Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Spyware/Monitoring Software

Started by usarenee , May 13 2021 01:51 PM
virus spyware malware removal

  • Please log in to reply

#1
usarenee
Posted 13 May 2021 - 01:51 PM

usarenee

    New Member

  • Member
  • Pip
  • 2 posts

For the last few years I have been having strange things happen on my computer.  I believe someone might have put monitoring software on my computer back in the beginning of 2017.  When I come in sometimes my computer will be signed out or shut down completely.  My desktop will change at times.  I can no longer access my event files on some things.  I am not sure if Adobe software is able to backup but there was a time when I didn't have access to my files.  I contacted Adobe and the sign-in didn't belong to me but someone else had paid for a pro subscription for my email.  They released it but wouldn't tell me who had paid for it.  I am hoping someone can verify if my files are somehow being backed up. 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-05-2021
Ran by Renee (administrator) on RENEE-DELL (Dell Inc. OptiPlex 3040) (13-05-2021 14:02:46)
Running from C:\Users\renee\Desktop
Loaded Profiles: VeriatoService & Renee & SQLTELEMETRY$VERIATO360
Platform: Windows 10 Pro Version 2004 19041.928 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(A. & M. Neuber Software -> Neuber Software - www.neuber.com) C:\Program Files (x86)\Security Task Manager\SpyProtector.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Binary Fortress Software Ltd -> Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
(ConnectWise, LLC -> ) C:\Program Files (x86)\ScreenConnect Client (15747732edbf6a63)\ScreenConnect.ClientService.exe
(ConnectWise, LLC -> ScreenConnect Software) C:\Program Files (x86)\ScreenConnect Client (15747732edbf6a63)\ScreenConnect.WindowsClient.exe
(CONTINUUM MANAGED SERVICES, LLC -> ) C:\Program Files (x86)\ITSPlatform\agentcore\platform-agent-core.exe
(CONTINUUM MANAGED SERVICES, LLC -> ) C:\Program Files (x86)\ITSPlatform\agentmanager\platform-agent-manager.exe
(CONTINUUM MANAGED SERVICES, LLC -> ) C:\Program Files (x86)\ITSPlatform\plugin\eventlog\platform-eventlog-plugin.exe
(CONTINUUM MANAGED SERVICES, LLC -> ) C:\Program Files (x86)\ITSPlatform\plugin\sysevents\platform-sysevents-plugin.exe
(CONTINUUM MANAGED SERVICES, LLC -> Continuum Managed Service LLC.) C:\Program Files (x86)\SAAZOD\SAAZScheduler.exe
(CONTINUUM MANAGED SERVICES, LLC -> Continuum Managed Services LLC.) C:\Program Files (x86)\SAAZOD\SAAZDPMACTL.exe
(CONTINUUM MANAGED SERVICES, LLC -> Continuum Managed Services LLC.) C:\Program Files (x86)\SAAZOD\SAAZServerPlus.exe
(CONTINUUM MANAGED SERVICES, LLC -> Continuum Managed Services LLC.) C:\Program Files (x86)\SAAZOD\SAAZWatchDog.exe
(CONTINUUM MANAGED SERVICES, LLC -> Continuum Managed Services LLC.) C:\Program Files (x86)\SAAZOD\zRealTime\SAAZappr.exe
(Continuum Managed Solutions Pvt. Ltd. -> Continuum Managed Services LLC.) C:\Program Files (x86)\SAAZOD\zRealTime\rtHlpDk.exe
(Dassault Systemes SolidWorks Corp. -> Dassault Systèmes) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe
(Dell Inc. -> Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(FLEXquarters.com Limited -> FLEXquarters.com Limited) C:\Program Files (x86)\QODBC Driver for QuickBooks\QRemote\Server\QRemoteServer.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5f0421f78ff0cab8\igfxCUIService.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5f0421f78ff0cab8\igfxEM.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5f0421f78ff0cab8\IntelCpHDCPSvc.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5f0421f78ff0cab8\IntelCpHeciSvc.exe
(Intuit Inc.) [File not signed] C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
(Intuit, Inc. -> ) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBWebConnector3.0\Intuit.QBDT.Webconnector.Application.exe
(Intuit, Inc. -> ) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBWebConnector3.0\Intuit.QBDT.Webconnector.QBWCMonitor.exe
(Intuit, Inc. -> Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Intuit, Inc. -> Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBWebConnector\QBWebConnector.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\ramaint.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Users\renee\AppData\Local\Microsoft\OffCAT\OffCAT_RTS.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL13.VERIATO360\MSSQL\Binn\sqlceip.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL13.VERIATO360\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SurfaceWirelessDisplayAdapter_4.227.139.0_x64__8wekyb3d8bbwe\Desktop\WDADesktopService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wksprt.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wscript.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe <2>
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Techporch Incorporated -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Techporch Incorporated -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Veriato, Inc.) [File not signed] C:\Program Files\Veriato\Deployment Manager\Veriato360.Deployment.Manager.exe
(Veriato, Inc.) [File not signed] C:\Program Files\Veriato\Deployment\Veriato360.Deployment.Dispatcher.exe
(Veriato, Inc.) [File not signed] C:\Program Files\Veriato\ExchangeRecorder\ExchangeRecorder.exe
(Veriato, Inc.) [File not signed] C:\Program Files\Veriato\Notification Services\Veriato360.Notification.Services.exe
(Veriato, Inc.) [File not signed] C:\Program Files\Veriato\Scheduler\Veriato360.Scheduling.SchedulerService.exe
(Veriato, Inc.) [File not signed] C:\Program Files\Veriato\Service\Veriato360.Windows.Services.exe
(Veriato, Inc.) [File not signed] C:\Program Files\Veriato\SignalR\SignalRService.exe
(Veriato, Inc.) [File not signed] C:\Program Files\Veriato\WebUIDataService\WebUIDataServiceHost.exe
(Webroot Inc. -> Webroot) C:\Program Files (x86)\Webroot\WRSA.exe <2>
(Webroot Inc. -> Webroot, Inc.) C:\Program Files\Webroot\Core\WRCoreService.x64.exe
(Webroot Inc. -> Webroot, Inc.) C:\Program Files\Webroot\Core\WRSkyClient.x64.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
Failed to access process -> explorer.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [322120 2016-04-29] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [456904 2021-03-29] (LogMeIn, Inc. -> LogMeIn, Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9230296 2019-03-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489400 2019-03-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489400 2019-03-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [723928 2017-01-26] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2084920 2019-09-27] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [WRSVC] => C:\Program Files (x86)\Webroot\WRSA.exe [4918152 2020-12-09] (Webroot Inc. -> Webroot)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [8172264 2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5237416 2021-03-05] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [WDDiscovery] => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe [81376496 2019-10-26] (Western Digital Technologies, Inc. -> Western Digital Corporation)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [2311840 2019-06-26] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [24720 2019-06-27] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1319208 2019-05-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Spy Protector] => C:\Program Files (x86)\Security Task Manager\SpyProtector.exe [145280 2018-10-19] (A. & M. Neuber Software -> Neuber Software - www.neuber.com)
HKLM-x32\...\Run: [QRemoteServer] => C:\Program Files (x86)\QODBC Driver for QuickBooks\QRemote\Server\QRemoteServer.exe [1412120 2021-01-18] (FLEXquarters.com Limited -> FLEXquarters.com Limited)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [109324536 2021-03-12] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\Run: [OffCAT] => C:\Users\renee\AppData\Local\Microsoft\OffCAT\OffCAT_RTS.exe [365440 2016-08-01] (Microsoft Corporation -> Microsoft Corp.)
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\Run: [com.squirrel.Teams.Teams] => C:\Users\renee\AppData\Local\Microsoft\Teams\Update.exe [1780096 2019-04-05] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\Run: [DisplayFusion] => C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [12684224 2020-12-28] (Binary Fortress Software Ltd -> Binary Fortress Software)
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\Run: [EPSDNMON] => ""
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5536424 2021-03-05] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\Run: [Zoom] => [X]
HKLM\...\Windows x64\Print Processors\DELG1PC: C:\Windows\System32\spool\prtprocs\x64\DELG1pc.dll [33792 2008-08-25] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Server 2003 DDK provider)
HKLM\...\Windows x64\Print Processors\dellopd: C:\Windows\System32\spool\prtprocs\x64\dellopd.ppr.dll [202512 2019-03-21] (Dell Inc. -> DELL)
HKLM\...\Windows x64\Print Processors\LogMeIn Print Processor: C:\Windows\System32\spool\prtprocs\x64\LMIproc.dll [60416 2016-01-29] (LogMeIn, Inc. -> LogMeIn, Inc.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65496 2020-10-22] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\C287SeriesPCL Language Monitor: C:\WINDOWS\system32\KOAXWJ_L.DLL [25568 2017-11-14] (Microsoft Windows Hardware Compatibility Publisher -> KONICA MINOLTA, INC.)
HKLM\...\Print\Monitors\DELG1 Langmon: C:\WINDOWS\system32\DELG1L6.DLL [27648 2008-08-25] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\LogMeIn Printer Port Monitor: C:\WINDOWS\system32\LMIport.dll [35328 2016-01-29] (LogMeIn, Inc. -> LogMeIn, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-11] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{5de81d42-ce2b-4a7e-b1b7-1312fa11c82b}] -> C:\WINDOWS\system32\GoToAssistUnlock64.dll [2020-12-28] (LogMeIn, Inc. -> )
HKLM\Software\...\Authentication\Credential Providers: [{65CD7F9B-E8F3-4bb0-82EB-6F6875B745DF}] -> C:\WINDOWS\system32\LMIinit.dll [2021-03-29] (LogMeIn, Inc. -> LogMeIn, Inc.)
HKLM\Software\...\Winlogon\GPExtensions: [{6490DB9D-2802-4956-BCCB-EC84EA0887BB}] -> C:\Program Files\Windows Small Business Server\Bin\SBSCSE.dll [2010-11-08] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{D7300225-081C-4CED-9FAD-BFCF9EC3D1D3}] -> C:\Program Files\Windows Small Business Server\Bin\SBSCSE.dll [2010-11-08] (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk [2021-01-12]
ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit, Inc. -> Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2021-01-12]
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit, Inc. -> Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Web Connector.lnk [2021-01-12]
ShortcutTarget: QuickBooks Web Connector.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBWebConnector\QBWebConnector.exe (Intuit, Inc. -> Intuit)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk [2021-01-12]
ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 21.0\QBW32.EXE (Intuit, Inc. -> Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2017 Fast Start.lnk [2019-10-30]
ShortcutTarget: SOLIDWORKS 2017 Fast Start.lnk -> C:\Windows\Installer\{BB965FD0-077F-4CA4-BFD1-39FFEFF15770}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS Background Downloader.lnk [2019-10-29]
ShortcutTarget: SOLIDWORKS Background Downloader.lnk -> C:\Program Files (x86)\Common Files\SOLIDWORKS Installation Manager\BackgroundDownloading\sldBgDwld.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corp.)
Startup: C:\Users\renee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Cricut Taskbar Application.lnk [2019-12-13]
ShortcutTarget: Cricut Taskbar Application.lnk -> C:\Users\renee\AppData\Roaming\Cricut Design Space\Web\taskbar-application-win32\Release\CricutTaskbarApplication.exe (Provo Craft & Novelty, Inc. -> Cricut, Inc.)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {15B19E85-1801-4D6B-9583-53682627A21A} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\[email protected]\Start Workspace Runtime at logon => {4F1DFCA6-3AAD-48E1-8406-4BC21A501D7C} C:\WINDOWS\system32\wksprt.exe [450048 2021-04-19] (Microsoft Windows -> Microsoft Corporation)
Task: {1D926214-ACDB-4452-A6A4-F52F77752416} - System32\Tasks\Dell Cleanup => c:\windows\system32\oem\startmenufix.vbs [1595 2016-09-14] () [File not signed]
Task: {39956F82-1DF1-4A28-BD0B-ED98904C05E5} - System32\Tasks\G2MUploadTask-S-1-5-21-3262525730-2997792904-2310648795-1158 => C:\Users\renee\AppData\Local\GoToMeeting\19598\g2mupload.exe [31320 2021-04-11] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {416749ED-BFA1-45FB-8529-59093616CDA3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-26] (Adobe Inc. -> Adobe Inc.)
Task: {44C87797-69B0-4F3D-A92D-8506EFC3FBE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-29] (Google Inc -> Google Inc.)
Task: {4C3212A7-F25F-4020-AE1E-99DCD3EAC401} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1154008 2016-09-13] (Dell Inc. -> PC-Doctor, Inc.)
Task: {51871BD7-336A-4E74-901C-82B36C58B3C9} - System32\Tasks\WD Device Agent Task renee => C:\Users\renee\AppData\Roaming\WD Discovery\plugins\com.wdc.plugin.catalog\current\library\WD Device Agent.exe [720432 2019-09-26] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
Task: {6224818E-ED48-4DE8-BFA2-01DB78D11CB9} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-12-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {62735B0B-529C-486D-857C-A5916929A368} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202} => C:\WINDOWS\system32\gpupdate.exe [30720 2021-04-19] (Microsoft Windows -> Microsoft Corporation)
Task: {657E4C83-D8E1-47CA-8654-60AA343E2B5A} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489400 2019-03-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {66B7BB76-D486-410E-9F6D-BF6CAC039522} - System32\Tasks\QBScheduledReport => C:\Program Files (x86)\Common Files\Intuit\QuickBooks\ScheduledReports\ScheduledReports.Scheduler.exe [382792 2021-04-10] (Intuit, Inc. -> Intuit Inc.)
"C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot" could not be unlocked. <==== ATTENTION
Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot
Task: {74D6F9D5-864B-4F72-9A4D-9F9C110EED1D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145792 2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {788EA99C-EE1C-4587-906E-CF5A18A91E63} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} => C:\WINDOWS\system32\gpupdate.exe [30720 2021-04-19] (Microsoft Windows -> Microsoft Corporation)
Task: {7C37926F-1066-4449-B06F-37771F527516} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {7DF4434F-88F1-4AEC-A8A0-CC1A3B9595DD} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {8483C8F9-463E-4EB9-ADB6-BABAE6494532} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-12-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {8A84A87D-9AC1-446D-BF52-554B88ED1CC9} - System32\Tasks\WD Discovery Service Task renee => C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe [75504 2019-10-26] (Western Digital Technologies, Inc. -> )
Task: {8B4E0E71-581D-4B6C-9B22-1A97AE46DC75} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\[email protected]\Update connections => %SYSTEMROOT%\System32\RUNDLL32 tsworkspace,TaskUpdateWorkspaces2
Task: {8DBE5E22-ACA7-4B71-8FBE-2A23FFE515F9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764936 2021-04-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {8E1DE0A6-6A49-4826-83AD-F0F318D9E038} - System32\Tasks\PlasmaCAM-VM-Renee => C:\Program Files (x86)\PlasmaCAM\Video Manual\Vhelp.exe [659456 2019-03-06] () [File not signed]
Task: {A2968C3A-D933-4BD1-BB70-CB3F60B76E51} - System32\Tasks\WD Device Agent Task jenny => C:\Users\Jenny\AppData\Roaming\WD Discovery\plugins\com.wdc.plugin.catalog\current\library\WD Device Agent.exe
Task: {A37EAF6B-71DA-4768-99D3-1D1DED0A3601} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [436696 2016-09-13] (Dell Inc. -> PC-Doctor, Inc.)
Task: {ABFDB7DF-2AD8-4CF0-91C6-2917E81BBCD4} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\Explorer.EXE /NOUACCHECK
Task: {AFD6BB01-8980-4BB7-AE89-81C85F673D87} - System32\Tasks\G2MUpdateTask-S-1-5-21-3262525730-2997792904-2310648795-1158 => C:\Users\renee\AppData\Local\GoToMeeting\19598\g2mupdate.exe [31320 2021-04-11] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {BF705969-9A18-4F4A-B19A-CBBA315E6DCC} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\[email protected]\Report update status => %SYSTEMROOT%\System32\RUNDLL32 tsworkspace,WorkspaceStatusNotify2
Task: {C68E60DF-54F3-4C4F-9342-B26B74E13275} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-29] (Google Inc -> Google Inc.)
Task: {C8822FC4-3B77-4A18-A7AD-1E04B3B76D07} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3499888 2019-03-11] (Easeware Technology Limited -> Easeware)
Task: {D1824BC0-DEB4-4DA5-AA93-CDE2BF71F76C} - System32\Tasks\PCDDataUploadTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1154008 2016-09-13] (Dell Inc. -> PC-Doctor, Inc.)
Task: {DB41133B-BDF7-40E2-A413-AC5128EB8671} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1154008 2016-09-13] (Dell Inc. -> PC-Doctor, Inc.)
Task: {DC8E9933-A33E-4541-9702-54ED7630B34F} - System32\Tasks\EPSON ES-50 Update => C:\Program Files (x86)\epson\Epson Scan 2\Update\e_dtsksd.exe [690176 2019-01-21] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {EEA3C3B3-02DA-4DAF-A5AE-0DEAB32DE94D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145792 2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {F9715B59-7832-461D-A1CE-CC7E1C0066D3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764936 2021-04-02] (Microsoft Corporation -> Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\EPSON ES-50 Update.job => C:\Program Files (x86)\epson\Epson Scan 2\Update\e_dtsksd.exe./EXE_S:EPSON ES-50,ES017E.DAT /F:UpdateIMFINC\reneeĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3262525730-2997792904-2310648795-1158.job => C:\Users\renee\AppData\Local\GoToMeeting\19598\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3262525730-2997792904-2310648795-1158.job => C:\Users\renee\AppData\Local\GoToMeeting\19598\g2mupload.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.16.10
Tcpip\..\Interfaces\{e0559567-d1ac-45fc-ad7a-7f58dd15c45c}: [DhcpNameServer] 192.168.16.10
 
Edge: 
=======
DownloadDir: C:\Users\renee\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\renee\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-13]
Edge Extension: (Web Threat Shield) - C:\Users\renee\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fmkaflbamgddpjacdmjlkhbnpnlemaea [2021-04-26]
 
FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: 3ds.com/ComposerPlayerWebPlugin_x86_64 -> C:\PROGRA~1\SOLIDW~1\SOLIDW~3\Bin\NPCOMP~1.DLL [2017-08-11] (Dassault Systemes SE -> Dassault Systemes)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: 3ds.com/ComposerPlayerWebPlugin -> C:\PROGRA~1\SOLIDW~1\SOLIDW~3\Bin\x86\NPCOMP~1.DLL [2017-08-11] (Dassault Systemes SE -> Dassault Systemes)
FF Plugin-x32: @glance.net/GlanceClient -> C:\Program Files (x86)\GlanceGuest\npglance.dll [2018-06-23] (Glance Networks Inc -> Glance Networks, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-25] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-25] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-03-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)
 
Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-05-13]
CHR Extension: (Slides) - C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-04]
CHR Extension: (Docs) - C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-04]
CHR Extension: (Google Drive) - C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-28]
CHR Extension: (YouTube) - C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-04]
CHR Extension: (Sheets) - C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-04]
CHR Extension: (Google Docs Offline) - C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-26]
CHR Extension: (Gmail) - C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-28]
CHR Extension: (Chrome Media Router) - C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-16]
CHR Profile: C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 2 [2021-02-18]
CHR Extension: (Slides) - C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-13]
CHR Extension: (Docs) - C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-13]
CHR Extension: (Google Drive) - C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-28]
CHR Extension: (YouTube) - C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-13]
CHR Extension: (Adobe Acrobat) - C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-01-28]
CHR Extension: (Sheets) - C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-13]
CHR Extension: (Google Docs Offline) - C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-01-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-13]
CHR Extension: (Gmail) - C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-28]
CHR Extension: (Chrome Media Router) - C:\Users\renee\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-28]
CHR Profile: C:\Users\renee\AppData\Local\Google\Chrome\User Data\System Profile [2021-03-30]
CHR HKLM\...\Chrome\Extension: [gemcaenpcldkhfkohjjkfgfopgghpkng]
CHR HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gemcaenpcldkhfkohjjkfgfopgghpkng]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [kjeghcllfecehndceplomkocgfbklffd]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-26] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [823352 2019-09-27] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 BootstrapService; C:\WINDOWS\InstallerService.exe [1449472 2020-11-25] () [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8854920 2021-04-01] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-12-28] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-12-28] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44272 2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
S4 dcu-oobe; C:\Program Files (x86)\Dell\CommandUpdate\OobeService.exe [84408 2016-06-07] (Dell Inc. -> Dell Inc.)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-10-13] (Techporch Incorporated -> Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2016-10-13] (Techporch Incorporated -> Dell Inc.)
R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [10570704 2020-12-28] (Binary Fortress Software Ltd -> Binary Fortress Software)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [206304 2020-05-19] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S3 impi_hydra; C:\Program Files\Common Files\SolidWorks Shared\Simulation Worker Agent\hydra_service.exe [880296 2017-08-11] (Intel® Software Development Products -> Intel Corporation)
R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 ITSPlatform; C:\Program Files (x86)\ITSPlatform\agentcore\platform-agent-core.exe [13882256 2021-04-26] (CONTINUUM MANAGED SERVICES, LLC -> )
R2 ITSPlatformManager; C:\Program Files (x86)\ITSPlatform\agentmanager\platform-agent-manager.exe [8839048 2020-09-21] (CONTINUUM MANAGED SERVICES, LLC -> )
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [420048 2021-03-29] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [583888 2021-03-29] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2015-06-15] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-11] (Malwarebytes Inc -> Malwarebytes)
R2 MSSQL$VERIATO360; C:\Program Files\Microsoft SQL Server\MSSQL13.VERIATO360\MSSQL\Binn\sqlservr.exe [392384 2017-07-06] (Microsoft Corporation -> Microsoft Corporation)
S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [65536 2020-12-06] (Intuit Inc.) [File not signed]
R2 QBVSS; C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [1537536 2020-12-06] (Intuit Inc.) [File not signed]
R2 QBWCMonitor; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBWebConnector3.0\Intuit.QBDT.Webconnector.QBWCMonitor.exe [40784 2021-04-09] (Intuit, Inc. -> )
S4 QuickBooksDB31; C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 21.0\QBDBMgrN.exe [127816 2021-04-10] (Intuit, Inc. -> SAP SE or an SAP affiliate company)
R2 SAAZappr; C:\Program Files (x86)\SAAZOD\zRealTime\SAAZappr.exe [91016 2019-09-21] (CONTINUUM MANAGED SERVICES, LLC -> Continuum Managed Services LLC.)
S4 SAAZapsc; C:\Program Files (x86)\SAAZOD\zRealTime\SAAZapsc.exe [91016 2019-09-21] (CONTINUUM MANAGED SERVICES, LLC -> Continuum Managed Services LLC.)
R2 SAAZDPMACTL; C:\Program Files (x86)\SAAZOD\SAAZDPMACTL.exe [95112 2019-09-21] (CONTINUUM MANAGED SERVICES, LLC -> Continuum Managed Services LLC.)
S4 SAAZRemoteSupport; C:\Program Files (x86)\SAAZOD\SAAZRemoteSupport.exe [86960 2017-02-10] (Continuum Managed Solutions Pvt. Ltd. -> Continuum Managed Services LLC.)
R2 SAAZScheduler; C:\Program Files (x86)\SAAZOD\SAAZScheduler.exe [91016 2019-09-21] (CONTINUUM MANAGED SERVICES, LLC -> Continuum Managed Service LLC.)
R2 SAAZServerPlus; C:\Program Files (x86)\SAAZOD\SAAZServerPlus.exe [91016 2019-09-21] (CONTINUUM MANAGED SERVICES, LLC -> Continuum Managed Services LLC.)
R2 SAAZWatchDog; C:\Program Files (x86)\SAAZOD\SAAZWatchDog.exe [95112 2019-09-21] (CONTINUUM MANAGED SERVICES, LLC -> Continuum Managed Services LLC.)
R2 ScreenConnect Client (15747732edbf6a63); C:\Program Files (x86)\ScreenConnect Client (15747732edbf6a63)\ScreenConnect.ClientService.exe [90736 2021-04-27] (ConnectWise, LLC -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5361256 2021-04-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2019-10-30] (SolidWorks) [File not signed]
S2 SQLAgent$VERIATO360; C:\Program Files\Microsoft SQL Server\MSSQL13.VERIATO360\MSSQL\Binn\SQLAGENT.EXE [565952 2017-07-06] (Microsoft Corporation -> Microsoft Corporation)
R2 SQLTELEMETRY$VERIATO360; C:\Program Files\Microsoft SQL Server\MSSQL13.VERIATO360\MSSQL\Binn\sqlceip.exe [198848 2016-04-30] (Microsoft Corporation -> Microsoft Corporation)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31704 2016-10-24] (Dell Inc. -> Dell Inc.)
R2 SWVisualize2017.Queue.Server; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe [26008 2017-08-11] (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes)
R2 Veriato360Deployment; C:\Program Files\Veriato\Deployment\Veriato360.Deployment.Dispatcher.exe [17408 2018-04-20] (Veriato, Inc.) [File not signed]
R2 Veriato360DeploymentManager; C:\Program Files\Veriato\Deployment Manager\Veriato360.Deployment.Manager.exe [19968 2018-04-20] (Veriato, Inc.) [File not signed]
R2 Veriato360NotificationServices; C:\Program Files\Veriato\Notification Services\Veriato360.Notification.Services.exe [15872 2018-04-20] (Veriato, Inc.) [File not signed]
R2 Veriato360SchedulerService; C:\Program Files\Veriato\Scheduler\Veriato360.Scheduling.SchedulerService.exe [23552 2018-04-20] (Veriato, Inc.) [File not signed]
R2 Veriato360Service; C:\Program Files\Veriato\Service\Veriato360.Windows.Services.exe [11264 2018-04-20] (Veriato, Inc.) [File not signed]
R2 VeriatoExchangeRecorder; C:\Program Files\Veriato\ExchangeRecorder\ExchangeRecorder.exe [148480 2018-04-20] (Veriato, Inc.) [File not signed]
R2 VeriatoSignalR; C:\Program Files\Veriato\SignalR\SignalRService.exe [7168 2018-04-20] (Veriato, Inc.) [File not signed]
R2 VeriatoWebUIDataService; C:\Program Files\Veriato\WebUIDataService\WebUIDataServiceHost.exe [8192 2018-04-20] (Veriato, Inc.) [File not signed]
S3 WD Backup Drive Helper; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [19256 2021-04-19] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [19256 2021-04-19] (Microsoft Windows -> Microsoft Corporation)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [367232 2019-06-26] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WRCoreService; C:\Program Files\Webroot\Core\WRCoreService.x64.exe [2037856 2020-08-25] (Webroot Inc. -> Webroot, Inc.)
R3 WRSkyClient; C:\Program Files\Webroot\Core\WRSkyClient.x64.exe [3002624 2020-08-25] (Webroot Inc. -> Webroot, Inc.)
R2 WRSVC; C:\Program Files (x86)\Webroot\WRSA.exe [4918152 2020-12-09] (Webroot Inc. -> Webroot)
S4 zEvtSVC; C:\Program Files (x86)\SAAZOD\zSCC\zEvtSVC.exe [1655176 2019-10-15] (CONTINUUM MANAGED SERVICES, LLC -> Continuum Managed Services LLC)
S4 QuickBooksDB28; C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 18.0\QBDBMgrN.exe -hvQuickBooksDB28 [X]
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [32352 2016-10-13] (Techporch Incorporated -> Dell Inc.)
R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [32952 2016-10-13] (Techporch Incorporated -> Dell Computer Corporation)
R2 LMIInfo; C:\WINDOWS\system32\drivers\LMIInfo.sys [30432 2017-01-11] (LogMeIn, Inc. -> LogMeIn, Inc.)
S4 LMIRfsClientNP; no ImagePath
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [216056 2020-08-14] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-06-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [226448 2020-03-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-06-04] (Malwarebytes Inc -> Malwarebytes)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2016-12-21] (Apple Inc.) [File not signed]
S4 RsFx0401; C:\WINDOWS\System32\DRIVERS\RsFx0401.sys [260816 2016-03-29] (Microsoft Corporation -> Microsoft Corporation)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-12-21] (Apple, Inc.) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 wdfsconnect2017; C:\WINDOWS\system32\drivers\wdfsconnect2017.sys [468112 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 wdvpnpbus; C:\WINDOWS\System32\drivers\wdvpnpbus.sys [20624 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
S0 WRBoot; C:\WINDOWS\System32\drivers\WRBoot.sys [15792 2020-04-20] (Microsoft Windows Early Launch Anti-malware Publisher -> )
R1 WRCore; C:\Program Files\Webroot\Core\WRCore.x64.sys [268720 2020-06-15] (Webroot Inc. -> Webroot, Inc.)
R0 WRkrn; C:\WINDOWS\System32\drivers\WRkrn.sys [149224 2020-02-18] (Webroot Inc. -> Webroot)
R3 wrUrlFlt; C:\Windows\system32\DRIVERS\wrUrlFlt.sys [58304 2020-06-03] (Webroot, Inc -> Webroot)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-05-13 13:09 - 2021-05-13 13:09 - 000000000 ____D C:\Users\renee\Desktop\FRST-OlderVersion
2021-05-13 12:11 - 2021-05-13 12:51 - 000000000 ___HD C:\WINDOWS\msdownld.tmp
2021-05-13 00:22 - 2021-05-13 00:22 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2021-05-13 00:22 - 2021-05-13 00:22 - 000000000 ____D C:\WINDOWS\SysWOW64\es
2021-05-13 00:22 - 2021-05-13 00:22 - 000000000 ____D C:\WINDOWS\system32\es
2021-05-12 16:10 - 2021-05-13 13:21 - 000078647 _____ C:\Users\renee\Desktop\Addition.txt
2021-05-12 16:02 - 2021-05-13 14:04 - 000047554 _____ C:\Users\renee\Desktop\FRST.txt
2021-05-12 16:00 - 2021-05-12 16:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-05-12 15:58 - 2021-05-13 14:03 - 000000000 ____D C:\FRST
2021-05-12 15:58 - 2021-05-13 13:09 - 002299392 _____ (Farbar) C:\Users\renee\Desktop\FRST64.exe
2021-05-12 15:36 - 2021-05-12 15:36 - 000001631 _____ C:\Users\renee\Documents\wordConfigSummary.txt
2021-05-12 15:29 - 2021-05-12 15:29 - 000187492 _____ C:\Users\renee\Documents\wordGpResult.htm
2021-05-12 15:29 - 2021-05-12 15:29 - 000001631 _____ C:\Users\renee\Documents\ConfigSummaryword.txt
2021-05-12 14:30 - 2021-05-13 12:22 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3262525730-2997792904-2310648795-1158
2021-05-12 14:29 - 2021-05-12 14:29 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2021-05-12 14:29 - 2021-05-12 14:29 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-05-12 14:29 - 2021-05-12 14:29 - 000002452 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-05-12 14:29 - 2021-05-12 14:29 - 000002409 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2021-05-12 14:29 - 2021-05-12 14:29 - 000002403 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2021-05-12 14:29 - 2021-05-12 14:29 - 000000000 ____D C:\Program Files (x86)\Teams Installer
2021-05-12 14:28 - 2021-05-12 14:28 - 000002416 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2021-05-12 14:28 - 2021-05-12 14:28 - 000002415 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-05-12 14:28 - 2021-05-12 14:28 - 000002395 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2021-05-12 14:28 - 2021-05-12 14:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-05-12 14:27 - 2021-05-12 14:28 - 031774960 _____ C:\Users\renee\Documents\HKCUOffice.reg
2021-05-12 14:27 - 2021-05-12 14:27 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2021-05-12 14:15 - 2021-05-12 14:28 - 000000000 ____D C:\Program Files\Microsoft Office
2021-05-12 14:15 - 2021-05-12 14:15 - 000000000 ____D C:\Program Files\Microsoft Office 15
2021-05-12 13:33 - 2021-05-12 13:33 - 000008293 _____ C:\Users\renee\Documents\Assoc.txt
2021-05-11 16:25 - 2021-05-11 16:25 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-05-11 16:25 - 2021-05-11 16:25 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-05-11 16:25 - 2021-05-11 16:25 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-05-11 16:25 - 2021-05-11 16:25 - 000044272 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-05-11 10:12 - 2021-05-11 10:12 - 014486872 _____ (Glance Networks, Inc.) C:\Users\renee\Downloads\GlanceGuestSetup_4.17.1 (1).exe
2021-05-10 15:08 - 2021-05-10 15:10 - 612188160 _____ C:\Users\renee\Desktop\Industrial Metal Fabrication, Inc (Backup May 10,2021  03 08 PM).QBB
2021-05-10 12:02 - 2021-05-10 12:02 - 000194864 _____ C:\Users\renee\Documents\SBDC ResponseSummary.pdf
2021-05-10 12:01 - 2021-05-10 12:01 - 000189918 _____ C:\Users\renee\Downloads\ResponseSummary.pdf
2021-05-10 11:06 - 2021-05-10 11:06 - 000000520 _____ C:\Users\renee\Desktop\Microsoft Support and Recovery Assistant.appref-ms
2021-05-10 11:06 - 2021-05-10 11:06 - 000000000 ____D C:\Users\renee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Corporation
2021-05-10 11:06 - 2021-05-10 11:06 - 000000000 ____D C:\Users\renee\AppData\Local\SaRALogs
2021-05-10 11:05 - 2021-05-13 13:00 - 000000000 ____D C:\Users\renee\AppData\Local\Deployment
2021-05-06 13:35 - 2021-05-06 13:35 - 000898242 _____ C:\WINDOWS\system32\perfh00A.dat
2021-05-06 13:35 - 2021-05-06 13:35 - 000346834 _____ C:\WINDOWS\system32\perfi00A.dat
2021-05-06 13:35 - 2021-05-06 13:35 - 000199438 _____ C:\WINDOWS\system32\perfc00A.dat
2021-05-06 13:35 - 2021-05-06 13:35 - 000043954 _____ C:\WINDOWS\system32\perfd00A.dat
2021-05-04 10:27 - 2021-05-04 10:27 - 000000000 ____D C:\Users\renee\Documents\User cwnoc
2021-04-29 08:51 - 2021-04-29 08:51 - 000064258 _____ C:\Users\renee\Desktop\NoteBalanceReport_PDF20210429.pdf
2021-04-29 06:59 - 2021-04-29 06:59 - 000000000 ____D C:\Program Files (x86)\ScreenConnect Client (15747732edbf6a63)
2021-04-28 09:53 - 2021-05-07 14:42 - 000000000 ____D C:\Users\renee\Documents\Budgeting Class
2021-04-26 09:58 - 2015-04-22 10:06 - 000060588 _____ C:\Users\renee\Downloads\results.xsl
2021-04-25 05:05 - 2021-04-25 05:05 - 000000000 ____D C:\Users\NOC_HelpDesk\AppData\Local\D3DSCache
2021-04-25 04:46 - 2021-04-25 04:46 - 000000000 ____D C:\Users\NOC_HelpDesk\AppData\Local\Comms
2021-04-25 04:45 - 2021-04-25 04:45 - 000000000 ____D C:\Users\NOC_HelpDesk\AppData\Local\ElevatedDiagnostics
2021-04-25 04:43 - 2021-04-25 04:43 - 000000000 ____D C:\Users\NOC_HelpDesk\AppData\LocalLow\Adobe
2021-04-25 04:41 - 2021-04-25 04:43 - 000000000 ____D C:\Users\NOC_HelpDesk\AppData\Local\Adobe
2021-04-25 04:32 - 2021-04-25 04:33 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3262525730-2997792904-2310648795-3170
2021-04-25 04:32 - 2021-04-25 04:33 - 000000000 ___RD C:\Users\NOC_HelpDesk\OneDrive
2021-04-25 04:30 - 2021-04-25 04:31 - 000000000 ____D C:\Users\NOC_HelpDesk\AppData\Local\PlaceholderTileLogoFolder
2021-04-25 04:30 - 2021-04-25 04:30 - 000000000 ____D C:\Users\NOC_HelpDesk\AppData\Roaming\QODBC Driver for QuickBooks
2021-04-25 04:30 - 2021-04-25 04:30 - 000000000 ____D C:\Users\NOC_HelpDesk\AppData\Roaming\Epson
2021-04-25 04:30 - 2021-04-25 04:30 - 000000000 ____D C:\Users\NOC_HelpDesk\AppData\Local\Publishers
2021-04-25 04:30 - 2021-04-25 04:30 - 000000000 ____D C:\Users\NOC_HelpDesk\AppData\Local\LogMeIn
2021-04-25 04:29 - 2021-04-25 04:48 - 000000000 ____D C:\Users\NOC_HelpDesk\AppData\Local\Packages
2021-04-25 04:29 - 2021-04-25 04:43 - 000000000 ____D C:\Users\NOC_HelpDesk\AppData\Roaming\Adobe
2021-04-25 04:29 - 2021-04-25 04:30 - 000000000 ____D C:\Users\NOC_HelpDesk\AppData\Local\VirtualStore
2021-04-25 04:29 - 2021-04-25 04:30 - 000000000 ____D C:\Users\NOC_HelpDesk\AppData\Local\Intuit
2021-04-25 04:29 - 2021-04-25 04:30 - 000000000 ____D C:\Users\NOC_HelpDesk\AppData\Local\Intel
2021-04-25 04:29 - 2021-04-25 04:29 - 000000000 __SHD C:\Users\NOC_HelpDesk\IntelGraphicsProfiles
2021-04-25 04:29 - 2021-04-25 04:29 - 000000000 ___RD C:\Users\NOC_HelpDesk\3D Objects
2021-04-25 04:29 - 2021-04-25 04:29 - 000000000 ____D C:\Users\NOC_HelpDesk\AppData\LocalLow\Intel
2021-04-25 04:29 - 2021-04-25 04:29 - 000000000 ____D C:\Users\NOC_HelpDesk\AppData\Local\Google
2021-04-25 04:28 - 2021-04-25 04:33 - 000002432 _____ C:\Users\NOC_HelpDesk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-04-25 04:28 - 2021-04-25 04:32 - 000000000 ____D C:\Users\NOC_HelpDesk
2021-04-25 04:28 - 2021-04-25 04:29 - 000000000 ____D C:\Users\NOC_HelpDesk\AppData\Local\ConnectedDevicesPlatform
2021-04-25 04:28 - 2021-04-25 04:28 - 000000020 ___SH C:\Users\NOC_HelpDesk\ntuser.ini
2021-04-25 04:28 - 2021-04-25 04:28 - 000000000 ____D C:\Users\NOC_HelpDesk\AppData\Roaming\Windows Small Business Server
2021-04-25 04:28 - 2018-01-25 23:35 - 000000000 ____D C:\Users\NOC_HelpDesk\AppData\Local\Microsoft Help
2021-04-22 13:30 - 2021-04-22 13:30 - 000000000 ____D C:\Users\renee\Desktop\bartender template
2021-04-22 13:29 - 2021-04-22 13:29 - 001436351 _____ C:\Users\renee\Desktop\bartender template.zip
2021-04-22 08:43 - 2021-04-22 08:43 - 000000000 ____D C:\Users\Jimmy\AppData\Roaming\Autodesk
2021-04-22 08:43 - 2021-04-22 08:43 - 000000000 ____D C:\Users\Jimmy\AppData\Local\D3DSCache
2021-04-22 08:43 - 2021-04-22 08:43 - 000000000 ____D C:\Users\Jimmy\AppData\Local\Autodesk
2021-04-22 08:37 - 2021-04-22 08:37 - 000000000 ____D C:\Users\Jimmy\AppData\Roaming\QODBC Driver for QuickBooks
2021-04-22 08:36 - 2021-04-22 08:36 - 000000000 ____D C:\Users\Jimmy\AppData\LocalLow\Intel
2021-04-20 16:27 - 2021-04-21 09:50 - 000011354 _____ C:\Users\renee\Desktop\RTO Labor Quotes and Actuals.xlsx
2021-04-20 15:07 - 2021-04-20 15:07 - 000015702 _____ C:\Users\renee\Downloads\profit-loss template - Copy (1).xlsx
2021-04-20 15:06 - 2021-04-20 15:06 - 000015702 _____ C:\Users\renee\Downloads\profit-loss template - Copy.xlsx
2021-04-20 09:19 - 2021-05-08 10:52 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-20 09:19 - 2021-05-08 10:52 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-04-20 09:19 - 2021-05-08 10:52 - 000002278 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-04-19 17:03 - 2021-04-19 17:03 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-04-19 17:03 - 2021-04-19 17:03 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-04-19 17:03 - 2021-04-19 17:03 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-04-19 17:03 - 2021-04-19 17:03 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2021-04-19 17:03 - 2021-04-19 17:03 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-04-19 17:02 - 2021-04-19 17:02 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-04-19 17:02 - 2021-04-19 17:02 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-04-19 17:02 - 2021-04-19 17:02 - 000480256 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-04-19 17:02 - 2021-04-19 17:02 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-04-19 17:02 - 2021-04-19 17:02 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-04-19 17:02 - 2021-04-19 17:02 - 000138056 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2021-04-19 17:02 - 2021-04-19 17:02 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-04-19 17:02 - 2021-04-19 17:02 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-04-19 17:02 - 2021-04-19 17:02 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-04-19 17:02 - 2021-04-19 17:02 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-04-19 17:01 - 2021-04-19 17:01 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-04-19 17:01 - 2021-04-19 17:01 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-04-19 17:01 - 2021-04-19 17:01 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-04-19 17:01 - 2021-04-19 17:01 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-04-19 17:01 - 2021-04-19 17:01 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2021-04-19 17:00 - 2021-04-19 17:00 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-04-19 17:00 - 2021-04-19 17:00 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-04-19 17:00 - 2021-04-19 17:00 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-04-19 17:00 - 2021-04-19 17:00 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-04-19 17:00 - 2021-04-19 17:00 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-04-19 17:00 - 2021-04-19 17:00 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-04-19 16:59 - 2021-04-19 16:59 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-04-19 16:59 - 2021-04-19 16:59 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-04-19 16:59 - 2021-04-19 16:59 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-04-19 16:58 - 2021-04-19 16:58 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-04-19 16:58 - 2021-04-19 16:58 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2021-04-19 16:58 - 2021-04-19 16:58 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2021-04-19 16:57 - 2021-04-19 16:57 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-04-19 16:57 - 2021-04-19 16:57 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-04-19 16:57 - 2021-04-19 16:57 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-04-19 16:57 - 2021-04-19 16:57 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-04-19 16:56 - 2021-04-19 16:56 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-04-19 16:56 - 2021-04-19 16:56 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-04-19 16:56 - 2021-04-19 16:56 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-04-19 16:56 - 2021-04-19 16:56 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-04-19 16:56 - 2021-04-19 16:56 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2021-04-19 16:56 - 2021-04-19 16:56 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-04-19 16:56 - 2021-04-19 16:56 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2021-04-19 16:56 - 2021-04-19 16:56 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2021-04-19 16:55 - 2021-04-19 16:55 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-04-19 16:54 - 2021-04-19 16:54 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-04-19 16:54 - 2021-04-19 16:54 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-04-19 16:53 - 2021-04-19 16:53 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-04-19 16:53 - 2021-04-19 16:53 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-04-19 16:53 - 2021-04-19 16:53 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-04-19 16:53 - 2021-04-19 16:53 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-04-19 16:53 - 2021-04-19 16:53 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-04-19 16:53 - 2021-04-19 16:53 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-04-19 16:53 - 2021-04-19 16:53 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-04-19 16:52 - 2021-04-19 16:52 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-04-19 16:52 - 2021-04-19 16:52 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2021-04-19 16:51 - 2021-04-19 16:51 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-04-19 16:51 - 2021-04-19 16:51 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-04-19 16:51 - 2021-04-19 16:51 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-04-19 16:51 - 2021-04-19 16:51 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-04-19 16:51 - 2021-04-19 16:51 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-04-19 16:51 - 2021-04-19 16:51 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2021-04-19 16:51 - 2021-04-19 16:51 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2021-04-19 16:50 - 2021-04-19 16:50 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-04-19 16:50 - 2021-04-19 16:50 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-04-19 16:49 - 2021-04-19 16:49 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-04-19 16:49 - 2021-04-19 16:49 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-04-19 16:49 - 2021-04-19 16:49 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-04-19 16:48 - 2021-04-19 16:48 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-04-19 16:48 - 2021-04-19 16:48 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-04-19 16:48 - 2021-04-19 16:48 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-04-19 16:48 - 2021-04-19 16:48 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2021-04-19 16:48 - 2021-04-19 16:48 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-04-19 16:48 - 2021-04-19 16:48 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-04-19 16:48 - 2021-04-19 16:48 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-04-19 16:48 - 2021-04-19 16:48 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2021-04-19 16:48 - 2021-04-19 16:48 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2021-04-19 16:48 - 2021-04-19 16:48 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-04-19 16:02 - 2021-04-19 16:02 - 000000000 ____D C:\WINDOWS\Firmware
2021-04-19 15:59 - 2020-04-27 22:44 - 000143160 _____ C:\WINDOWS\system32\ze_validation_layer.dll
2021-04-19 15:59 - 2020-04-27 22:43 - 001785712 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-04-19 15:59 - 2020-04-27 22:43 - 001376328 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-04-19 15:59 - 2020-04-27 22:43 - 001095280 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-04-19 15:59 - 2020-04-27 22:43 - 000955000 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-04-19 15:59 - 2020-04-27 22:43 - 000437568 _____ C:\WINDOWS\system32\ze_loader.dll
2021-04-19 15:59 - 2020-04-27 22:43 - 000163592 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2021-04-19 15:59 - 2020-04-27 22:43 - 000138344 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2021-04-19 15:59 - 2020-04-27 22:43 - 000128336 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-04-19 15:59 - 2020-04-27 22:43 - 000112976 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-04-19 15:59 - 2020-04-27 22:42 - 000292672 _____ C:\WINDOWS\system32\igfxCPL.cpl
2021-04-13 15:32 - 2021-04-13 15:32 - 000000000 ____D C:\Users\renee\Downloads\New folder
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-05-13 14:04 - 2018-01-19 11:25 - 000000000 ____D C:\Program Files (x86)\SAAZOD
2021-05-13 13:15 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-13 13:15 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-13 13:14 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-13 13:09 - 2017-05-02 14:37 - 000000000 ____D C:\Users\renee\Documents\Outlook Files
2021-05-13 12:59 - 2019-07-30 15:32 - 000000000 ____D C:\Users\renee\AppData\Local\CrashDumps
2021-05-13 12:55 - 2018-01-19 11:38 - 000001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2021-05-13 12:54 - 2019-10-23 14:31 - 000002136 _____ C:\Users\renee\Desktop\IMF Data.lnk
2021-05-13 12:54 - 2017-03-10 15:52 - 000000000 __SHD C:\Users\renee\IntelGraphicsProfiles
2021-05-13 12:53 - 2018-01-19 11:36 - 000270680 _____ (Webroot) C:\WINDOWS\SysWOW64\WRusr.dll
2021-05-13 12:53 - 2018-01-19 11:36 - 000225736 _____ (Webroot) C:\WINDOWS\system32\WRusr.dll
2021-05-13 12:53 - 2018-01-19 11:36 - 000000000 ____D C:\ProgramData\WRData
2021-05-13 12:52 - 2020-11-30 01:01 - 000000000 ____D C:\ProgramData\ScreenConnect Client (15747732edbf6a63)
2021-05-13 12:52 - 2020-08-31 14:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-13 12:52 - 2017-03-10 15:16 - 000000120 _____ C:\WINDOWS\system32\config\netlogon.ftl
2021-05-13 12:52 - 2017-01-12 20:34 - 000000000 ____D C:\Intel
2021-05-13 12:51 - 2019-12-07 04:03 - 001835008 _____ C:\WINDOWS\system32\config\BBI
2021-05-13 12:22 - 2020-08-31 13:16 - 000002411 _____ C:\Users\renee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-13 12:22 - 2017-03-10 15:53 - 000000000 ___RD C:\Users\renee\OneDrive
2021-05-13 11:52 - 2019-10-01 08:25 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-05-13 11:52 - 2019-10-01 08:25 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2021-05-13 11:25 - 2020-08-31 14:11 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-05-13 11:12 - 2020-08-31 13:12 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-05-13 10:50 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-13 10:39 - 2018-01-26 00:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-13 10:29 - 2018-01-26 00:05 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-13 00:52 - 2017-03-10 15:17 - 000043446 __RSH C:\ProgramData\ntuser.pol
2021-05-13 00:30 - 2020-08-31 13:16 - 000000000 ____D C:\Users\renee
2021-05-13 00:26 - 2020-08-31 13:12 - 001406160 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-13 00:22 - 2019-12-07 04:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-05-13 00:22 - 2019-12-07 04:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-05-13 00:22 - 2019-12-07 04:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-05-13 00:22 - 2019-12-07 04:50 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2021-05-13 00:22 - 2019-12-07 04:50 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-05-13 00:22 - 2019-12-07 04:50 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2021-05-13 00:22 - 2019-12-07 04:50 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2021-05-13 00:22 - 2019-12-07 04:50 - 000000000 ____D C:\WINDOWS\system32\winrm
2021-05-13 00:22 - 2019-12-07 04:50 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-05-13 00:22 - 2019-12-07 04:50 - 000000000 ____D C:\WINDOWS\system32\slmgr
2021-05-13 00:22 - 2019-12-07 04:50 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\system32\dsc
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\MUI
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\IME
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-05-13 00:22 - 2019-12-07 04:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-05-13 00:22 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\servicing
2021-05-13 00:19 - 2018-01-19 11:27 - 000001312 _____ C:\WINDOWS\SysWOW64\ipstuffNew.txt
2021-05-13 00:05 - 2018-01-19 11:38 - 000000000 ____D C:\ProgramData\LogMeIn
2021-05-12 21:42 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\security
2021-05-12 16:14 - 2019-12-07 04:13 - 000000000 ____D C:\WINDOWS\INF
2021-05-12 16:01 - 2018-12-28 13:49 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-05-12 15:08 - 2018-01-29 15:29 - 000000000 ____D C:\Users\renee\AppData\Local\Packages
2021-05-12 14:52 - 2017-03-10 15:52 - 000000000 ____D C:\Users\renee\AppData\Local\ConnectedDevicesPlatform
2021-05-12 14:28 - 2019-12-07 04:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-05-12 14:01 - 2018-12-28 13:49 - 000000000 ____D C:\Users\renee\AppData\Local\Dropbox
2021-05-12 13:48 - 2018-12-28 13:53 - 000000000 ___RD C:\Users\renee\Dropbox
2021-05-12 13:32 - 2019-07-23 19:11 - 000000753 _____ C:\Users\renee\Documents\ConfigSummary.txt
2021-05-11 18:14 - 2018-01-09 13:57 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-11 18:14 - 2018-01-09 13:57 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-05-11 18:14 - 2018-01-09 13:57 - 000002262 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-05-11 15:54 - 2018-09-26 15:07 - 000002240 ____H C:\Users\renee\Documents\Default.rdp
2021-05-11 12:02 - 2018-02-09 13:01 - 000000000 ____D C:\Users\renee\AppData\Local\Glance
2021-05-11 10:13 - 2018-09-28 12:28 - 000000000 ____D C:\Program Files (x86)\GlanceGuest
2021-05-10 11:24 - 2016-07-16 06:47 - 000000131 _____ C:\WINDOWS\win.ini
2021-05-06 00:37 - 2018-12-28 13:49 - 000000920 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2021-05-06 00:37 - 2018-12-28 13:49 - 000000916 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2021-05-04 19:51 - 2020-08-31 14:11 - 000003980 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2021-05-04 19:51 - 2020-08-31 14:11 - 000003748 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2021-05-04 12:15 - 2018-01-10 09:21 - 000000000 ____D C:\ProgramData\SecTaskMan
2021-05-02 18:02 - 2017-03-22 09:50 - 000000000 ____D C:\ProgramData\Intuit
2021-05-01 00:37 - 2020-08-31 13:16 - 000000000 ____D C:\Users\VeriatoService
2021-05-01 00:37 - 2020-08-31 13:16 - 000000000 ____D C:\Users\SQLTELEMETRY$VERIATO360
2021-04-29 01:14 - 2021-01-23 01:13 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-04-27 08:29 - 2017-03-22 09:50 - 000000111 _____ C:\WINDOWS\QBChanUtil_Trigger.ini
2021-04-27 08:26 - 2018-08-22 10:01 - 000000000 ____D C:\Users\renee\AppData\Roaming\QuickBooks
2021-04-25 19:45 - 2021-04-04 05:39 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-25 19:45 - 2021-04-04 05:39 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-04-25 04:46 - 2019-12-07 04:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-04-25 04:30 - 2018-01-19 11:33 - 000000000 ____D C:\ProgramData\SAAZOD
2021-04-25 04:29 - 2017-01-12 21:10 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-04-23 23:25 - 2020-10-09 12:20 - 000002136 _____ C:\Users\Jimmy\Desktop\IMF Data.lnk
2021-04-23 08:38 - 2020-08-31 14:11 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3262525730-2997792904-2310648795-1146
2021-04-23 08:38 - 2020-08-31 13:16 - 000002411 _____ C:\Users\Jimmy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-04-23 08:38 - 2018-07-10 10:16 - 000000000 ___RD C:\Users\Jimmy\OneDrive
2021-04-22 08:44 - 2018-07-10 10:14 - 000000000 ____D C:\Users\Jimmy\AppData\Local\Google
2021-04-22 08:43 - 2019-10-29 12:32 - 000002280 _____ C:\Users\Public\Desktop\DWG TrueView 2020 - English.lnk
2021-04-22 08:43 - 2019-10-29 12:32 - 000002280 _____ C:\ProgramData\Desktop\DWG TrueView 2020 - English.lnk
2021-04-22 08:43 - 2019-10-29 12:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DWG TrueView 2020 - English
2021-04-22 08:43 - 2019-10-29 12:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2021-04-22 08:39 - 2018-07-10 10:14 - 000000000 ____D C:\Users\Jimmy\AppData\Local\Packages
2021-04-22 08:35 - 2018-07-10 10:14 - 000000000 __SHD C:\Users\Jimmy\IntelGraphicsProfiles
2021-04-22 08:35 - 2018-07-10 10:14 - 000000000 ____D C:\Users\Jimmy\AppData\Local\Intuit
2021-04-22 00:53 - 2020-08-31 13:34 - 002098286 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-20 19:08 - 2020-08-31 14:11 - 000003418 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-04-20 19:08 - 2020-08-31 14:11 - 000003294 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-04-20 17:20 - 2019-07-30 12:46 - 000000000 ____D C:\Users\renee\AppData\Local\DisplayFusion
2021-04-19 17:18 - 2019-12-07 04:54 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-04-19 17:18 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-04-19 17:18 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-04-19 17:18 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-04-19 17:18 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-04-19 17:18 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-04-19 17:18 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-04-19 17:18 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-04-19 17:18 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-04-19 17:18 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-04-19 17:18 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-04-19 17:18 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-04-19 17:18 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-04-19 17:18 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-04-19 17:18 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-04-19 17:18 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-04-19 17:18 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-04-19 17:17 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-04-19 17:17 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-04-19 17:17 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-04-19 17:17 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-04-19 17:13 - 2019-12-07 04:54 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-04-19 17:13 - 2019-12-07 04:54 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-04-19 16:47 - 2020-08-31 13:17 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-04-14 11:43 - 2021-04-05 09:40 - 000000000 ____D C:\Users\QBDataServiceUser31.RENEE-DELL
2021-04-13 11:43 - 2017-03-22 09:54 - 000000000 ____D C:\Users\renee\AppData\Local\Intuit
2021-04-13 11:37 - 2019-01-15 13:56 - 000000648 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3262525730-2997792904-2310648795-1158.job
2021-04-13 11:37 - 2019-01-15 13:56 - 000000552 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3262525730-2997792904-2310648795-1158.job
 
==================== Files in the root of some directories ========
 
2017-12-14 10:02 - 2017-12-14 10:02 - 000003774 _____ () C:\Program Files (x86)\desktop.ico
2018-01-19 11:33 - 2018-01-19 11:33 - 000000007 _____ () C:\Program Files (x86)\zsccVerWPStatus.txt
2021-01-12 10:14 - 2021-01-12 10:15 - 000040150 _____ () C:\Users\renee\AppData\Roaming\QBFileDrTool.log
2021-01-14 16:47 - 2021-01-14 16:52 - 000059705 _____ () C:\Users\renee\AppData\Roaming\QBFileDrTool_RENEE-DELL.log
2017-12-01 10:49 - 2017-12-11 12:08 - 000000149 _____ () C:\Users\renee\AppData\Roaming\WB.CFG
2019-04-16 18:13 - 2019-04-16 18:13 - 000284653 _____ () C:\Users\renee\AppData\Local\ClaPyncR
2018-01-29 17:36 - 2018-01-29 17:36 - 000000052 _____ () C:\Users\renee\AppData\Local\ClaPyncRAj
2019-08-20 11:30 - 2019-12-06 16:20 - 000010240 _____ () C:\Users\renee\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-09-26 09:18 - 2018-09-26 09:18 - 000000000 _____ () C:\Users\renee\AppData\Local\oobelibMkey.log
2017-10-25 14:48 - 2019-09-05 11:41 - 000007602 _____ () C:\Users\renee\AppData\Local\resmon.resmoncfg
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-05-2021
Ran by Renee (13-05-2021 14:08:08)
Running from C:\Users\renee\Desktop
Windows 10 Pro Version 2004 19041.928 (X64) (2020-08-31 19:12:53)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1037252052-873270737-574051151-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1037252052-873270737-574051151-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-1037252052-873270737-574051151-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-1037252052-873270737-574051151-501 - Limited - Disabled)
QBDataServiceUser28 (S-1-5-21-1037252052-873270737-574051151-1008 - Limited - Enabled) => C:\Users\QBDataServiceUser28
QBDataServiceUser31 (S-1-5-21-1037252052-873270737-574051151-1011 - Limited - Enabled) => C:\Users\QBDataServiceUser31.RENEE-DELL
Remote Support (S-1-5-21-1037252052-873270737-574051151-1009 - Administrator - Enabled) => C:\Users\Remote Support
VeriatoService (S-1-5-21-1037252052-873270737-574051151-1005 - Limited - Enabled) => C:\Users\VeriatoService
WDAGUtilityAccount (S-1-5-21-1037252052-873270737-574051151-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Webroot SecureAnywhere (Enabled - Up to date) {EA22F846-E33A-0128-9418-185509C86920}
AV: Webroot SecureAnywhere (Enabled - Up to date) {DF901FA1-F926-253B-C464-B01C79DCAD48}
AV: Webroot SecureAnywhere (Enabled - Up to date) {A16A5B28-D1C0-417E-771B-123558EECC69}
AS: Webroot SecureAnywhere (Enabled - Up to date) {64F1FE45-DF1C-2AB5-FED4-8B6E025BE7F5}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 21.001.20145 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.001.20145 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.0.0.354 - Adobe Systems Incorporated)
Adobe Illustrator 2020 (HKLM-x32\...\ILST_24_0_1) (Version: 24.0.1 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\LRCC_3_0) (Version: 3.0 - Adobe Systems Incorporated)
Autodesk Design Review (HKLM-x32\...\Autodesk Design Review) (Version: 14.0.0.177 - Autodesk)
Autodesk DWG TrueView 2020 - English (HKLM\...\DWG TrueView 2020 - English) (Version: 23.1.48.0 - Autodesk)
Belarc Advisor 9.0 (HKLM-x32\...\Belarc Advisor) (Version: 9.0.0.0 - Belarc Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Browser for SQL Server 2016 (HKLM-x32\...\{5B860485-0F07-41DC-BA8C-3A839A141FBA}) (Version: 13.0.1601.5 - Microsoft Corporation)
Cisco Webex Meetings (HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\ActiveTouchMeetingClient) (Version:  - Cisco Webex LLC)
ClipGrab 3.8.11 (HKLM-x32\...\{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1) (Version:  - The ClipGrab Project)
Core (HKLM\...\{48CD9577-944F-496C-B8AE-F6150240C2D1}) (Version: 1.1.227 - Webroot) Hidden
Cricut Design Space (HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\{113DD42F-AE80-489B-8F15-FB8499306C48}) (Version: 5.11.54 - Cricut, Inc.)
Cricut Design Space (HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\Cricut Design Space 4.6.4) (Version: 4.6.4 - Cricut, Inc.)
Cricut Design Space Client (HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\Cricut Design Space Client) (Version: 5.8.1902.081258 - Provo Craft)
Critical Update for SQL Server 2016 MSVCRT Prerequisites (KB4019088) (64-bit) (HKLM\...\KB4019088) (Version: 13.0.1742.0 - Microsoft Corporation)
Dell Command | Update (HKLM-x32\...\{EC542D5D-B608-4145-A8F7-749C02BE6D94}) (Version: 2.2.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{99B7C4B5-DC14-441D-A5B6-7340F682BC81}) (Version: 3.1.1117.0 - Dell Products, LP)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.61 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{CD2DF2B3-01E7-47FF-AF9C-725FC5FF6409}) (Version: 1.3.2.3 - Dell)
DisplayFusion 9.7.1 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 9.7.1.0 - Binary Fortress Software)
Divar 2.30 PC Software (HKLM-x32\...\{EEC2E4A4-7E1B-11D6-B2AB-00508B911B9B}) (Version: 2.30 - Bosch Security Systems)
Driver Easy 5.6.9 (HKLM\...\DriverEasy_is1) (Version: 5.6.9 - Easeware)
Dropbox (HKLM-x32\...\Dropbox) (Version: 122.4.4867 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.459.1 - Dropbox, Inc.) Hidden
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 1.3.6855.61 - PC-Doctor, Inc.) Hidden
Epson ES Series User’s Guide (HKLM-x32\...\UsersGuideEpson ES Series User’s Guide_is1) (Version: 1.0 - Epson America, Inc.)
Epson Event Manager (HKLM-x32\...\{49048EBF-3803-4AA4-8943-675E6E8D5B30}) (Version: 3.11.0030 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version:  - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
Epson Scan OCR Component Pro (HKLM-x32\...\{7C3DDC52-B63F-463D-B41E-9D619EF93823}) (Version: 1.0.7 - Seiko Epson Corporation)
EPSON Scan PDF EXtensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.02 - SEIKO EPSON Corp.)
Epson ScanSmart (HKLM-x32\...\{B9D455F0-E479-43BD-9401-C108D1AA46F9}) (Version: 3.5.4 - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{2359E008-3C32-45B9-B984-39D46CDCA47B}) (Version: 4.6.0 - Seiko Epson Corporation)
GlanceGuest version 4.17.1.19 (HKLM-x32\...\{F5AC5408-CC29-47C0-AD53-1BBBF268B364}_is1) (Version: 4.17.1.19 - Glance Networks, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.212 - Google LLC)
Google Earth Pro (HKLM-x32\...\{59F21DFB-6977-434B-9CB9-67783D6E7B6B}) (Version: 7.3.3.7786 - Google)
GoTo Opener (HKLM-x32\...\{D144D2C2-4F96-48B7-BB2A-E9185050B619}) (Version: 1.0.491 - LogMeIn, Inc.)
GoToMeeting 10.16.0.19598 (HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\GoToMeeting) (Version: 10.16.0.19598 - LogMeIn, Inc.)
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1167 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4836 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.9.1053 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
ITSPlatform (HKLM-x32\...\{1C78F4DD-ED19-4D76-A276-7038D66DA0C3}) (Version: 1.0.789 - ITSupport247)
ITSPlatform (HKLM-x32\...\{7ac03588-f73f-41c3-889e-7ef4cad3063d}) (Version: 1.0.789 - ITSupport247) Hidden
ITSupport247-DPMA (HKLM-x32\...\SAAZOD) (Version: 5.5.1 - ITSupport247)
LogMeIn (HKLM-x32\...\{4BA0A633-1A0C-4936-8BF5-9EA537E36BA8}) (Version: 4.1.9768 - LogMeIn, Inc.)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.9060.3 - Waves Audio Ltd.) Hidden
Microsoft 365 Apps for business - en-us (HKLM\...\O365BusinessRetail - en-us) (Version: 16.0.13127.21506 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft Assessment and Planning Toolkit (HKLM-x32\...\{efc9da38-9049-44f6-a3da-f50e96eec31f}) (Version: 9.9.13.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.56 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 90.0.818.56 - Microsoft Corporation)
Microsoft ODBC Driver 13 for SQL Server (HKLM\...\{DB7B2107-C3C9-439E-BDA8-823CCC152977}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Office Configuration Analyzer Tool 2.2 (HKLM-x32\...\{EA5C0F11-00CA-0321-0801-141002021782}) (Version: 2.2.6018.801 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\OneDriveSetup.exe) (Version: 21.073.0411.0002 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{1385D3DB-8E80-427B-91D2-B7535862B8E4}) (Version: 11.3.6518.0 - Microsoft Corporation)
Microsoft SQL Server 2016 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2016) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2016 Setup (English) (HKLM\...\{9916613E-6D6C-43B9-834F-91F438D4F403}) (Version: 13.0.1742.0 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service  (HKLM\...\{FE3BF1DD-677E-4793-9770-C07AECC88882}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom  (HKLM\...\{D091DE8C-EA0F-49AF-8DE3-BD6C79737C6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server Data-Tier Application Framework (x86) (HKLM-x32\...\{5084D16B-E1D2-4F25-8B86-A03B4F9E1A72}) (Version: 13.0.3225.4 - Microsoft Corporation)
Microsoft Support and Recovery Assistant (HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\0527a644a4ddd31d) (Version: 17.0.6523.5 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\Teams) (Version: 1.2.00.3961 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27033 (HKLM-x32\...\{624ba875-fdfc-4efa-9c66-b170dfebc3ec}) (Version: 14.16.27033.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2016 (HKLM\...\{3E013EB4-FF9E-4CCA-BAB6-318932614FAE}) (Version: 13.0.1601.5 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13127.21064 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13127.21506 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13127.21064 - Microsoft Corporation) Hidden
PanelPilot ACE Design Studio (HKLM-x32\...\{8748AA92-4C0A-41F5-8EC3-DA9598A3B5C9}) (Version: 4.0.2.4064 - Lascar Electronics Ltd.) Hidden
PanelPilot ACE Design Studio (HKLM-x32\...\InstallShield_{8748AA92-4C0A-41F5-8EC3-DA9598A3B5C9}) (Version: 4.0.2.4064 - Lascar Electronics Ltd.)
proDAD Adorage 3.0 (HKLM-x32\...\proDAD-Adorage-3.0) (Version: 3.0.114.1 - proDAD GmbH)
QODBC Driver (HKLM-x32\...\QODBC Driver) (Version:  - )
QuickBooks (HKLM-x32\...\{8FAA979A-67A1-4B58-8AA2-A93A13C7FBE2}) (Version: 31.0.4005.3103 - Intuit Inc.) Hidden
QuickBooks Advanced Reporting (HKLM\...\{07D0B043-1082-4667-9FBA-E2EFB35A42E5}) (Version: 2.9.1.0 - Intuit Inc.)
QuickBooks Advanced Reporting (HKLM\...\{496496A0-6C22-4C5E-A428-DC13B60171CD}) (Version: 2.9.1.0 - Intuit Inc.) Hidden
QuickBooks Desktop File Doctor (HKLM-x32\...\{07441683-C1C3-43BC-B3E7-F213B3A69B76}) (Version: 4.6.0.0 - Intuit Inc.)
QuickBooks Enterprise Solutions: Mfg and Whsle Edition 21.0 (HKLM-x32\...\{C334B95F-60B0-4BF6-B421-370BDDD6D40D}) (Version: 31.0.4005.3103 - Intuit Inc.)
QuickBooks Runtime Redistributable (HKLM\...\{F2A4F809-2DE6-4D27-888B-4D2BB8DAF20E}) (Version: 1.00.0000 - Intuit Inc.)
QuickBooks Tool Hub (HKLM-x32\...\{5A43047E-1ACD-4F89-99E6-69988300E6AB}) (Version: 1.4.0.0 - Intuit Inc.)
Quicken (HKLM-x32\...\{62D93E3E-2F8E-42BD-9343-896F4F0031D3}) (Version: 27.1.31.20 - Quicken)
Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6124 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.4 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.4 - VS Revo Group, Ltd.)
ScreenConnect Client (15747732edbf6a63) (HKLM-x32\...\{24DA9058-985A-4101-AB2F-8F45E665233A}) (Version: 21.6.3172.7787 - ScreenConnect Software)
Security Task Manager 2.4 (HKLM-x32\...\Security Task Manager) (Version: 2.4 - Neuber Software)
SOLIDWORKS 2017 SP04.1 (HKLM\...\{BB965FD0-077F-4CA4-BFD1-39FFEFF15770}) (Version: 25.141.1 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS 2017 SP04.1 (HKLM-x32\...\SolidWorks Installation Manager 20170-40401-1100-100) (Version: 25.4.1.1 - SolidWorks Corporation)
SOLIDWORKS Composer Player 2017 SP04.1 (HKLM\...\{2F5D372A-EE3F-4201-8899-AA717AB91110}) (Version: 25.41.1 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS eDrawings 2017 SP04.1 (HKLM\...\{CB113D0F-B49B-47DC-973D-491AD5E5012E}) (Version: 17.4.1001 - Dassault Systèmes SolidWorks Corp) Hidden
SOLIDWORKS Explorer 2017 SP04.1 (HKLM\...\{41487B2B-99A9-4E1B-90A3-433F6C228C72}) (Version: 25.41.1 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS Visualize 2017 SP04.1 (HKLM\...\{D802560E-F2DA-4CCD-85EB-C29437F112F2}) (Version: 25.41.1 - Dassault Systemes SolidWorks Corp) Hidden
SQL Server 2016 Batch Parser (HKLM\...\{D7A905DB-9A1E-4670-9488-F979F8A77A58}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
SQL Server 2016 Common Files (HKLM\...\{16F3645F-1343-4462-92DC-9AE66A2E68A3}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
SQL Server 2016 Common Files (HKLM\...\{57846DA8-8B5D-4466-B850-E8CDFC94046C}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
SQL Server 2016 Connection Info (HKLM\...\{74940EE5-66DB-42E3-AC30-295D13B461A7}) (Version: 13.0.14500.10 - Microsoft Corporation) Hidden
SQL Server 2016 Connection Info (HKLM\...\{8A3AE1F0-0752-435D-A01C-033BDD629C8B}) (Version: 13.0.14500.10 - Microsoft Corporation) Hidden
SQL Server 2016 Database Engine Services (HKLM\...\{0C457EC3-E998-4041-B856-908D5A2C1708}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
SQL Server 2016 Database Engine Services (HKLM\...\{51574D2C-DE28-4441-BDC2-967F0FFC0918}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
SQL Server 2016 Database Engine Shared (HKLM\...\{686A81C0-C8E4-46F6-952F-B19A28E8C430}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
SQL Server 2016 Database Engine Shared (HKLM\...\{81CABA93-27C0-4BD9-9B5E-227C76B59F46}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
SQL Server 2016 DMF (HKLM\...\{2FFF0757-4360-42F5-8814-16BB5CF0145F}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
SQL Server 2016 DMF (HKLM\...\{34A20DEE-6AD4-44A6-95FF-DFF95CD22B8C}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
SQL Server 2016 Shared Management Objects (HKLM\...\{D3FC7A31-F127-4E2A-96F6-B24FA7D3FFAF}) (Version: 13.0.14500.10 - Microsoft Corporation) Hidden
SQL Server 2016 Shared Management Objects (HKLM\...\{F8001E21-CFCC-47AD-A3B1-6B3EB6D35E48}) (Version: 13.0.14500.10 - Microsoft Corporation) Hidden
SQL Server 2016 Shared Management Objects Extensions (HKLM\...\{B6E1A5EB-1C58-4A04-B76B-E5FE1BE22CA1}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
SQL Server 2016 Shared Management Objects Extensions (HKLM\...\{FA548BCB-5732-40F8-85B0-61515D18D9C1}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
SQL Server 2016 SQL Diagnostics (HKLM\...\{766BE25E-D2B5-4E76-BCB0-29B801BADB3F}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
SQL Server 2016 XEvent (HKLM\...\{8CF2CA8E-3984-46B9-B493-F844F3774FA1}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
SQL Server 2016 XEvent (HKLM\...\{E6FFAAAF-D8B5-4D46-8514-26E96D9F3D8D}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (HKLM\...\{0D9BD39A-A870-4FDF-B590-1E9787CF16D9}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.7174 - Microsoft Corporation)
ToolSetup (HKLM-x32\...\{2440F52B-9D1B-43DC-A745-D846CF432A6E}) (Version: 1.0.0 - Default Company Name)
TurboMeeting (HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\TurboMeeting) (Version: 3.0.580 - RHUB Communications, Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Veriato 360 (HKLM-x32\...\{c0dee753-0166-4f0e-b5a4-409ca58100c3}) (Version: 9.0.3.52292 - Veriato Inc.)
Veriato 360 Database Setup (HKLM\...\{F478C59B-F3F6-4176-B497-E10579F23266}) (Version: 9.0.3.52292 - Veriato Inc.) Hidden
Veriato 360 Deployment Manager (HKLM\...\{B81A29FB-B794-4EE9-B1CB-9D8AF9C4CD44}) (Version: 9.0.3.52292 - Veriato Inc.) Hidden
Veriato 360 Deployment Service (HKLM\...\{CC5BF9F5-2DFF-4A77-A6F0-742DCCFF32DB}) (Version: 9.0.3.52292 - Veriato Inc.) Hidden
Veriato 360 Notification Services (HKLM\...\{3B237B2B-8A2C-4556-B11E-D1D6AB246E93}) (Version: 9.0.3.52292 - Veriato Inc.) Hidden
Veriato 360 Prerequisites (HKLM\...\{1502125B-C41E-4741-BFA3-A4EC68C0D60B}) (Version: 9.0.3.52292 - Veriato Inc.) Hidden
Veriato 360 Scheduler Service (HKLM\...\{43DDE7A0-C8D6-4D08-9B36-36A411382707}) (Version: 9.0.3.52292 - Veriato Inc.) Hidden
Veriato 360 Service (HKLM\...\{1ED14082-1AFE-423F-973C-AD3E3D50DC26}) (Version: 9.0.3.52292 - Veriato Inc.) Hidden
Veriato 360 SignalR Service (HKLM\...\{ADFC97EF-2CA7-4018-A62B-79A2A5A88CF3}) (Version: 9.0.3.52292 - Veriato Inc.) Hidden
Veriato 360 Web UI Data Service (HKLM\...\{FE6757A9-89A0-47A1-B7E0-7694E8AC9A40}) (Version: 9.0.3.52292 - Veriato Inc.) Hidden
Veriato Exchange Recorder (HKLM\...\{51C29BD7-C57E-44B7-AE81-619843ADF436}) (Version: 9.0.3.52292 - Veriato Inc.) Hidden
Veriato Management Console (HKLM\...\{2289D522-3840-4D54-BA23-53C7A6FF634A}) (Version: 9.0.3.52292 - Veriato Inc.) Hidden
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-3) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WD Backup (HKLM-x32\...\{786f930d-c00a-441a-9e9b-b74103f8acbb}) (Version: 1.9.7117.6823 - Western Digital Technologies, Inc.)
WD Backup (HKLM-x32\...\{BD6A391C-1CBE-4193-BCE6-89F550252C3B}) (Version: 1.9.7117.6823 - Western Digital Technologies, Inc) Hidden
WD Desktop App 2.1.0.246 (HKLM-x32\...\{efa29edd-d423-4291-b1d0-71428a78579f}) (Version: 2.1.0.246 - Western Digital Corporation) Hidden
WD Desktop App 2.1.0.246 (x64) (HKLM\...\{CA7F7232-526E-41BD-971A-47BE28C18516}) (Version: 2.1.0.246 - Western Digital Corporation) Hidden
WD Discovery (HKLM-x32\...\WDDiscovery) (Version: 3.5.152 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{C24328D2-3D94-4281-B174-3AD6F92012F7}) (Version: 2.0.0.63 - Western Digital Technologies, Inc.) Hidden
WD Drive Utilities (HKLM-x32\...\{d4b2783c-7832-4902-bca3-bbfccdda2fad}) (Version: 2.0.0.63 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{9CC1378D-FDA5-49EF-B2AE-7DF54DECCC26}) (Version: 2.0.0.63 - Western Digital Technologies, Inc.) Hidden
WD Security (HKLM-x32\...\{af0fc1d4-5f37-40f2-a7c4-390d6ce1d270}) (Version: 2.0.0.63 - Western Digital Technologies, Inc.)
WD SES Driver Setup (HKLM-x32\...\{924A274D-38B6-4930-8859-F3F51CFA8DDD}) (Version: 1.1.0.25 - Western Digital) Hidden
Webroot SecureAnywhere (HKLM-x32\...\{98C3BECF-DD5F-44D2-8EF3-48A904180103}) (Version: 9.24.49 - Webroot)
Webroot SecureAnywhere (HKLM-x32\...\{98C3BECF-DD5F-44D2-8EF3-48A943290225}) (Version: 9.18.44 - Webroot)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation)
Windows Driver Package - Provo Craft & Novelty, Inc. (usbser) Ports  (08/01/2016 1.3.0.0) (HKLM\...\17736CDD02DF8CFDD0CC1097668A82C013C969F3) (Version: 08/01/2016 1.3.0.0 - Provo Craft & Novelty, Inc.)
Windows Small Business Server 2011 Standard ClientAgent (HKLM\...\{5C72F8A3-BF39-4733-B41E-0ED7EF622E37}) (Version: 6.1.7900.1 - Microsoft Corporation)
WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft)
Zoom (HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\ZoomUMX) (Version: 5.3.1 (52879.0927) - Zoom Video Communications, Inc.)
ZoomInfo Contact Contributor (HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\ZoomInfo Contact Contributor) (Version: 59 - )
 
Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-07-26] (Adobe Systems Incorporated)
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2019-07-26] (Adobe Systems Incorporated)
Adobe Photoshop Express: Image Editor, Adjustments, Filters, Effects, Borders -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobePhotoshopExpress_3.4.8.0_x64__ynb6jyjzte8ga [2020-11-12] (Adobe Inc.)
Adobe Reader Touch -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobeReader_3.1.8.7675_x86__ynb6jyjzte8ga [2017-06-28] (Adobe Systems Incorporated)
BreeZip -> C:\Program Files\WindowsApps\3138AweZip.AweZip_1.4.1.0_x86__ffd303wmbhcjt [2021-05-07] (BreeZip) [MS Ad]
Code Writer -> C:\Program Files\WindowsApps\ActiproSoftwareLLC.562882FEEB491_4.2.42.0_x64__24pqs290vpjk0 [2021-03-04] (Actipro Software LLC)
Crafty File Viewer -> C:\Program Files\WindowsApps\BallardAppCraftery.CraftyFileViewer_1.1.0.24_neutral__epyrqhfctk40t [2018-02-05] (Ballard App Craftery)
Dell Document Hub -> C:\Program Files\WindowsApps\DellPrinter.DellDocumentHub_1.7.0.6_x64__nmdn7k89bxsn6 [2021-04-25] (DELL GLOBAL B.V. (SINGAPORE BRANCH))
Duolingo - Learn Languages for Free -> C:\Program Files\WindowsApps\D5EA27B7.Duolingo-LearnLanguagesforFree_2017.112.1.0_x64__yx6k7tf7xvsea [2018-01-29] (Duolingo Inc.)
Eclipse Manager -> C:\Program Files\WindowsApps\46928bounde.EclipseManager_4.0.21.0_neutral__a5h4egax66k6y [2020-07-09] (Ounce Digital)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa [2021-04-26] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-05-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-05-07] (Microsoft Corporation) [MS Ad]
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.1810.0_x64__8wekyb3d8bbwe [2021-03-05] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5060.0_x64__8wekyb3d8bbwe [2021-05-10] (Microsoft Studios) [MS Ad]
Microsoft Wireless Display Adapter -> C:\Program Files\WindowsApps\Microsoft.SurfaceWirelessDisplayAdapter_4.227.139.0_x64__8wekyb3d8bbwe [2020-11-28] (Microsoft Corporation) [Startup Task]
Network Speed Test -> C:\Program Files\WindowsApps\Microsoft.NetworkSpeedTest_1.0.0.23_x64__8wekyb3d8bbwe [2018-01-29] (Microsoft Research)
Pandora -> C:\Program Files\WindowsApps\PandoraMediaInc.29680B314EFC2_15.0.3.0_x64__n619g4d5j0fnw [2019-11-19] (Pandora Media Inc) [Startup Task]
Power BI -> C:\Program Files\WindowsApps\Microsoft.MicrosoftPowerBIForWindows_3221.30502.33830.0_x64__8wekyb3d8bbwe [2021-05-07] (Microsoft Corporation)
Power BI Desktop -> C:\Program Files\WindowsApps\Microsoft.MicrosoftPowerBIDesktop_2.93.641.0_x64__8wekyb3d8bbwe [2021-05-13] (Microsoft Corporation)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-06-20] (Adobe Systems Incorporated)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3262525730-2997792904-2310648795-1158_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-FADEE8DE10F5} -> [Creative Cloud Files] => C:\Users\renee\Creative Cloud Files [2018-01-17 16:20]
CustomCLSID: HKU\S-1-5-21-3262525730-2997792904-2310648795-1158_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\renee\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19029.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3262525730-2997792904-2310648795-1158_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2020 - English\en-US\dwgviewrficn.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3262525730-2997792904-2310648795-1158_Classes\CLSID\{74D0CE91-F931-4FAC-BEA9-EE32E43EAD37}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2020 - English\dwgviewr.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3262525730-2997792904-2310648795-1158_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\renee\AppData\Local\GoToMeeting\15939\G2MOutlookAddin64.dll => No File
CustomCLSID: HKU\S-1-5-21-3262525730-2997792904-2310648795-1158_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\renee\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19029.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3262525730-2997792904-2310648795-1158_Classes\CLSID\{DAE467D6-5C66-404A-BD99-4AC8261A733A}\InprocServer32 -> C:\Users\renee\AppData\Local\Microsoft\OffCAT\OffCATv2Addin.dll (Microsoft Corporation -> Microsoft)
CustomCLSID: HKU\S-1-5-21-3262525730-2997792904-2310648795-1158_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\renee\Dropbox [2018-12-28 13:53]
CustomCLSID: HKU\S-1-5-21-3262525730-2997792904-2310648795-1158_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
SSODL: WDFSMountNotificator-wdfsconnect2017 - {C6CC5486-937C-49ED-9D1B-4FDCDF4966BF} - C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
SSODL-x32: WDFSMountNotificator-wdfsconnect2017 - {C6CC5486-937C-49ED-9D1B-4FDCDF4966BF} - C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
ShellServiceObjects: Virtual Storage Mount Notification -> {C6CC5486-937C-49ED-9D1B-4FDCDF4966BF} => C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
ShellServiceObjects-x32: Virtual Storage Mount Notification -> {C6CC5486-937C-49ED-9D1B-4FDCDF4966BF} => C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
ShellIconOverlayIdentifiers: [    WDDesktopIconOverlay01] -> {4F8A325E-9DAF-44B8-A825-1A14DFA0FA78} => C:\Program Files\WD Desktop App\kda.DLL [2019-07-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [    WDDesktopIconOverlay02] -> {0176BDDE-B59A-4A1E-808B-CAD461415CCA} => C:\Program Files\WD Desktop App\kda.DLL [2019-07-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [    WDDesktopIconOverlay03] -> {B65909D1-57AF-41F5-AB94-BEB733F62B35} => C:\Program Files\WD Desktop App\kda.DLL [2019-07-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [    WDDesktopIconOverlay04] -> {C6C2397D-8238-4332-8935-86C39C7C165F} => C:\Program Files\WD Desktop App\kda.DLL [2019-07-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [    WDDesktopIconOverlay05] -> {E7B3BCF9-0386-4B5F-AE6A-91B9F1423973} => C:\Program Files\WD Desktop App\kda.DLL [2019-07-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [    WDDesktopIconOverlay06] -> {564EA121-D9DA-485D-82C2-C2ED7BFCCEAD} => C:\Program Files\WD Desktop App\kda.DLL [2019-07-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2019-02-08] (Autodesk, Inc. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2019-02-08] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-02-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1-x32: [Autodesk.DWF.ContextMenu] -> {6C18531F-CA85-45F7-8278-FF33CF0A5964} => C:\Program Files (x86)\Common Files\Autodesk Shared\DWF Common\DWFShellExtension.dll [2017-03-09] (Autodesk, Inc.) [File not signed]
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [WDDesktopContextMenu] -> {47625ad9-51e4-3519-92d0-07ecd5b8f771} => C:\Program Files\WD Desktop App\kda.DLL [2019-07-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ContextMenuHandlers1: [WRShellExt] -> {69D72956-317C-44bd-B369-8E44D4EF9802} => C:\Windows\system32\WRusr.dll [2021-05-13] (Webroot Inc. -> Webroot)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-03-11] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [WDDesktopContextMenu] -> {47625ad9-51e4-3519-92d0-07ecd5b8f771} => C:\Program Files\WD Desktop App\kda.DLL [2019-07-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5f0421f78ff0cab8\igfxDTCM.dll [2020-04-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-02-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-03-11] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WRShellExt] -> {69D72956-317C-44bd-B369-8E44D4EF9802} => C:\Windows\system32\WRusr.dll [2021-05-13] (Webroot Inc. -> Webroot)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [vidc.pDAD] => C:\Windows\SysWOW64\prodad-codec.dll [506392 2016-04-27] (proDAD GmbH -> proDAD GmbH)
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\renee\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.htm
ShortcutWithArgument: C:\Users\renee\Desktop\Renee ([email protected]) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\renee\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\[email protected] - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
 
==================== Loaded Modules (Whitelisted) =============
 
2016-10-24 18:34 - 2016-10-24 18:34 - 000010240 _____ (Dell Inc.) [File not signed] [File is in use] C:\Program Files (x86)\Dell\SupportAssistAgent\bin\ChatServer.dll
2017-02-13 14:54 - 2017-02-13 14:54 - 000132096 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\epnsm.dll
2018-03-05 16:41 - 2018-03-05 16:41 - 000057856 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\EPNWPSHDevFinder.DLL
2009-10-21 17:39 - 2009-10-21 17:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\LcMgr.dll
2016-10-24 18:33 - 2016-10-24 18:33 - 000315392 _____ (The Apache Software Foundation) [File not signed] [File is in use] C:\Program Files (x86)\Dell\SupportAssistAgent\bin\log4net.dll
2019-10-23 12:21 - 2017-11-10 12:51 - 000180224 _____ (Western Digital Technologies, Inc.) [File not signed] C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ScreenConnect Client (15747732edbf6a63) => ""="Service"
 
==================== Association (Whitelisted) =================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
HKU\S-1-5-21-1037252052-873270737-574051151-1005\Software\Classes\exefile: "%1" %* <==== ATTENTION
HKU\S-1-5-21-1037252052-873270737-574051151-1005\Software\Classes\.exe: exefile => "%1" %* <==== ATTENTION
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\Software\Classes\exefile: "%1" %* <==== ATTENTION
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\Software\Classes\.exe: exefile => "%1" %* <==== ATTENTION
HKU\S-1-5-80-1932595877-2366943647-1318061336-960667907-2026828537\Software\Classes\exefile: "%1" %* <==== ATTENTION
HKU\S-1-5-80-1932595877-2366943647-1318061336-960667907-2026828537\Software\Classes\.exe: exefile => "%1" %* <==== ATTENTION
 
==================== Internet Explorer (Whitelisted) ==========
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google/
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://www.msn.com/?pc=U220&ocid=U220DHP&osmkt=en-us
SearchScopes: HKLM -> DefaultScope {D607C6D1-B158-4DB7-BE5A-644D3A74FBEF} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {D607C6D1-B158-4DB7-BE5A-644D3A74FBEF} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {D607C6D1-B158-4DB7-BE5A-644D3A74FBEF} URL = 
SearchScopes: HKU\S-1-5-21-3262525730-2997792904-2310648795-1158 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
SearchScopes: HKU\S-1-5-21-3262525730-2997792904-2310648795-1158 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
SearchScopes: HKU\S-1-5-21-3262525730-2997792904-2310648795-1158 -> {0CE02FFA-A6B0-46F6-BA2F-BD32C3630126} URL = 
SearchScopes: HKU\S-1-5-21-3262525730-2997792904-2310648795-1158 -> {5D17039F-E3FB-4274-B966-92E8E7A58336} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-3262525730-2997792904-2310648795-1158 -> {D607C6D1-B158-4DB7-BE5A-644D3A74FBEF} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-05-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: No Name -> {C6CC5486-937C-49ED-9D1B-4FDCDF4966BF}' -> No File
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-05-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-05-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: No Name -> {C6CC5486-937C-49ED-9D1B-4FDCDF4966BF}' -> No File
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-05-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-05-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-05-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2019-01-25] (Belarc, Inc. -> Belarc, Inc.)
Handler-x32: intu-help-qb14 - {C854407F-AA78-4036-A9C1-54EBA9BD3608} - C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 21.0\HelpAsyncPluggableProtocol.dll [2021-04-10] (Intuit, Inc. -> Intuit, Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\SysWOW64\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\sharepoint.com -> hxxps://imfincnewton-files.sharepoint.com
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2016-07-16 06:47 - 2016-07-16 06:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\130\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files\Microsoft SQL Server\130\DTS\Binn\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files (x86)\Common Files\Bosch Security Systems;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\Common Files\Intuit\QBPOSSDKRuntime
HKU\S-1-5-21-1037252052-873270737-574051151-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1037252052-873270737-574051151-1005\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1037252052-873270737-574051151-1008\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1037252052-873270737-574051151-1009\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1037252052-873270737-574051151-1011\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\Control Panel\Desktop\\Wallpaper -> C:\Users\renee\AppData\Local\DisplayFusion\Wallpaper_2.png
HKU\S-1-5-80-1932595877-2366943647-1318061336-960667907-2026828537\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.16.10
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKLM\...\StartupApproved\StartupFolder: => "QuickBooks_Standard_21.lnk"
HKLM\...\StartupApproved\StartupFolder: => "QuickBooks Update Agent.lnk"
HKLM\...\StartupApproved\StartupFolder: => "SOLIDWORKS 2017 Fast Start.lnk"
HKLM\...\StartupApproved\StartupFolder: => "SOLIDWORKS Background Downloader.lnk"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "RtHDVBg_MAXX6"
HKLM\...\StartupApproved\Run: => "RtHDVCpl"
HKLM\...\StartupApproved\Run: => "WavesSvc"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "RtHDVBg_PushButton"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "WDAppManager"
HKLM\...\StartupApproved\Run32: => "WDDiscovery"
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\StartupApproved\StartupFolder: => "Cricut Taskbar Application.lnk"
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\StartupApproved\Run: => "AppleIEDAV"
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\StartupApproved\Run: => "AutoStartVMA"
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\StartupApproved\Run: => "Cricut Design Space3"
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3262525730-2997792904-2310648795-1158\...\StartupApproved\Run: => "DisplayFusion"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{F8C28A28-8542-4BBD-9BED-9986A588B36E}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{B6D51E18-FCA8-4B59-B2A0-5E2B303A8E87}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [UDP Query User{BCBC65C9-20C3-4A12-9C60-125263501725}C:\users\renee\appdata\roaming\cricut design space\web\taskbar-application-win32\release\cricuttaskbarapplication.exe] => (Allow) C:\users\renee\appdata\roaming\cricut design space\web\taskbar-application-win32\release\cricuttaskbarapplication.exe (Provo Craft & Novelty, Inc. -> Cricut, Inc.)
FirewallRules: [TCP Query User{EF6F7731-A2DA-4796-B14C-524D1CF0E5A0}C:\users\renee\appdata\roaming\cricut design space\web\taskbar-application-win32\release\cricuttaskbarapplication.exe] => (Allow) C:\users\renee\appdata\roaming\cricut design space\web\taskbar-application-win32\release\cricuttaskbarapplication.exe (Provo Craft & Novelty, Inc. -> Cricut, Inc.)
FirewallRules: [{B40A8FB9-B2EB-4F75-BBF3-DABEEB16CB5C}] => (Allow) LPort=1434
FirewallRules: [{3A7AA45A-41CA-4B5E-9DCC-1BA8B8BD6703}] => (Allow) LPort=63417
FirewallRules: [{244A29BD-A410-4B1C-930F-FA7A307FD611}] => (Allow) LPort=54709
FirewallRules: [{E4940793-DBF7-4749-8F51-DDD932CFA975}] => (Allow) LPort=443
FirewallRules: [TCP Query User{6472ABB2-4A88-4803-BFE0-F6016D59A19A}C:\program files (x86)\qodbc driver for quickbooks\qremote\server\qremoteserver.exe] => (Allow) C:\program files (x86)\qodbc driver for quickbooks\qremote\server\qremoteserver.exe (FLEXquarters.com Limited -> FLEXquarters.com Limited)
FirewallRules: [UDP Query User{AF8C85DC-65FE-4679-8C71-837232534B30}C:\program files (x86)\qodbc driver for quickbooks\qremote\server\qremoteserver.exe] => (Allow) C:\program files (x86)\qodbc driver for quickbooks\qremote\server\qremoteserver.exe (FLEXquarters.com Limited -> FLEXquarters.com Limited)
FirewallRules: [TCP Query User{F2A0F109-93DA-44AC-B50D-79600CA6D5F0}C:\users\renee\appdata\roaming\cricutdesignspace\bridge\cricutbridge.exe] => (Allow) C:\users\renee\appdata\roaming\cricutdesignspace\bridge\cricutbridge.exe => No File
FirewallRules: [UDP Query User{D158559C-6D28-46ED-A8EC-D109023F8F09}C:\users\renee\appdata\roaming\cricutdesignspace\bridge\cricutbridge.exe] => (Allow) C:\users\renee\appdata\roaming\cricutdesignspace\bridge\cricutbridge.exe => No File
FirewallRules: [TCP Query User{971BF71D-CC83-4C7C-B1DB-974FB52F70DE}C:\users\renee\appdata\roaming\cricutdesignspace\bridge\cricutbridge.exe] => (Allow) C:\users\renee\appdata\roaming\cricutdesignspace\bridge\cricutbridge.exe => No File
FirewallRules: [UDP Query User{CA5BBE49-B8C7-496D-A88F-5FF9E2522913}C:\users\renee\appdata\roaming\cricutdesignspace\bridge\cricutbridge.exe] => (Allow) C:\users\renee\appdata\roaming\cricutdesignspace\bridge\cricutbridge.exe => No File
FirewallRules: [TCP Query User{C6D74910-5DA2-4228-ABA2-973C86BE06A6}C:\users\renee\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\renee\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe => No File
FirewallRules: [UDP Query User{3DA159D1-3AA5-48A4-8B91-8609C78D8AB1}C:\users\renee\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\renee\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe => No File
FirewallRules: [TCP Query User{D822C11A-DB2A-457B-AA9A-ED81FD908D04}C:\windows\system32\mmc.exe] => (Block) C:\windows\system32\mmc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{3564C102-D141-4608-8452-2694E6A505A1}C:\windows\system32\mmc.exe] => (Block) C:\windows\system32\mmc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{99B14C9D-6784-408C-B157-77847014B492}C:\users\renee\appdata\roaming\cricutdesignspace3\bridge\cricutbridge4.exe] => (Allow) C:\users\renee\appdata\roaming\cricutdesignspace3\bridge\cricutbridge4.exe => No File
FirewallRules: [UDP Query User{1256595B-0462-46F9-B263-1B51368271B8}C:\users\renee\appdata\roaming\cricutdesignspace3\bridge\cricutbridge4.exe] => (Allow) C:\users\renee\appdata\roaming\cricutdesignspace3\bridge\cricutbridge4.exe => No File
FirewallRules: [{D99A99B5-644F-4A7A-9ABC-99AA6DA8CC76}] => (Allow) C:\Program Files (x86)\SAAZOD\BaseComponents\PatchManagement\zPMAMgmt.exe (CONTINUUM MANAGED SERVICES, LLC -> Continuum Managed Services, LLC.)
FirewallRules: [{F7AAEEBA-D402-4F85-AB0C-505C352640F9}] => (Allow) C:\Program Files (x86)\SAAZOD\BaseComponents\PatchManagement\zPMAMgmt.exe (CONTINUUM MANAGED SERVICES, LLC -> Continuum Managed Services, LLC.)
FirewallRules: [{67C3FF9C-5916-4652-AA94-8A9C53358E64}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (Easeware Technology Limited -> Easeware)
FirewallRules: [{943B2B83-1639-4DF9-B98C-C0B41D712105}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe => No File
FirewallRules: [{23EAFF84-C82C-4DA6-9C30-2AF37BD1E573}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe => No File
FirewallRules: [TCP Query User{552E6A47-FC35-43EE-AFB2-CA5A0393AC56}C:\program files (x86)\bosch security systems\divar\bin\dvr_16econtrolcenter.exe] => (Allow) C:\program files (x86)\bosch security systems\divar\bin\dvr_16econtrolcenter.exe (Bosch Security Systems B.V.) [File not signed]
FirewallRules: [UDP Query User{1D2A654A-FB2D-46F6-934A-3F94FF576952}C:\program files (x86)\bosch security systems\divar\bin\dvr_16econtrolcenter.exe] => (Allow) C:\program files (x86)\bosch security systems\divar\bin\dvr_16econtrolcenter.exe (Bosch Security Systems B.V.) [File not signed]
FirewallRules: [TCP Query User{3F244DDE-8C83-491F-B9C6-FFC7B771C652}C:\program files (x86)\bosch security systems\divar\bin\configtool.exe] => (Allow) C:\program files (x86)\bosch security systems\divar\bin\configtool.exe (Bosch Security Systems B.V.) [File not signed]
FirewallRules: [UDP Query User{4EF7C3F9-470C-4BDC-B71B-FB189BBCFBD3}C:\program files (x86)\bosch security systems\divar\bin\configtool.exe] => (Allow) C:\program files (x86)\bosch security systems\divar\bin\configtool.exe (Bosch Security Systems B.V.) [File not signed]
FirewallRules: [{CEC61171-AEB8-4C1A-8296-EA59D462D852}] => (Allow) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corporation)
FirewallRules: [{6CFA217D-53BB-4AEF-85CB-521BF0ED7E4E}] => (Allow) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corporation)
FirewallRules: [{4A533558-E184-4E4E-A0D9-F0EDB9069FF7}] => (Allow) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes)
FirewallRules: [{510AF887-AC1C-4729-BBDC-40DEC9EBA96B}] => (Allow) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes)
FirewallRules: [{42855B6F-F9CD-4F04-9763-907F64A1E696}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{25CF92AD-52DB-4CDC-A184-68B290F4DD95}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A45B2F01-0F3D-41CD-BF7D-865AB89654D4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D4E67ACC-1E67-4E6C-B68A-D80B44B5F3A7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B8E6EAD7-1A93-497A-8433-5F3278B1B576}] => (Allow) C:\Users\renee\AppData\Local\Temp\unpacksos\1\SRManagerSOS.exe => No File
FirewallRules: [{EA9AFEDE-31EB-4B08-8EEC-3E3E71D4AA02}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 21.0\qbw32.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{3ADCA4AA-1BFC-42EA-AAB8-16CF5FA56CA3}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 21.0\qbw32.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{CA1B8C86-1CA7-4927-AEA3-53395BA39CCA}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 21.0\dbmanagerexe.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{4835F6C3-06DC-44B3-8308-3736264BA51E}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 21.0\dbmanagerexe.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{C2936B2C-0B1A-40E6-B1AB-026768E34F30}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 21.0\filemanagement.exe (Intuit, Inc. -> )
FirewallRules: [{99C986B1-95AC-4195-84A2-F3CA78410746}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 21.0\filemanagement.exe (Intuit, Inc. -> )
FirewallRules: [{C4E7D429-1DDF-4E40-B571-80F6D5CA1FF9}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{3064478B-384A-4C4B-8DB3-4FA9835C7309}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{F8B4275A-EE7D-4DC2-8E71-3AB425C03497}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\qblaunch.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{6303D724-9C6F-4418-947E-1B921F894373}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\qblaunch.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{97DA0EE0-39B1-4355-9494-C23EB8C2724A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{585436F8-43E6-4C63-8E53-982F4E933838}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{49CF8DD5-7F99-4951-9A94-A472E5A7DB2E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7DB02827-9B5C-4477-B436-691EC76EBC0A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B504C4C3-4762-4244-BE96-81E7EF6A0870}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 21.0\qbdbmgrn.exe (Intuit, Inc. -> SAP SE or an SAP affiliate company)
FirewallRules: [{508B04E1-AFFD-46BE-B3CB-A1BCE4578F5A}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 21.0\qbdbmgrn.exe (Intuit, Inc. -> SAP SE or an SAP affiliate company)
FirewallRules: [{0DBD65AB-9027-4148-87C2-2DC28BBA786C}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 21.0\QBDBMgrN.exe (Intuit, Inc. -> SAP SE or an SAP affiliate company)
FirewallRules: [{C2A127D5-7DC7-4E65-9EDE-67F7A98DC917}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 21.0\QBDBMgrN.exe (Intuit, Inc. -> SAP SE or an SAP affiliate company)
FirewallRules: [{DE5B67D4-3F54-4146-94DA-9074E51D1022}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F821CA81-C996-4259-B082-32967F3524EF}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{437C6081-5057-4762-A83D-49D36DAD1A56}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D7262972-EE1F-4C80-9D81-38749CA4BB89}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6C3201D2-BAE7-4D24-A162-6CFC57AA1657}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5578799C-33FF-4A24-BEC7-521E7633B722}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{153728FD-EA08-45E0-84BB-FF0EB7EA4127}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{98565D1C-52C9-4283-9B32-F6B23FAFEC28}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5BD41E14-0188-4570-AB77-DE22BFF032F9}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 21.0\CefSharp.BrowserSubprocess.exe (The CefSharp Authors) [File not signed]
FirewallRules: [{2FC9765B-CE22-4E59-AD89-4D04AF729B85}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.56\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{818A5E90-9FF4-404C-AA68-8AA57AED7BF6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{78FAFCB5-420B-4FE9-A5FA-2B66E8286C11}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CFE5939F-B580-4173-BD7F-23B366A764FA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4A586C97-B0E5-46E7-8774-9F779B4E7FB7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AD3B3F10-45AF-4E58-A30A-D259C9E20A4E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{49980D6E-A567-4D17-8BD1-6CF98950C939}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{839E1E54-A014-4129-A523-4D15749F5C91}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
 
==================== Restore Points =========================
 
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (05/13/2021 12:59:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 10.0.19041.928, time stamp: 0xbc61eb13
Faulting module name: ucrtbase.dll, version: 10.0.19041.789, time stamp: 0x2bd748bf
Exception code: 0xc0000409
Fault offset: 0x000000000007286e
Faulting process id: 0x31b8
Faulting application start time: 0x01d74821af96450c
Faulting application path: C:\WINDOWS\explorer.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: de62b4f8-9794-4666-84bd-08f1d5ae23b4
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (05/13/2021 12:59:24 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: explorer.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Runtime.InteropServices.SEHException
   at AutoPtr<OdSmartPtr<OdDbObject> >.Reset(OdSmartPtr<OdDbObject>*)
   at AutoPtr<OdSmartPtr<OdDbObject> >.Dispose(Boolean)
 
Error: (05/13/2021 12:59:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 10.0.19041.928, time stamp: 0xbc61eb13
Faulting module name: ucrtbase.dll, version: 10.0.19041.789, time stamp: 0x2bd748bf
Exception code: 0xc0000409
Fault offset: 0x000000000007286e
Faulting process id: 0x2de4
Faulting application start time: 0x01d74821a56fdb61
Faulting application path: C:\WINDOWS\explorer.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: f778a146-aed4-4fd5-86d8-21cc98a29dc0
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (05/13/2021 12:59:08 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: explorer.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Runtime.InteropServices.SEHException
   at AutoPtr<OdSmartPtr<OdDbObject> >.Reset(OdSmartPtr<OdDbObject>*)
   at AutoPtr<OdSmartPtr<OdDbObject> >.Dispose(Boolean)
 
Error: (05/13/2021 12:58:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 10.0.19041.928, time stamp: 0xbc61eb13
Faulting module name: ucrtbase.dll, version: 10.0.19041.789, time stamp: 0x2bd748bf
Exception code: 0xc0000409
Fault offset: 0x000000000007286e
Faulting process id: 0x2e1c
Faulting application start time: 0x01d74821476b4d3b
Faulting application path: C:\WINDOWS\explorer.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: caae7914-0301-4a27-aa31-db1f78e2be89
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (05/13/2021 12:58:36 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: explorer.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Runtime.InteropServices.SEHException
   at AutoPtr<OdSmartPtr<OdDbObject> >.Reset(OdSmartPtr<OdDbObject>*)
   at AutoPtr<OdSmartPtr<OdDbObject> >.Dispose(Boolean)
 
Error: (05/13/2021 12:57:22 PM) (Source: SecurityCenter) (EventID: 19) (User: )
Description: The Windows Security Center Service was unable to load instances of AntiVirusProduct from datastore.
 
Error: (05/13/2021 12:56:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IAStorDataMgrSvc.exe, version: 14.8.9.1053, time stamp: 0x5718affa
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x04f610a5
Faulting process id: 0x2c70
Faulting application start time: 0x01d7482134ff1802
Faulting application path: C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
Faulting module path: unknown
Report Id: 34f87b1c-6d0e-4b6a-8529-ec3017f57eb5
Faulting package full name: 
Faulting package-relative application ID:
 
 
System errors:
=============
Error: (05/13/2021 12:56:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Rapid Storage Technology service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (05/13/2021 12:55:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Dell Digital Delivery Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (05/13/2021 12:55:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Dell Digital Delivery Service service to connect.
 
Error: (05/13/2021 12:52:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The BootstrapService service terminated with the following error: 
Incorrect function.
 
Error: (05/13/2021 12:18:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Rapid Storage Technology service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (05/13/2021 12:17:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Dell Digital Delivery Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (05/13/2021 12:17:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Dell Digital Delivery Service service to connect.
 
Error: (05/13/2021 12:13:38 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The BootstrapService service terminated with the following error: 
Incorrect function.
 
 
CodeIntegrity:
===============
Date: 2021-05-13 14:09:16
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Webroot\WRSA.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
BIOS: Dell Inc. 1.14.2 12/24/2020
Motherboard: Dell Inc. 0HKCW0
Processor: Intel® Core™ i5-6500 CPU @ 3.20GHz
Percentage of memory in use: 67%
Total physical RAM: 8095.85 MB
Available physical RAM: 2639.35 MB
Total Virtual: 8607.85 MB
Available Virtual: 2000.04 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:453.54 GB) (Free:106.2 GB) (Protected) NTFS
Drive e: () (Fixed) (Total: ? GB) (Free: ? GB) (Protected) (Locked) 
 
\\?\Volume{89d5afb3-3f51-4f55-a775-86209c659f61}\ () (Fixed) (Total:0.85 GB) (Free:0.41 GB) NTFS
\\?\Volume{e6814e32-bcd3-408c-be49-1c4f598ac3c6}\ (Image) (Fixed) (Total:10.76 GB) (Free:0.52 GB) NTFS
\\?\Volume{f1b449e4-6b40-46b3-9074-4b34afeecfa4}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.45 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 7A047024)
 
Partition: GPT.
 
==========================================================
Disk: 1 (Size: 3726 GB) (Disk ID: 16F2A91F)
 
Partition: GPT.
 
==================== End of Addition.txt =======================
 

  • 0

Advertisements

#2
RKinner
Posted 14 May 2021 - 08:53 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

You have 4 programs that might be used to login to your computer from elsewhere:

 

LogMeIn

 

ITSupport247-DPMA

 

ScreenConnect Client

 

GlanceGuest version 4.17.1.19

 

If you did not install them I would remove them.  If you did install them I would change the passwords on them and make sure they are secure. 

 

You also have an account

Remote Support (S-1-5-21-1037252052-873270737-574051151-1009 - Administrator - Enabled) => C:\Users\Remote Support

 

Not sure what that's for.

 

If you need to remove it:

https://support.micr...2b-e4dbd1dcdf32

 

 

 

Also you have SpyProtector.exe running.  This has a bad rep as a rogue program that claims you have an infection even when you don't:

 

https://www.bleeping...ve-spyprotector

 

You should look at your Dell Support site and see if they have a newer version of

Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.9.1053 - Intel Corporation)

 

Get Process Explorer

https://live.sysinte...com/procexp.exe

Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

Wait a full minute then:

File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.



Get the free version of Speccy:

http://www.filehippo...ownload_speccy/ 

(Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.

 


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics


Also tagged with one or more of these keywords: virus, spyware malware removal

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP