Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-01-2022
Ran by stu (administrator) on STU (25-01-2022 14:29:19)
Running from C:\Users\stu\Downloads
Loaded Profiles: defaultuser0 & stu
Platform: Microsoft Windows 10 Pro Version 21H1 19043.1415 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avanquest UK Ltd -> Avanquest Software) C:\ProgramData\Avanquest Software\eXpert PDF 10 Manager\eXpert PDF 10\eXpert PDF 10 Manager.exe
(Evolis S.A.R.L. -> Evolis Card Printer) C:\Program Files\Evolis Card Printer\Evolis Premium Suite\ESPFSvc.exe
(Evolis S.A.R.L. -> Evolis Card Printer) C:\Program Files\Evolis Card Printer\Evolis Premium Suite\EvoPCSvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <14>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\UtcDecoderHost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(NortonLifeLock Inc. -> Broadcom) C:\Program Files\Norton Security\Engine\22.21.11.46\NortonSecurity.exe <2>
(NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.21.11.46\nsWscSvc.exe
(NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Users\stu\Downloads\NPE.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_44dc4eefedc0d082\Display.NvContainer\NVDisplay.Container.exe <2>
(Restoro Ltd -> Restoro) C:\Program Files\Restoro\bin\RestoroProtection.exe
(Restoro Ltd -> Restoro) C:\Program Files\Restoro\bin\RestoroService.exe
(Shenzhen Yi Xing Investment Co., Ltd. -> Iskysoft) C:\Program Files (x86)\iSkysoft\IAF\2.4.3.241\IsAppService.exe
(VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Restoro] => C:\Program Files\Restoro\bin\RestoroApp.exe [477728 2021-10-07] (Restoro Ltd -> Restoro) <==== ATTENTION
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2850149270-2595152120-825338289-1001\...\Run: [Avanquest Message] => C:\Users\stu\AppData\Local\Avanquest\Avanquest Message\AQNotif.exe [594800 2021-04-08] (Avanquest Software SAS -> Avanquest Software)
HKU\S-1-5-21-2850149270-2595152120-825338289-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35342976 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2850149270-2595152120-825338289-1001\...\Run: [GoogleChromeAutoLaunch_ADC7E0A059E0139FB44149734A3133AA] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-2850149270-2595152120-825338289-1001\...\Run: [MicrosoftEdgeAutoLaunch_852D4AA59420528FFA9B7730FF8D325A] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKU\S-1-5-21-2850149270-2595152120-825338289-1001\...\Run: [com.messenger] => C:\Users\stu\AppData\Local\Programs\Messenger\Messenger.exe messenger://openAtLogin (No File)
HKU\S-1-5-21-2850149270-2595152120-825338289-1001\...\Run: [Amazon Music Helper] => C:\Users\stu\AppData\Local\Amazon Music\Amazon Music Helper.exe [2356312 2021-11-18] (Amazon.com Services LLC -> Amazon.com Services LLC)
HKU\S-1-5-21-2850149270-2595152120-825338289-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe  /RestartByRestartManager:39A55176-E579-4582-8EE4-A287F72A08F9 (No File)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe  /RestartByRestartManager:449F700E-2B32-4117-A6C5-D042B94CCB1E (No File)
HKU\S-1-5-18\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe  /RestartByRestartManager:30B8DDF0-9DDC-40da-B878-4E2ACE51364F (No File)
HKU\S-1-5-18\...\RunOnce: [Application Restart #3] => C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe  /RestartByRestartManager:7C02A8C0-A93D-4075-A9B6-715076B8B8FF (No File)
HKLM\...\Print\Monitors\Evolis TCP/IP Monitor: C:\WINDOWS\system32\evotcpipmon.dll [49664 2009-04-28] (Evolis) [File not signed]
HKLM\...\Print\Monitors\EvoUN01 Language Monitor: C:\WINDOWS\system32\evoun01mon.dll [112432 2019-12-17] (Evolis -> Evolis Card Printer)
HKLM\...\Print\Monitors\HP a011 Status Monitor: C:\WINDOWS\system32\hpinkstsa011LM.dll [331664 2012-06-13] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 3050A J611 series): C:\WINDOWS\system32\HPDiscoPMa011.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\...\AppCompatFlags\Custom\setuppad.exe: [{4ce0e4e1-4c9a-4e48-bfaf-aab5dabd96a8}.sdb] -> setuppad
HKLM\Software\...\AppCompatFlags\InstalledSDB\{4ce0e4e1-4c9a-4e48-bfaf-aab5dabd96a8}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{4ce0e4e1-4c9a-4e48-bfaf-aab5dabd96a8}.sdb [2012-01-06]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\97.0.4692.99\Installer\chrmstp.exe [2022-01-25] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Evolis Printer Manager.lnk [2021-06-24]
ShortcutTarget: Evolis Printer Manager.lnk -> C:\Program Files\Evolis Card Printer\Evolis Premium Suite\PrinterManager.exe (Evolis -> Evolis Card Printer)
Startup: C:\Users\stu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2020-11-30]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy\User: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0127AF04-1144-43E4-9EF7-B74A3E935C7B} - System32\Tasks\InPixio\Update => C:\Program Files\InPixio\Photo Studio 11\PhotoStudioIPS11.exe [3239472 2021-07-12] (Avanquest Logiciels (7270356 Canada Inc) -> InPixio)
Task: {10118188-AB2D-42DE-BBD9-24D232EB6E18} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {104A0D7D-6C72-49C0-9EF6-B7C054A3B34A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-11-26] (HP Inc. -> HP Inc.)
Task: {1BE46790-8DF2-40FD-ACC5-9594A1EDFBB5} - System32\Tasks\HPCustParticipation HP Deskjet 3050A J611 series => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {2454A179-17B7-4663-9005-4A7CD25D2E38} - System32\Tasks\Norton 360\Norton 360 Error Processor => C:\Program Files\Norton Security\Engine\22.21.11.46\SymErr.exe [108752 2021-12-13] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {2D7DFE14-BE55-4A25-AD2E-19E7BDF82DB8} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {38609168-7802-499C-9AE1-19C37FF7CD1D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-11-12] (Piriform Software Ltd -> Piriform)
Task: {432625B2-F934-473B-8AFE-3EFF525E6A5D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6348792 2022-01-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {4926FE79-529F-454B-97D1-E0CCFA316304} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\RadeonInstaller.exe /AUTOUPDATEIN (No File)
Task: {49390988-4D6E-4B3F-A109-E1C7335C946A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {49DEF0A5-65BE-4A65-85A2-8CD0C1684578} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4AFCA4A0-343C-463E-822C-76C8B4130086} - System32\Tasks\Norton 360\Norton 360 Error Analyzer => C:\Program Files\Norton Security\Engine\22.21.11.46\SymErr.exe [108752 2021-12-13] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {4D5CF878-D8C8-4A71-8350-28513F16DD96} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5009D10C-9753-46B5-94C0-526BCB05F9A3} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-06-21] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {55A2EFA5-459B-4E12-B99D-89FB96101E48} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5E4561B7-B8EC-4BC0-BF3F-9D4DEC9EE43C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-03-27] (Google Inc -> Google LLC)
Task: {65CA41A2-19C0-42A5-8686-6386FA874BB6} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6C57D20F-068A-48BD-9CF6-A8ED024EFE56} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-06-21] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {7761206F-5059-40E2-BCA2-4B3D65B00CC8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {78C50DC5-050C-4F49-B95E-32800702DB0B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-03-27] (Google Inc -> Google LLC)
Task: {79E80DF8-D367-46DA-A4B0-3C4F9E60D0C8} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.21.11.46\WSCStub.exe [646520 2021-12-13] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {7D7C3CC3-027A-4243-9B37-6ADA546DD42B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9380DA4B-391F-411C-A87F-E45A6153237D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6348792 2022-01-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {99183EDE-6188-48C8-9CA9-A4E4C1E39211} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A46430A7-4939-47F1-9F50-0BA61223925E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A7CB4D82-AB29-4AEB-9B65-EDE838EFC667} - System32\Tasks\Norton 360\Norton 360 Autofix => C:\Program Files\Norton Security\Engine\22.21.11.46\SymErr.exe [108752 2021-12-13] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {B7B59E4C-BEC3-4415-A826-C0AEC3399F84} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C913B9AD-79F7-4D73-BD18-1C351FE7F5B6} - System32\Tasks\Trojan Remover => C:\Program Files\Loaris Trojan Remover\ltr.exe (No File)
Task: {CF2DF50F-4E44-431D-AD7D-B0BAB795450A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CF68BFBA-1C0A-449C-9D3F-2A9450AE17EE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136304 2021-03-30] (HP Inc. -> HP Inc.)
Task: {D50CEA35-3E6E-47EC-8505-2F6928787E8E} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [38504 2021-05-10] (HP Inc. -> HP Inc.)
Task: {D53A84C5-75F5-4548-8E5F-364717818278} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360\Upgrade.exe [2353000 2021-12-13] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {D556C7CC-3F20-4BB7-8011-5D3A91B89F63} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {E3F3B433-40EE-47C1-9C52-F77E6257EB11} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E884FD26-EE61-4E05-9643-08B204663287} - System32\Tasks\CCleanerSkipUAC - stu => C:\Program Files\CCleaner\CCleaner.exe [29417088 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F1A49B84-C414-4715-A37A-F20478961899} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [111024 2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {F9DCD8DE-5C2B-4843-ACB6-04CCB61E52EF} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [111024 2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {F9DD9BB8-ABE6-45A6-8A34-A7C413345C0E} - System32\Tasks\{86ED9C8F-D76C-444C-939C-676464459998} => C:\Windows\system32\pcalua.exe -a E:\OnePlus_setup.exe -d E:\ -c /s
Task: {FCC09E12-1073-4CA0-8E12-E665D4A370FD} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [38504 2021-05-10] (HP Inc. -> HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DriverUpdate_update_stu.job => C:\Users\stu\AppData\Local\SlimWare Utilities Inc\DriverUpdate\Updates\hdd.exe
Task: C:\WINDOWS\Tasks\Restoro-After-Restart.job => C:\ProgramData\Restoro\revert\after-restart\AfterRepairLauncher.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{08f56f86-6e68-43a8-b43c-51f6269b9c2e}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1b753e8c-559c-4155-9309-ebac587e51d2}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{664a2313-79fb-45dc-b5fb-c2176d91d21b}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{686E1526-5487-4579-9D5C-7D997F0C562C}: [NameServer] 10.255.0.0

Edge: 
=======
DownloadDir: C:\Users\stu\Downloads
Edge Notifications: HKU\S-1-5-21-2850149270-2595152120-825338289-1001 -> hxxps://www.facebook.com
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> EdgeExtension_HoneyScienceCorporationHoney_cbe4c63gm1mzr => C:\Program Files\WindowsApps\HoneyScienceCorporation.Honey_11.4.2.0_neutral__cbe4c63gm1mzr [not found]
Edge Extension: (IBM Security Rapport) -> EdgeExtension_IBMTrusteerIBMTrusteerRapport_756wk15nt3n8e => C:\Program Files\WindowsApps\IBMTrusteer.IBMTrusteerRapport_1.1.34.0_x64__756wk15nt3n8e [2019-04-15]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\stu\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-25]
Edge Notifications: Default -> hxxps://mail.google.com; hxxps://manage.wix.com; hxxps://www.diy.com; hxxps://www.facebook.com; hxxps://www.snizl.com; hxxps://www.softonic.com
Edge DefaultSearchURL: Default -> hxxps://nortonsafe.search.ask.com/web?omnisearch=yes&q={searchTerms}
Edge DefaultSearchKeyword: Default -> nortonsafe
Edge DefaultSuggestURL: Default -> hxxps://ss-sym.search.ask.com/ss?limit=10&li=ff&hl=en&q={searchTerms}
Edge Extension: (Norton Safe Web) - C:\Users\stu\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bdaafgjhhjkdplpffldcncdignokfkbo [2021-12-11]
Edge Extension: (Norton Safe Search) - C:\Users\stu\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ikkagnliefbhcdgnnhfidhhbocdhkdeb [2021-12-28]
Edge HKLM-x32\...\Edge\Extension: [kajikgogckeajjplomldcempamhidmcc]

FireFox:
========
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\stu\AppData\Local\Google\Chrome\User Data\Default [2022-01-25]
CHR Notifications: Default -> hxxps://business.facebook.com; hxxps://www.facebook.com
CHR NewTab: Default ->  Active:"chrome-extension://mhffmephdchhhbfjmdpoaldedhhdanbn/homePageRedirect.html"
CHR Extension: (Slides) - C:\Users\stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-27]
CHR Extension: (Norton Password Manager) - C:\Users\stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\admmjipmmciaobhojoghlmleefbicajg [2021-11-18]
CHR Extension: (Docs) - C:\Users\stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-27]
CHR Extension: (Google Drive) - C:\Users\stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (IBM Security Rapport) - C:\Users\stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2021-08-31]
CHR Extension: (YouTube) - C:\Users\stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-27]
CHR Extension: (Sheets) - C:\Users\stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-27]
CHR Extension: (Norton Safe Web) - C:\Users\stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2021-10-06]
CHR Extension: (Google Docs Offline) - C:\Users\stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-19]
CHR Extension: (HOME | Mysite) - C:\Users\stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\helinbfmfjpbgceiemlhohilbedonahg [2020-06-28]
CHR Extension: (Klarna | Shop now. Pay later.) - C:\Users\stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfapbcheiepjppjbnkphkmegjlipojba [2021-12-11]
CHR Extension: (Norton Home Page) - C:\Users\stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhffmephdchhhbfjmdpoaldedhhdanbn [2021-12-25]
CHR Extension: (Dashboard | Wix.com) - C:\Users\stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkiknnokfagcdaeeanngikfjpimpdkdh [2020-06-30]
CHR Extension: (Norton Safe) - C:\Users\stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpnlkmlkncncpgnnkmkgoobfpnjmblnk [2021-12-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-02]
CHR Extension: (Gmail) - C:\Users\stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-25]
CHR Profile: C:\Users\stu\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-11-29]
CHR Profile: C:\Users\stu\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-11-29]
CHR Extension: (Slides) - C:\Users\stu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-09-05]
CHR Extension: (Docs) - C:\Users\stu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2020-09-05]
CHR Extension: (Google Drive) - C:\Users\stu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-09-05]
CHR Extension: (IBM Security Rapport) - C:\Users\stu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2020-09-05]
CHR Extension: (YouTube) - C:\Users\stu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-09-05]
CHR Extension: (Sheets) - C:\Users\stu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-09-05]
CHR Extension: (Google Docs Offline) - C:\Users\stu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\stu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-09-05]
CHR Extension: (Gmail) - C:\Users\stu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-09-05]
CHR Extension: (Chrome Media Router) - C:\Users\stu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-05]
CHR Profile: C:\Users\stu\AppData\Local\Google\Chrome\User Data\Profile 2 [2021-11-29]
CHR NewTab: Profile 2 -> "active": false,
            "entry": "chrome-extension://mhffmephdchhhbfjmdpoaldedhhdanbn/homePageRedirect.html"
          
CHR DefaultSearchURL: Profile 2 -> hxxps://searchsafe.norton.com/search?omnisearch=yes&q={searchTerms}
CHR DefaultSearchKeyword: Profile 2 -> nortonsafe
CHR DefaultSuggestURL: Profile 2 -> hxxps://ss-sym.search.ask.com/ss?limit=10&li=ff&hl=en&q={searchTerms}
CHR Extension: (Slides) - C:\Users\stu\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-09-20]
CHR Extension: (Norton Password Manager) - C:\Users\stu\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\admmjipmmciaobhojoghlmleefbicajg [2021-11-02]
CHR Extension: (Docs) - C:\Users\stu\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2021-09-20]
CHR Extension: (Google Drive) - C:\Users\stu\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-09-20]
CHR Extension: (YouTube) - C:\Users\stu\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-09-20]
CHR Extension: (Sheets) - C:\Users\stu\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-09-20]
CHR Extension: (Norton Safe Web) - C:\Users\stu\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2021-10-14]
CHR Extension: (Google Docs Offline) - C:\Users\stu\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-15]
CHR Extension: (Norton Home Page) - C:\Users\stu\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mhffmephdchhhbfjmdpoaldedhhdanbn [2021-10-14]
CHR Extension: (Norton Safe) - C:\Users\stu\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mpnlkmlkncncpgnnkmkgoobfpnjmblnk [2021-09-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\stu\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-20]
CHR Extension: (Gmail) - C:\Users\stu\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-09-20]
CHR Profile: C:\Users\stu\AppData\Local\Google\Chrome\User Data\System Profile [2021-11-29]
CHR HKU\S-1-5-21-2850149270-2595152120-825338289-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof]

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-25 14:26 - 2022-01-25 14:30 - 000029107 _____ C:\Users\stu\Downloads\FRST.txt
2022-01-25 14:24 - 2022-01-25 14:27 - 000000000 ____D C:\FRST
2022-01-25 14:24 - 2022-01-25 14:24 - 002311680 _____ (Farbar) C:\Users\stu\Downloads\FRST64 (1).exe
2022-01-25 14:24 - 2022-01-25 14:24 - 000000000 ____D C:\Users\stu\Downloads\FRST-OlderVersion
2022-01-25 13:41 - 2022-01-25 13:41 - 000119048 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SMR540.SYS
2022-01-25 13:41 - 2022-01-25 13:41 - 000000020 _____ C:\WINDOWS\system32\Drivers\SMR540.dat
2022-01-25 10:12 - 2022-01-25 10:12 - 000000000 ____D C:\Users\stu\AppData\Local\NPE
2022-01-25 10:11 - 2022-01-25 10:11 - 017617120 _____ (NortonLifeLock Inc.) C:\Users\stu\Downloads\NPE.exe
2022-01-25 07:25 - 2022-01-25 07:25 - 000000000 ___HD C:\$WinREAgent
2022-01-24 21:26 - 2022-01-24 21:26 - 000003350 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2850149270-2595152120-825338289-1001
2022-01-24 21:25 - 2022-01-24 21:26 - 000002373 _____ C:\Users\stu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-01-23 10:00 - 2022-01-23 10:00 - 008369755 _____ (UserBenchmark.com) C:\Users\stu\Downloads\UserBenchMark (3).exe
2022-01-23 09:45 - 2022-01-23 09:45 - 008369755 _____ (UserBenchmark.com) C:\Users\stu\Downloads\UserBenchMark (2).exe
2022-01-23 08:54 - 2022-01-23 08:54 - 000302990 _____ C:\Users\stu\OneDrive\Documents\pc 2022.XML
2022-01-23 08:49 - 2022-01-23 08:49 - 000001154 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2022-01-23 08:49 - 2022-01-23 08:49 - 000000000 ____D C:\Program Files\PCHealthCheck
2022-01-19 19:06 - 2022-01-19 19:06 - 000001423 _____ C:\Users\stu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2022-01-19 19:03 - 2022-01-19 19:03 - 000780855 _____ C:\Users\stu\OneDrive\Documents\Scan0001.pdf
2022-01-18 06:34 - 2022-01-25 15:45 - 099876864 _____ C:\WINDOWS\system32\config\SOFTWARE
2022-01-16 13:24 - 2022-01-16 13:24 - 000000392 _____ C:\WINDOWS\Tasks\Restoro-After-Restart.job
2022-01-16 13:05 - 2022-01-16 13:05 - 000022808 _____ C:\WINDOWS\system32\Native.exe
2022-01-16 12:55 - 2022-01-16 12:55 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2022-01-16 12:25 - 2022-01-16 12:26 - 000000000 ____D C:\Program Files\Restoro
2022-01-16 12:25 - 2022-01-16 12:25 - 000001745 _____ C:\Users\Public\Desktop\Restoro.lnk
2022-01-16 12:25 - 2022-01-16 12:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Restoro
2022-01-16 12:24 - 2022-01-17 23:13 - 000000000 ____D C:\ProgramData\Restoro
2022-01-16 12:23 - 2022-01-16 12:23 - 000932808 _____ (Restoro) C:\Users\stu\Downloads\Restoro.exe
2022-01-16 12:16 - 2022-01-16 12:16 - 000000000 ____D C:\WINDOWS\system32\gf2engine
2022-01-16 12:14 - 2022-01-16 12:14 - 001153656 _____ (Avast Software) C:\Users\stu\Downloads\avast_cleanup_online_setup.exe
2022-01-13 21:08 - 2022-01-13 21:08 - 000002901 _____ C:\Users\stu\Downloads\hillstuart1@hotmail.co.uk¦STUART HILL¦PAYSLIP December 2021-2022 (1).PDF
2022-01-13 21:08 - 2022-01-13 21:08 - 000002880 _____ C:\Users\stu\Downloads\hillstuart1@hotmail.co.uk¦STUART HILL¦PAYSLIP November 2021-2022.PDF
2022-01-13 20:39 - 2022-01-13 20:39 - 000000000 ____D C:\Users\stu\AppData\LocalLow\Adobe
2022-01-13 20:39 - 2022-01-13 20:39 - 000000000 ____D C:\Users\stu\AppData\Local\SolidDocuments
2022-01-13 20:38 - 2022-01-13 20:38 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-01-13 20:37 - 2022-01-13 20:37 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-01-13 20:37 - 2022-01-13 20:37 - 000002063 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2022-01-13 20:35 - 2022-01-13 20:35 - 000000000 ____D C:\Program Files\Adobe
2022-01-13 20:34 - 2022-01-13 20:39 - 000000000 ____D C:\ProgramData\Adobe
2022-01-13 20:34 - 2022-01-13 20:35 - 000000000 ____D C:\Program Files\Common Files\Adobe
2022-01-13 20:32 - 2022-01-15 11:13 - 000000000 ____D C:\Users\stu\AppData\Local\Adobe
2022-01-13 16:41 - 2022-01-13 16:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2022-01-03 16:05 - 2022-01-03 16:05 - 000298496 _____ C:\Users\stu\OneDrive\Documents\Publication2.pub
2022-01-03 09:57 - 2022-01-03 09:57 - 000161344 _____ C:\Users\stu\Downloads\room hire2022 back page2.pdf
2022-01-03 09:42 - 2022-01-03 09:42 - 000332288 _____ C:\Users\stu\OneDrive\Documents\Publication12.pub
2022-01-02 12:10 - 2022-01-02 12:11 - 000304127 _____ C:\Users\stu\OneDrive\Documents\Doc1.odt
2022-01-02 09:49 - 2022-01-02 09:42 - 000292711 _____ C:\Users\stu\OneDrive\Documents\room hire form 2022.pdf
2022-01-02 09:42 - 2022-01-02 09:42 - 000292711 _____ C:\Users\stu\Downloads\room hire form 2022.pdf
2022-01-02 09:39 - 2022-01-02 09:39 - 000292711 _____ C:\Users\stu\Downloads\room hire form 2022
2022-01-02 09:00 - 2022-01-02 09:00 - 000002901 _____ C:\Users\stu\Downloads\hillstuart1@hotmail.co.uk¦STUART HILL¦PAYSLIP December 2021-2022.PDF

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-25 14:27 - 2019-03-27 22:23 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-25 14:21 - 2019-12-07 09:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-25 13:50 - 2019-03-27 21:49 - 000000000 ____D C:\Users\stu\AppData\Local\Packages
2022-01-25 13:36 - 2021-05-27 20:33 - 000000000 ____D C:\ProgramData\NVIDIA
2022-01-25 13:34 - 2021-12-25 12:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton 360
2022-01-25 13:34 - 2021-09-22 21:11 - 000000000 ____D C:\Program Files\CCleaner
2022-01-25 13:33 - 2020-07-31 01:41 - 001018942 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-25 13:33 - 2019-12-07 09:13 - 000000000 ____D C:\WINDOWS\INF
2022-01-25 13:33 - 2019-03-27 21:51 - 000000000 ___RD C:\Users\stu\OneDrive
2022-01-25 13:24 - 2021-11-18 18:01 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-25 13:24 - 2020-07-31 01:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-25 13:24 - 2020-07-31 01:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-25 12:33 - 2019-04-02 20:05 - 000000000 ____D C:\Users\stu\AppData\Local\PlaceholderTileLogoFolder
2022-01-25 11:08 - 2021-05-23 07:56 - 000000000 ____D C:\Users\stu\AppData\Roaming\HpUpdate
2022-01-25 10:12 - 2021-07-29 19:39 - 000000000 ____D C:\ProgramData\Norton
2022-01-25 10:09 - 2021-07-29 19:40 - 000000000 ____D C:\Program Files (x86)\NortonInstaller
2022-01-25 08:15 - 2020-07-31 01:28 - 000000000 ____D C:\Users\defaultuser0
2022-01-25 08:03 - 2020-07-31 01:28 - 000000000 ____D C:\Users\stu
2022-01-25 07:44 - 2021-05-29 11:42 - 000000000 ____D C:\Users\stu\AppData\Local\CrashDumps
2022-01-25 07:44 - 2019-12-07 09:03 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2022-01-25 07:30 - 2019-03-27 22:26 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-25 07:17 - 2019-12-07 09:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-01-25 07:12 - 2019-12-07 09:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-24 21:34 - 2019-12-07 09:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-24 21:34 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-24 21:26 - 2021-12-11 00:01 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2850149270-2595152120-825338289-1001
2022-01-22 21:28 - 2021-08-17 14:34 - 000000000 ____D C:\Users\stu\AppData\Local\Jagex
2022-01-22 20:22 - 2020-07-31 01:51 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-22 20:22 - 2020-07-31 01:51 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-22 10:59 - 2020-05-23 11:33 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-22 10:52 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-01-18 19:47 - 2020-07-31 01:51 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-18 19:47 - 2020-07-31 01:51 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-01-18 06:34 - 2019-04-04 04:21 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2022-01-17 23:12 - 2021-05-08 13:05 - 000000178 _____ C:\WINDOWS\restoro.ini
2022-01-16 13:26 - 2021-06-15 21:30 - 000000000 _____ C:\WINDOWS\system32\Restoro.rep
2022-01-16 12:28 - 2020-01-23 18:07 - 000000000 ____D C:\ProgramData\Avast Software
2022-01-16 12:28 - 2020-01-22 20:39 - 000000000 ____D C:\Users\stu\AppData\Roaming\Avast Software
2022-01-15 12:29 - 2019-03-28 19:03 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-01-13 20:39 - 2019-03-27 21:49 - 000000000 ____D C:\Users\stu\AppData\Roaming\Adobe
2022-01-12 18:56 - 2019-03-28 23:02 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-01-12 18:56 - 2019-03-28 23:02 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-01-11 19:46 - 2021-12-25 12:38 - 000002435 _____ C:\Users\Public\Desktop\Norton Security.lnk
2022-01-11 19:46 - 2021-12-25 12:38 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2022-01-10 18:23 - 2021-07-29 17:51 - 001033282 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2022-01-02 09:24 - 2021-11-21 12:46 - 000000000 ____D C:\Users\stu\Downloads\mortgage renewal2022
2021-12-30 13:37 - 2019-03-28 17:43 - 000000000 ____D C:\Users\stu\OneDrive\Documents\jamie file

==================== Files in the root of some directories ========

2020-08-29 08:23 - 2020-08-29 08:23 - 000000017 _____ () C:\Users\stu\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-09-11] (Advanced Micro Devices, Inc.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12119432 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
R2 Evolis Print Center Service; C:\Program Files\Evolis Card Printer\Evolis Premium Suite\EvoPCSvc.exe [2541888 2019-11-14] (Evolis S.A.R.L. -> Evolis Card Printer)
R2 Evolis Services Provider; C:\Program Files\Evolis Card Printer\Evolis Premium Suite\ESPFSvc.exe [1721152 2019-11-14] (Evolis S.A.R.L. -> Evolis Card Printer)
R2 eXpert PDF 10 Manager; C:\ProgramData\Avanquest Software\eXpert PDF 10 Manager\eXpert PDF 10\eXpert PDF 10 Manager.exe [963832 2016-02-10] (Avanquest UK Ltd -> Avanquest Software)
S2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-10] (HP Inc. -> HP Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-11-26] (HP Inc. -> HP Inc.)
R2 IsAppService; C:\Program Files (x86)\Iskysoft\IAF\2.4.3.241\IsAppService.exe [495240 2018-07-26] (Shenzhen Yi Xing Investment Co., Ltd. -> Iskysoft)
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.21.11.46\NortonSecurity.exe [343336 2021-12-13] (NortonLifeLock Inc. -> Broadcom)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.21.11.46\nsWscSvc.exe [1059176 2021-12-13] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [3016648 2021-11-08] (IBM -> IBM Corp.)
R2 RestoroActiveProtection; C:\Program Files\Restoro\bin\RestoroProtection.exe [9310216 2021-02-07] (Restoro Ltd -> Restoro) <==== ATTENTION
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6138112 2021-12-20] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [36504 2016-10-20] (VIA Technologies Inc. -> VIA Technologies, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_44dc4eefedc0d082\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_44dc4eefedc0d082\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [41376 2021-07-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [21160 2012-09-22] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [65168 2021-08-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [42240 2013-07-31] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [42240 2013-07-31] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.21.5.44\Definitions\BASHDefs\20220124.011\BHDrvx64.sys [2018784 2021-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\16150B0.02E\ccSetx64.sys [192256 2021-12-13] (Symantec Corporation -> Symantec Corporation)
S3 cykbfltrService; C:\WINDOWS\system32\DRIVERS\cykbfltr.sys [19968 2015-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Cypress Semiconductor, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [509904 2021-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [145376 2022-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2021-06-03] (Martin Malik - REALiX -> REALiX(tm))
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.21.5.44\Definitions\IPSDefs\20220124.061\IDSvia64.sys [1480144 2022-01-12] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [24824 2013-07-02] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R3 JmUsbCcgp; C:\WINDOWS\system32\DRIVERS\jmccgp.sys [17136 2009-07-29] (JMicron Technology Corp. -> JMicron Technology Corp.)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] (ASUSTeK Computer Inc. -> )
R0 MxEFUF; C:\WINDOWS\System32\drivers\MxEFUF64.sys [157696 2011-10-20] (Matrox Graphics Inc. -> Matrox Graphics Inc.)
S3 nsvst_NGC; C:\WINDOWS\System32\drivers\NGCx64\16150B0.02E\nsvst.sys [56080 2021-12-13] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [456168 2021-11-08] (IBM -> IBM Corp.)
R1 RapportCerberus_2104058; c:\programdata\trusteer\rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_2104058.sys [1491920 2021-12-17] (IBM -> IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [554792 2021-11-08] (IBM -> IBM Corp.)
R0 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [405032 2021-11-08] (IBM -> IBM Corp.)
R0 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [455824 2021-11-08] (IBM -> IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [576144 2021-11-08] (IBM -> IBM Corp.)
R3 Serial; C:\WINDOWS\system32\DRIVERS\wdfserial.sys [89976 2018-04-26] (LG Electronics Inc. -> LG Electronics Inc.)
R1 SMR540; C:\WINDOWS\System32\drivers\SMR540.SYS [119048 2022-01-25] (NortonLifeLock Inc. -> Symantec Corporation)
R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\16150B0.02E\SRTSP64.SYS [892600 2021-12-13] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\16150B0.02E\SRTSPX64.SYS [48824 2021-12-13] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\16150B0.02E\SYMEFASI64.SYS [2030768 2021-12-13] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\16150B0.02E\SymELAM.sys [31984 2021-12-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [93152 2021-08-14] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.21.5.44\SymPlatform\SymEvnt.sys [712432 2021-07-13] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\16150B0.02E\Ironx64.SYS [319152 2021-12-13] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\16150B0.02E\symnets.sys [575344 2021-12-13] (Symantec Corporation -> Symantec Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-12-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2021-12-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-13] (Microsoft Windows -> Microsoft Corporation)
R1 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\16150B0.02E\wpCtrlDrv.sys [1015760 2021-12-13] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-25 14:31 - 2022-01-25 14:33 - 000019665 _____ C:\Users\stu\Downloads\Addition.txt
2022-01-25 14:26 - 2022-01-25 14:31 - 000059355 _____ C:\Users\stu\Downloads\FRST.txt
2022-01-25 14:24 - 2022-01-25 14:30 - 000000000 ____D C:\FRST
2022-01-25 14:24 - 2022-01-25 14:24 - 002311680 _____ (Farbar) C:\Users\stu\Downloads\FRST64 (1).exe
2022-01-25 14:24 - 2022-01-25 14:24 - 000000000 ____D C:\Users\stu\Downloads\FRST-OlderVersion
2022-01-25 13:41 - 2022-01-25 13:41 - 000119048 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SMR540.SYS
2022-01-25 13:41 - 2022-01-25 13:41 - 000000020 _____ C:\WINDOWS\system32\Drivers\SMR540.dat
2022-01-25 10:12 - 2022-01-25 10:12 - 000000000 ____D C:\Users\stu\AppData\Local\NPE
2022-01-25 10:11 - 2022-01-25 10:11 - 017617120 _____ (NortonLifeLock Inc.) C:\Users\stu\Downloads\NPE.exe
2022-01-25 07:25 - 2022-01-25 07:25 - 000000000 ___HD C:\$WinREAgent
2022-01-24 21:26 - 2022-01-24 21:26 - 000003350 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2850149270-2595152120-825338289-1001
2022-01-24 21:25 - 2022-01-24 21:26 - 000002373 _____ C:\Users\stu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-01-23 10:00 - 2022-01-23 10:00 - 008369755 _____ (UserBenchmark.com) C:\Users\stu\Downloads\UserBenchMark (3).exe
2022-01-23 09:45 - 2022-01-23 09:45 - 008369755 _____ (UserBenchmark.com) C:\Users\stu\Downloads\UserBenchMark (2).exe
2022-01-23 08:54 - 2022-01-23 08:54 - 000302990 _____ C:\Users\stu\OneDrive\Documents\pc 2022.XML
2022-01-23 08:49 - 2022-01-23 08:49 - 000001154 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2022-01-23 08:49 - 2022-01-23 08:49 - 000000000 ____D C:\Program Files\PCHealthCheck
2022-01-19 19:06 - 2022-01-19 19:06 - 000001423 _____ C:\Users\stu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2022-01-19 19:03 - 2022-01-19 19:03 - 000780855 _____ C:\Users\stu\OneDrive\Documents\Scan0001.pdf
2022-01-18 06:34 - 2022-01-25 15:45 - 099876864 _____ C:\WINDOWS\system32\config\SOFTWARE
2022-01-16 13:24 - 2022-01-16 13:24 - 000000392 _____ C:\WINDOWS\Tasks\Restoro-After-Restart.job
2022-01-16 13:05 - 2022-01-16 13:05 - 000022808 _____ C:\WINDOWS\system32\Native.exe
2022-01-16 12:55 - 2022-01-16 12:55 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2022-01-16 12:25 - 2022-01-16 12:26 - 000000000 ____D C:\Program Files\Restoro
2022-01-16 12:25 - 2022-01-16 12:25 - 000001745 _____ C:\Users\Public\Desktop\Restoro.lnk
2022-01-16 12:25 - 2022-01-16 12:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Restoro
2022-01-16 12:24 - 2022-01-17 23:13 - 000000000 ____D C:\ProgramData\Restoro
2022-01-16 12:23 - 2022-01-16 12:23 - 000932808 _____ (Restoro) C:\Users\stu\Downloads\Restoro.exe
2022-01-16 12:16 - 2022-01-16 12:16 - 000000000 ____D C:\WINDOWS\system32\gf2engine
2022-01-16 12:14 - 2022-01-16 12:14 - 001153656 _____ (Avast Software) C:\Users\stu\Downloads\avast_cleanup_online_setup.exe
2022-01-13 21:08 - 2022-01-13 21:08 - 000002901 _____ C:\Users\stu\Downloads\hillstuart1@hotmail.co.uk¦STUART HILL¦PAYSLIP December 2021-2022 (1).PDF
2022-01-13 21:08 - 2022-01-13 21:08 - 000002880 _____ C:\Users\stu\Downloads\hillstuart1@hotmail.co.uk¦STUART HILL¦PAYSLIP November 2021-2022.PDF
2022-01-13 20:39 - 2022-01-13 20:39 - 000000000 ____D C:\Users\stu\AppData\LocalLow\Adobe
2022-01-13 20:39 - 2022-01-13 20:39 - 000000000 ____D C:\Users\stu\AppData\Local\SolidDocuments
2022-01-13 20:38 - 2022-01-13 20:38 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-01-13 20:37 - 2022-01-13 20:37 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-01-13 20:37 - 2022-01-13 20:37 - 000002063 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2022-01-13 20:35 - 2022-01-13 20:35 - 000000000 ____D C:\Program Files\Adobe
2022-01-13 20:34 - 2022-01-13 20:39 - 000000000 ____D C:\ProgramData\Adobe
2022-01-13 20:34 - 2022-01-13 20:35 - 000000000 ____D C:\Program Files\Common Files\Adobe
2022-01-13 20:32 - 2022-01-15 11:13 - 000000000 ____D C:\Users\stu\AppData\Local\Adobe
2022-01-13 16:41 - 2022-01-13 16:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2022-01-03 16:05 - 2022-01-03 16:05 - 000298496 _____ C:\Users\stu\OneDrive\Documents\Publication2.pub
2022-01-03 09:57 - 2022-01-03 09:57 - 000161344 _____ C:\Users\stu\Downloads\room hire2022 back page2.pdf
2022-01-03 09:42 - 2022-01-03 09:42 - 000332288 _____ C:\Users\stu\OneDrive\Documents\Publication12.pub
2022-01-02 12:10 - 2022-01-02 12:11 - 000304127 _____ C:\Users\stu\OneDrive\Documents\Doc1.odt
2022-01-02 09:49 - 2022-01-02 09:42 - 000292711 _____ C:\Users\stu\OneDrive\Documents\room hire form 2022.pdf
2022-01-02 09:42 - 2022-01-02 09:42 - 000292711 _____ C:\Users\stu\Downloads\room hire form 2022.pdf
2022-01-02 09:39 - 2022-01-02 09:39 - 000292711 _____ C:\Users\stu\Downloads\room hire form 2022
2022-01-02 09:00 - 2022-01-02 09:00 - 000002901 _____ C:\Users\stu\Downloads\hillstuart1@hotmail.co.uk¦STUART HILL¦PAYSLIP December 2021-2022.PDF

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-25 14:27 - 2019-03-27 22:23 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-25 14:21 - 2019-12-07 09:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-25 13:50 - 2019-03-27 21:49 - 000000000 ____D C:\Users\stu\AppData\Local\Packages
2022-01-25 13:36 - 2021-05-27 20:33 - 000000000 ____D C:\ProgramData\NVIDIA
2022-01-25 13:34 - 2021-12-25 12:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton 360
2022-01-25 13:34 - 2021-09-22 21:11 - 000000000 ____D C:\Program Files\CCleaner
2022-01-25 13:33 - 2020-07-31 01:41 - 001018942 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-25 13:33 - 2019-12-07 09:13 - 000000000 ____D C:\WINDOWS\INF
2022-01-25 13:33 - 2019-03-27 21:51 - 000000000 ___RD C:\Users\stu\OneDrive
2022-01-25 13:24 - 2021-11-18 18:01 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-25 13:24 - 2020-07-31 01:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-25 13:24 - 2020-07-31 01:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-25 12:33 - 2019-04-02 20:05 - 000000000 ____D C:\Users\stu\AppData\Local\PlaceholderTileLogoFolder
2022-01-25 11:08 - 2021-05-23 07:56 - 000000000 ____D C:\Users\stu\AppData\Roaming\HpUpdate
2022-01-25 10:12 - 2021-07-29 19:39 - 000000000 ____D C:\ProgramData\Norton
2022-01-25 10:09 - 2021-07-29 19:40 - 000000000 ____D C:\Program Files (x86)\NortonInstaller
2022-01-25 08:15 - 2020-07-31 01:28 - 000000000 ____D C:\Users\defaultuser0
2022-01-25 08:03 - 2020-07-31 01:28 - 000000000 ____D C:\Users\stu
2022-01-25 07:44 - 2021-05-29 11:42 - 000000000 ____D C:\Users\stu\AppData\Local\CrashDumps
2022-01-25 07:44 - 2019-12-07 09:03 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2022-01-25 07:30 - 2019-03-27 22:26 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-25 07:17 - 2019-12-07 09:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-01-25 07:12 - 2019-12-07 09:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-24 21:34 - 2019-12-07 09:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-24 21:34 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-24 21:26 - 2021-12-11 00:01 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2850149270-2595152120-825338289-1001
2022-01-22 21:28 - 2021-08-17 14:34 - 000000000 ____D C:\Users\stu\AppData\Local\Jagex
2022-01-22 20:22 - 2020-07-31 01:51 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-22 20:22 - 2020-07-31 01:51 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-22 10:59 - 2020-05-23 11:33 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-22 10:52 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-01-18 19:47 - 2020-07-31 01:51 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-18 19:47 - 2020-07-31 01:51 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-01-18 06:34 - 2019-04-04 04:21 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2022-01-17 23:12 - 2021-05-08 13:05 - 000000178 _____ C:\WINDOWS\restoro.ini
2022-01-16 13:26 - 2021-06-15 21:30 - 000000000 _____ C:\WINDOWS\system32\Restoro.rep
2022-01-16 12:28 - 2020-01-23 18:07 - 000000000 ____D C:\ProgramData\Avast Software
2022-01-16 12:28 - 2020-01-22 20:39 - 000000000 ____D C:\Users\stu\AppData\Roaming\Avast Software
2022-01-15 12:29 - 2019-03-28 19:03 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-01-13 20:39 - 2019-03-27 21:49 - 000000000 ____D C:\Users\stu\AppData\Roaming\Adobe
2022-01-12 18:56 - 2019-03-28 23:02 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-01-12 18:56 - 2019-03-28 23:02 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-01-11 19:46 - 2021-12-25 12:38 - 000002435 _____ C:\Users\Public\Desktop\Norton Security.lnk
2022-01-11 19:46 - 2021-12-25 12:38 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2022-01-10 18:23 - 2021-07-29 17:51 - 001033282 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2022-01-02 09:24 - 2021-11-21 12:46 - 000000000 ____D C:\Users\stu\Downloads\mortgage renewal2022
2021-12-30 13:37 - 2019-03-28 17:43 - 000000000 ____D C:\Users\stu\OneDrive\Documents\jamie file

==================== Files in the root of some directories ========

2020-08-29 08:23 - 2020-08-29 08:23 - 000000017 _____ () C:\Users\stu\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================