LPort=1434
FirewallRules: [{3A7AA45A-41CA-4B5E-9DCC-1BA8B8BD6703}] => (Allow) LPort=63417
FirewallRules: [{244A29BD-A410-4B1C-930F-FA7A307FD611}] => (Allow) LPort=54709
FirewallRules: [{E4940793-DBF7-4749-8F51-DDD932CFA975}] => (Allow) LPort=443
FirewallRules: [TCP Query User{6472ABB2-4A88-4803-BFE0-F6016D59A19A}C:\program files (x86)\qodbc driver for quickbooks\qremote\server\qremoteserver.exe] => (Allow) C:\program files (x86)\qodbc driver for quickbooks\qremote\server\qremoteserver.exe (FLEXquarters.com Limited -> FLEXquarters.com Limited)
FirewallRules: [UDP Query User{AF8C85DC-65FE-4679-8C71-837232534B30}C:\program files (x86)\qodbc driver for quickbooks\qremote\server\qremoteserver.exe] => (Allow) C:\program files (x86)\qodbc driver for quickbooks\qremote\server\qremoteserver.exe (FLEXquarters.com Limited -> FLEXquarters.com Limited)
FirewallRules: [TCP Query User{F2A0F109-93DA-44AC-B50D-79600CA6D5F0}C:\users\renee\appdata\roaming\cricutdesignspace\bridge\cricutbridge.exe] => (Allow) C:\users\renee\appdata\roaming\cricutdesignspace\bridge\cricutbridge.exe => No File
FirewallRules: [UDP Query User{D158559C-6D28-46ED-A8EC-D109023F8F09}C:\users\renee\appdata\roaming\cricutdesignspace\bridge\cricutbridge.exe] => (Allow) C:\users\renee\appdata\roaming\cricutdesignspace\bridge\cricutbridge.exe => No File
FirewallRules: [TCP Query User{971BF71D-CC83-4C7C-B1DB-974FB52F70DE}C:\users\renee\appdata\roaming\cricutdesignspace\bridge\cricutbridge.exe] => (Allow) C:\users\renee\appdata\roaming\cricutdesignspace\bridge\cricutbridge.exe => No File
FirewallRules: [UDP Query User{CA5BBE49-B8C7-496D-A88F-5FF9E2522913}C:\users\renee\appdata\roaming\cricutdesignspace\bridge\cricutbridge.exe] => (Allow) C:\users\renee\appdata\roaming\cricutdesignspace\bridge\cricutbridge.exe => No File
FirewallRules: [TCP Query User{C6D74910-5DA2-4228-ABA2-973C86BE06A6}C:\users\renee\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\renee\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe => No File
FirewallRules: [UDP Query User{3DA159D1-3AA5-48A4-8B91-8609C78D8AB1}C:\users\renee\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\renee\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe => No File
FirewallRules: [TCP Query User{D822C11A-DB2A-457B-AA9A-ED81FD908D04}C:\windows\system32\mmc.exe] => (Block) C:\windows\system32\mmc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{3564C102-D141-4608-8452-2694E6A505A1}C:\windows\system32\mmc.exe] => (Block) C:\windows\system32\mmc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{99B14C9D-6784-408C-B157-77847014B492}C:\users\renee\appdata\roaming\cricutdesignspace3\bridge\cricutbridge4.exe] => (Allow) C:\users\renee\appdata\roaming\cricutdesignspace3\bridge\cricutbridge4.exe => No File
FirewallRules: [UDP Query User{1256595B-0462-46F9-B263-1B51368271B8}C:\users\renee\appdata\roaming\cricutdesignspace3\bridge\cricutbridge4.exe] => (Allow) C:\users\renee\appdata\roaming\cricutdesignspace3\bridge\cricutbridge4.exe => No File
FirewallRules: [{D99A99B5-644F-4A7A-9ABC-99AA6DA8CC76}] => (Allow) C:\Program Files (x86)\SAAZOD\BaseComponents\PatchManagement\zPMAMgmt.exe (CONTINUUM MANAGED SERVICES, LLC -> Continuum Managed Services, LLC.)
FirewallRules: [{F7AAEEBA-D402-4F85-AB0C-505C352640F9}] => (Allow) C:\Program Files (x86)\SAAZOD\BaseComponents\PatchManagement\zPMAMgmt.exe (CONTINUUM MANAGED SERVICES, LLC -> Continuum Managed Services, LLC.)
FirewallRules: [{67C3FF9C-5916-4652-AA94-8A9C53358E64}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (Easeware Technology Limited -> Easeware)
FirewallRules: [{943B2B83-1639-4DF9-B98C-C0B41D712105}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe => No File
FirewallRules: [{23EAFF84-C82C-4DA6-9C30-2AF37BD1E573}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe => No File
FirewallRules: [TCP Query User{552E6A47-FC35-43EE-AFB2-CA5A0393AC56}C:\program files (x86)\bosch security systems\divar\bin\dvr_16econtrolcenter.exe] => (Allow) C:\program files (x86)\bosch security systems\divar\bin\dvr_16econtrolcenter.exe (Bosch Security Systems B.V.) [File not signed]
FirewallRules: [UDP Query User{1D2A654A-FB2D-46F6-934A-3F94FF576952}C:\program files (x86)\bosch security systems\divar\bin\dvr_16econtrolcenter.exe] => (Allow) C:\program files (x86)\bosch security systems\divar\bin\dvr_16econtrolcenter.exe (Bosch Security Systems B.V.) [File not signed]
FirewallRules: [TCP Query User{3F244DDE-8C83-491F-B9C6-FFC7B771C652}C:\program files (x86)\bosch security systems\divar\bin\configtool.exe] => (Allow) C:\program files (x86)\bosch security systems\divar\bin\configtool.exe (Bosch Security Systems B.V.) [File not signed]
FirewallRules: [UDP Query User{4EF7C3F9-470C-4BDC-B71B-FB189BBCFBD3}C:\program files (x86)\bosch security systems\divar\bin\configtool.exe] => (Allow) C:\program files (x86)\bosch security systems\divar\bin\configtool.exe (Bosch Security Systems B.V.) [File not signed]
FirewallRules: [{CEC61171-AEB8-4C1A-8296-EA59D462D852}] => (Allow) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corporation)
FirewallRules: [{6CFA217D-53BB-4AEF-85CB-521BF0ED7E4E}] => (Allow) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corporation)
FirewallRules: [{4A533558-E184-4E4E-A0D9-F0EDB9069FF7}] => (Allow) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes)
FirewallRules: [{510AF887-AC1C-4729-BBDC-40DEC9EBA96B}] => (Allow) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes)
FirewallRules: [{42855B6F-F9CD-4F04-9763-907F64A1E696}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{25CF92AD-52DB-4CDC-A184-68B290F4DD95}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A45B2F01-0F3D-41CD-BF7D-865AB89654D4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D4E67ACC-1E67-4E6C-B68A-D80B44B5F3A7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B8E6EAD7-1A93-497A-8433-5F3278B1B576}] => (Allow) C:\Users\renee\AppData\Local\Temp\unpacksos\1\SRManagerSOS.exe => No File
FirewallRules: [{EA9AFEDE-31EB-4B08-8EEC-3E3E71D4AA02}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 21.0\qbw32.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{3ADCA4AA-1BFC-42EA-AAB8-16CF5FA56CA3}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 21.0\qbw32.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{CA1B8C86-1CA7-4927-AEA3-53395BA39CCA}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 21.0\dbmanagerexe.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{4835F6C3-06DC-44B3-8308-3736264BA51E}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 21.0\dbmanagerexe.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{C2936B2C-0B1A-40E6-B1AB-026768E34F30}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 21.0\filemanagement.exe (Intuit, Inc. -> )
FirewallRules: [{99C986B1-95AC-4195-84A2-F3CA78410746}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 21.0\filemanagement.exe (Intuit, Inc. -> )
FirewallRules: [{C4E7D429-1DDF-4E40-B571-80F6D5CA1FF9}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{3064478B-384A-4C4B-8DB3-4FA9835C7309}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{F8B4275A-EE7D-4DC2-8E71-3AB425C03497}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\qblaunch.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{6303D724-9C6F-4418-947E-1B921F894373}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\qblaunch.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{97DA0EE0-39B1-4355-9494-C23EB8C2724A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{585436F8-43E6-4C63-8E53-982F4E933838}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{49CF8DD5-7F99-4951-9A94-A472E5A7DB2E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7DB02827-9B5C-4477-B436-691EC76EBC0A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B504C4C3-4762-4244-BE96-81E7EF6A0870}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 21.0\qbdbmgrn.exe (Intuit, Inc. -> SAP SE or an SAP affiliate company)
FirewallRules: [{508B04E1-AFFD-46BE-B3CB-A1BCE4578F5A}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 21.0\qbdbmgrn.exe (Intuit, Inc. -> SAP SE or an SAP affiliate company)
FirewallRules: [{0DBD65AB-9027-4148-87C2-2DC28BBA786C}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 21.0\QBDBMgrN.exe (Intuit, Inc. -> SAP SE or an SAP affiliate company)
FirewallRules: [{C2A127D5-7DC7-4E65-9EDE-67F7A98DC917}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 21.0\QBDBMgrN.exe (Intuit, Inc. -> SAP SE or an SAP affiliate company)
FirewallRules: [{DE5B67D4-3F54-4146-94DA-9074E51D1022}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F821CA81-C996-4259-B082-32967F3524EF}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{437C6081-5057-4762-A83D-49D36DAD1A56}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D7262972-EE1F-4C80-9D81-38749CA4BB89}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6C3201D2-BAE7-4D24-A162-6CFC57AA1657}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5578799C-33FF-4A24-BEC7-521E7633B722}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{153728FD-EA08-45E0-84BB-FF0EB7EA4127}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{98565D1C-52C9-4283-9B32-F6B23FAFEC28}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5BD41E14-0188-4570-AB77-DE22BFF032F9}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 21.0\CefSharp.BrowserSubprocess.exe (The CefSharp Authors) [File not signed]
FirewallRules: [{2FC9765B-CE22-4E59-AD89-4D04AF729B85}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.56\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{818A5E90-9FF4-404C-AA68-8AA57AED7BF6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{78FAFCB5-420B-4FE9-A5FA-2B66E8286C11}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CFE5939F-B580-4173-BD7F-23B366A764FA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4A586C97-B0E5-46E7-8774-9F779B4E7FB7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AD3B3F10-45AF-4E58-A30A-D259C9E20A4E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{49980D6E-A567-4D17-8BD1-6CF98950C939}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{839E1E54-A014-4129-A523-4D15749F5C91}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (05/13/2021 12:59:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 10.0.19041.928, time stamp: 0xbc61eb13
Faulting module name: ucrtbase.dll, version: 10.0.19041.789, time stamp: 0x2bd748bf
Exception code: 0xc0000409
Fault offset: 0x000000000007286e
Faulting process id: 0x31b8
Faulting application start time: 0x01d74821af96450c
Faulting application path: C:\WINDOWS\explorer.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: de62b4f8-9794-4666-84bd-08f1d5ae23b4
Faulting package full name:
Faulting package-relative application ID:
Error: (05/13/2021 12:59:24 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: explorer.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Runtime.InteropServices.SEHException
at AutoPtr<OdSmartPtr<OdDbObject> >.Reset(OdSmartPtr<OdDbObject>*)
at AutoPtr<OdSmartPtr<OdDbObject> >.Dispose(Boolean)
Error: (05/13/2021 12:59:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 10.0.19041.928, time stamp: 0xbc61eb13
Faulting module name: ucrtbase.dll, version: 10.0.19041.789, time stamp: 0x2bd748bf
Exception code: 0xc0000409
Fault offset: 0x000000000007286e
Faulting process id: 0x2de4
Faulting application start time: 0x01d74821a56fdb61
Faulting application path: C:\WINDOWS\explorer.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: f778a146-aed4-4fd5-86d8-21cc98a29dc0
Faulting package full name:
Faulting package-relative application ID:
Error: (05/13/2021 12:59:08 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: explorer.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Runtime.InteropServices.SEHException
at AutoPtr<OdSmartPtr<OdDbObject> >.Reset(OdSmartPtr<OdDbObject>*)
at AutoPtr<OdSmartPtr<OdDbObject> >.Dispose(Boolean)
Error: (05/13/2021 12:58:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 10.0.19041.928, time stamp: 0xbc61eb13
Faulting module name: ucrtbase.dll, version: 10.0.19041.789, time stamp: 0x2bd748bf
Exception code: 0xc0000409
Fault offset: 0x000000000007286e
Faulting process id: 0x2e1c
Faulting application start time: 0x01d74821476b4d3b
Faulting application path: C:\WINDOWS\explorer.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: caae7914-0301-4a27-aa31-db1f78e2be89
Faulting package full name:
Faulting package-relative application ID:
Error: (05/13/2021 12:58:36 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: explorer.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Runtime.InteropServices.SEHException
at AutoPtr<OdSmartPtr<OdDbObject> >.Reset(OdSmartPtr<OdDbObject>*)
at AutoPtr<OdSmartPtr<OdDbObject> >.Dispose(Boolean)
Error: (05/13/2021 12:57:22 PM) (Source: SecurityCenter) (EventID: 19) (User: )
Description: The Windows Security Center Service was unable to load instances of AntiVirusProduct from datastore.
Error: (05/13/2021 12:56:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IAStorDataMgrSvc.exe, version: 14.8.9.1053, time stamp: 0x5718affa
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x04f610a5
Faulting process id: 0x2c70
Faulting application start time: 0x01d7482134ff1802
Faulting application path: C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
Faulting module path: unknown
Report Id: 34f87b1c-6d0e-4b6a-8529-ec3017f57eb5
Faulting package full name:
Faulting package-relative application ID:
System errors:
=============
Error: (05/13/2021 12:56:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s).
Error: (05/13/2021 12:55:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Dell Digital Delivery Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (05/13/2021 12:55:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Dell Digital Delivery Service service to connect.
Error: (05/13/2021 12:52:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The BootstrapService service terminated with the following error:
Incorrect function.
Error: (05/13/2021 12:18:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s).
Error: (05/13/2021 12:17:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Dell Digital Delivery Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (05/13/2021 12:17:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Dell Digital Delivery Service service to connect.
Error: (05/13/2021 12:13:38 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The BootstrapService service terminated with the following error:
Incorrect function.
CodeIntegrity:
===============
Date: 2021-05-13 14:09:16
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Webroot\WRSA.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. 1.14.2 12/24/2020
Motherboard: Dell Inc. 0HKCW0
Processor: Intel® Core i5-6500 CPU @ 3.20GHz
Percentage of memory in use: 67%
Total physical RAM: 8095.85 MB
Available physical RAM: 2639.35 MB
Total Virtual: 8607.85 MB
Available Virtual: 2000.04 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:453.54 GB) (Free:106.2 GB) (Protected) NTFS
Drive e: () (Fixed) (Total: ? GB) (Free: ? GB) (Protected) (Locked)
\\?\Volume{89d5afb3-3f51-4f55-a775-86209c659f61}\ () (Fixed) (Total:0.85 GB) (Free:0.41 GB) NTFS
\\?\Volume{e6814e32-bcd3-408c-be49-1c4f598ac3c6}\ (Image) (Fixed) (Total:10.76 GB) (Free:0.52 GB) NTFS
\\?\Volume{f1b449e4-6b40-46b3-9074-4b34afeecfa4}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.45 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 7A047024)
Partition: GPT.
==========================================================
Disk: 1 (Size: 3726 GB) (Disk ID: 16F2A91F)
Partition: GPT.
==================== End of Addition.txt =======================