Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-02-2022 Ran by Drew (administrator) on MERIDIAN30 (Hewlett-Packard HP ENVY 15 x360 PC) (12-02-2022 11:31:11) Running from C:\Users\Drew Owens\Downloads Loaded Profiles: Drew Platform: Windows 10 Home Version 21H1 19043.1526 (X64) Language: English (United States) Default browser: Chrome Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () [File not signed] C:\Program Files (x86)\REDRAGON IMPACT Gaming Mouse\hid.exe (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2> (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe <2> (Corel Corporation -> WinZip Computing) C:\Program Files\WinZip\WzPreloader.exe (Corel Corporation -> WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow64.exe (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <15> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\msoasb.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.XACTWARE\MSSQL\Binn\sqlservr.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WpcMon.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCopyAccelerator.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\NisSrv.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <2> (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2> (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe (Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7569624 2014-04-03] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [TUCCDUtil] => C:\Program Files (x86)\Mct Corp\UVTP100\Driver\TUCCDUTIL\TUCCD.exe [1895120 2016-02-19] (Magic Control Technology Corp. -> Magic Control Technology Corporation) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [2859928 2020-09-25] (Corel Corporation -> Corel Corporation) HKLM\...\Run: [WinZip FAH] => C:\Program Files\WinZip\FAHConsole.exe [436704 2020-09-25] (Corel Corporation -> WinZip Computing, S.L.) HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC -> Flexera Software LLC.) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5819104 2021-12-24] (Adobe Inc. -> Adobe Systems Inc.) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc. -> Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) [File not signed] HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [509192 2014-12-01] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) HKLM-x32\...\Run: [Intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [3792648 2015-10-21] (Intuit, Inc. -> Intuit Inc. All rights reserved.) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.) [File not signed] HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [File not signed] HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [1944576 2013-03-07] (Brother Industries, Ltd.) [File not signed] HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133216 2017-03-23] (Wondershare Technology Co.,Ltd -> Wondershare) HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> ) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [REDRAGON IMPACT Gaming Mouse] => C:\Program Files (x86)\REDRAGON IMPACT Gaming Mouse\hid.exe [962048 2019-01-15] () [File not signed] HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [781552 2022-02-04] (Adobe Inc. -> Adobe Inc.) HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\Run: [Power2GoExpress8] => [X] HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\Run: [Google Update] => C:\Users\Drew Owens\AppData\Local\Google\Update\1.3.36.122\GoogleUpdateCore.exe [223816 2022-01-21] (Google LLC -> Google LLC) HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [12541936 2016-11-08] (Plex, Inc -> Plex, Inc.) HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27831240 2018-03-13] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\Run: [Amazon Photos] => C:\Users\Drew Owens\AppData\Local\Amazon Drive\AmazonPhotos.exe [10327240 2022-01-20] (Amazon.com Services LLC -> Amazon.com Inc.) HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Drew Owens\AppData\Local\Microsoft\Teams\Update.exe [1790192 2019-08-08] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [190280 2022-01-24] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5407968 2021-12-24] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\RunOnce: [Application Restart #9] => C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe [2766064 2022-02-04] (Adobe Inc. -> Adobe Inc.) HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\RunOnce: [Application Restart #6] => C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe [2766064 2022-02-04] (Adobe Inc. -> Adobe Inc.) HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_270_Plugin.exe [1457720 2019-10-13] (Adobe Inc. -> Adobe) HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [39936 2019-12-07] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Windows x64\Print Processors\hpcpp101: C:\Windows\System32\spool\prtprocs\x64\hpcpp101.dll [323584 2010-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation) HKLM\...\Windows x64\Print Processors\hpzpp696: C:\Windows\System32\spool\prtprocs\x64\hpzpp696.dll [266752 2008-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation) HKLM\...\Windows x64\Print Processors\LMUD1O4C: C:\Windows\System32\spool\prtprocs\x64\LMUD1O4C.DLL [283152 2016-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Lexmark International Inc.) HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [203936 2021-12-24] (Adobe Inc. -> Adobe Systems Inc) HKLM\...\Print\Monitors\CPCA Language Monitor3b: C:\WINDOWS\system32\CNAS0MOK.DLL [1282048 2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\HP 7012 Status Monitor: C:\WINDOWS\system32\hpinksts7012LM.dll [328704 2014-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\WINDOWS\system32\hpbprtmon.dll [404992 2013-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard) HKLM\...\Print\Monitors\KM Language Monitor: C:\WINDOWS\system32\KMPJL64.DLL [80384 2013-04-08] (Microsoft Windows Hardware Compatibility Publisher -> KYOCERA Document Solutions Inc.) HKLM\...\Print\Monitors\PCL Language Monitor: C:\WINDOWS\system32\hpz3l696.dll [131072 2008-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company) HKLM\...\Print\Monitors\Tif Port: C:\WINDOWS\system32\v_localmon_rc.dll [23552 2016-01-11] (Copyright© RingCentral, inc.) [File not signed] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\98.0.4758.82\Installer\chrmstp.exe [2022-02-11] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files (x86)\CyberLink\YouCam\CLCredProv\x64\CLCredProv.dll [2015-02-11] (CyberLink Corp. -> CyberLink) HKLM\Software\...\Authentication\Credential Providers: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2015-08-04] (Softex Inc..) [File not signed] HKLM\Software\...\Authentication\Credential Provider Filters: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2015-08-04] (Softex Inc..) [File not signed] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-02-16] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2015-04-20] ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe () [File not signed] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2015-01-26] ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass -> ) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2015-01-26] ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass -> ) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk [2016-03-23] ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit, Inc. -> Intuit Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MobileGo Service.lnk [2016-06-07] ShortcutTarget: MobileGo Service.lnk -> C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe (Shenzhen Wondershare Information Technology Co., Ltd. -> Wondershare) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2016-03-23] ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit, Inc. -> Intuit Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Web Connector.lnk [2016-04-10] ShortcutTarget: QuickBooks Web Connector.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBWebConnector\QBWebConnector.exe (Intuit, Inc. -> Intuit) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk [2016-04-10] ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 14.0\QBW32.EXE (Intuit, Inc. -> Intuit Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2021-08-19] ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (Corel Corporation -> WinZip Computing) Startup: C:\Users\Drew Owens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Craftsman Software Update.lnk [2017-11-04] ShortcutTarget: Craftsman Software Update.lnk -> C:\Program Files (x86)\Common Files\Craftsman\CSU\CSUClient.exe (Craftsman Book Co. of America Inc. -> Craftsman Book Company) [File not signed] Startup: C:\Users\Drew Owens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2015-01-26] ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) Startup: C:\Users\Drew Owens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2021-08-19] ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) GroupPolicy: Restriction ? <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {007EB496-3F48-4777-9A59-8C256309FF56} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (No File) Task: {040E4A91-7CCE-45EF-B944-456E6A0BF2AE} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2118352 2014-03-19] (Microsoft Corporation -> Microsoft Corporation) Task: {07A31DBE-F416-4923-BA79-B1429D61D967} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION Task: {0B7B225C-6C7D-47E3-BA11-55D725CA57FC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [326320 2021-07-15] (HP Inc. -> HP Inc.) Task: {0E03D81E-64B0-44F8-8793-39795C0C971A} - \WPD\SqmUpload_S-1-5-21-3404635299-2440590617-3582906486-1001 -> No File <==== ATTENTION Task: {1A687BA8-F2C6-4C00-BF3D-A04E403DA6F1} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22882216 2022-02-12] (Microsoft Corporation -> Microsoft Corporation) Task: {20FDBC9D-58BD-47DA-A92A-2D9CA7F892CA} - System32\Tasks\AdobeAAMUpdater-1.0-Meridian30-Drew Owens => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {213CAE78-BC70-494C-B1B8-795C3BF26A33} - System32\Tasks\Start OPBHOBroker => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [506104 2015-01-30] (Softex Incorporated -> Hewlett-Packard) Task: {27515927-0643-466A-AEC5-7D642DA8A02B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {32F27DB5-AD5A-4041-B8AE-6E6CE72CCDB9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136304 2021-03-30] (HP Inc. -> HP Inc.) Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File) Task: {3B270B5F-C868-4E37-B082-EF8C0A6FD4C1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {3D599493-E2ED-4D82-AD10-0BC20DF12341} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [110968 2022-02-12] (Microsoft Corporation -> Microsoft Corporation) Task: {3F157DF6-A105-4BE0-B588-FD10F0F7538B} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1354552 2014-05-19] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) Task: {3FDCE0A8-FC5D-4CD6-B471-F48D284ED7A7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {49B146D8-3D47-40B2-B4C3-F38FAD2B5907} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [25128 2017-11-16] (HP Inc. -> ) Task: {4CA8CA59-D5BE-4514-A4D2-04A111624C48} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION Task: {4F13496F-19AE-4B69-9DA8-2017B3E6DB37} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.) Task: {524A2F13-D6B7-4987-A45E-3C93A01E91E5} - System32\Tasks\G2MUpdateTask-S-1-5-21-3404635299-2440590617-3582906486-1001 => C:\Users\Drew Owens\AppData\Local\GoToMeeting\19932\g2mupdate.exe [31176 2021-11-19] (LogMeIn, Inc. -> LogMeIn, Inc.) Task: {55456DE1-4A54-460C-B26B-66870118BE05} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {55AEB31F-DDF2-4BB8-B49D-73313CD92CD8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3404635299-2440590617-3582906486-1001UA => C:\Users\Drew Owens\AppData\Local\Google\Update\GoogleUpdate.exe [153752 2016-10-11] (Google Inc -> Google Inc.) Task: {5650C120-3D33-492F-9040-7E484A68C4DF} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation) Task: {590A8FD3-0295-4820-85C9-DDBF403B8DCF} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [110968 2022-02-12] (Microsoft Corporation -> Microsoft Corporation) Task: {5A290DEA-9E4B-4F78-AB0C-B905D969F8A9} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_270_Plugin.exe [1457720 2019-10-13] (Adobe Inc. -> Adobe) Task: {5A2FA985-C7D9-481D-9701-39C2574D8AD3} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-08-12] (Intel(R) Software Asset Manager -> Intel Corporation) Task: {5D176018-AE92-4C41-92B3-8C086D001FE9} - System32\Tasks\WinZip Update Notifier 2 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2859928 2020-09-25] (Corel Corporation -> Corel Corporation) Task: {5F5B26DD-54A3-416A-BB00-E4664E7BAA8E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [7347928 2017-02-07] (Piriform Ltd -> Piriform Ltd) Task: {6117E4A0-1ADE-4E7F-A968-80CF6D7BD56E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6469008 2022-02-03] (Microsoft Corporation -> Microsoft Corporation) Task: {6172768F-74F5-46E5-B92A-F5AECD2D3FC0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {62832D16-438E-4F86-9A2D-5F200D490DFA} - System32\Tasks\G2MUploadTask-S-1-5-21-3404635299-2440590617-3582906486-1001 => C:\Users\Drew Owens\AppData\Local\GoToMeeting\19932\g2mupload.exe [31176 2021-11-19] (LogMeIn, Inc. -> LogMeIn, Inc.) Task: {652A1C32-4B2A-4A46-9B9B-08C9B2B3C770} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {65305717-C561-4E0A-AFA0-F13A3ECE9232} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2015-02-11] (CyberLink Corp. -> CyberLink Corp.) Task: {6C4DBA86-2B3C-4FFD-B83C-17732AEBC971} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2211024 2014-03-19] (Microsoft Corporation -> Microsoft) Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Task: {6E230833-7710-4824-91AF-169EAAE26914} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {78B62E39-6EEB-4665-AADA-A2C19EBE3EC0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.) Task: {78C21E43-6E2C-4A17-BBC7-DA646848F0FA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\BingPopup\BingPopup.exe [553304 2020-10-28] (HP Inc. -> HP Inc.) Task: {842E9760-C259-42E4-8635-1EDB8193D399} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {852BE041-2B0F-43F1-9059-796D46E64DF4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3404635299-2440590617-3582906486-1001Core => C:\Users\Drew Owens\AppData\Local\Google\Update\GoogleUpdate.exe [153752 2016-10-11] (Google Inc -> Google Inc.) Task: {86CB62BE-25F7-43C6-9580-89F70661199F} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA} Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE} Task: {8A3AA800-9079-44E9-9614-8FAA3A0B9A62} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1738504 2015-09-04] (Intel(R) Software -> Intel Corporation) Task: {914A76C8-DA17-4901-8EDC-37698A50E634} - System32\Tasks\WinZip Update Notifier 3 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2859928 2020-09-25] (Corel Corporation -> Corel Corporation) Task: {9332E425-C327-46FC-81E5-2FB6ACBA48BB} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {9CBA98FD-235F-4C24-9F43-3B5D200C44E5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.) Task: {A3022176-2AD2-4260-8EBB-F59C197BAA12} - System32\Tasks\Start SimplePass => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [4716280 2015-01-30] (Softex Incorporated -> Hewlett-Packard) Task: {A3886E17-BB18-4561-A44F-2ADCC87AAA9C} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1487568 2014-03-19] (Microsoft Corporation -> Microsoft Corporation) Task: {A42E752D-AFF7-4C36-AC18-C81266A98E73} - System32\Tasks\AdobeAAMUpdater-1.0-Meridian30-Drew => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {A8A93A74-815F-4D02-8F9C-69A4E94A8C5D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22882216 2022-02-12] (Microsoft Corporation -> Microsoft Corporation) Task: {B0BC66EF-AAAE-48F3-AA57-1D1D7BDFA50A} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {B4BF50C5-9303-4342-AB45-2DD18754ABFE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.) Task: {B6E2669E-82DE-4C8D-B3D3-1492457457C8} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1174504 2022-02-12] (Microsoft Corporation -> Microsoft Corporation) Task: {C9C75BA8-5A27-47CF-B3CD-096D22F0C9A5} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {CA500B63-4E46-495C-8AA7-1D7FC79A4C44} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2118352 2014-03-19] (Microsoft Corporation -> Microsoft Corporation) Task: {CC20166A-45E0-4677-BBEC-6CA5D69B5B8F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-10-13] (Adobe Inc. -> Adobe) Task: {CDF92522-14A3-405D-8E21-CDD3D3C9F7C8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.) Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {CE60B751-660B-4E2F-A68C-5C6CB42E20A2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.) Task: {CEF0EDC6-D075-46D0-8B1C-76AAAFBBCA45} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {D300E66F-F896-4B3D-A3D7-AFCC0A1CCF36} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN44GB415Z => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1136984 2020-09-16] (HP Inc. -> HP Inc.) Task: {E071EC09-B022-42F8-8E66-8D64DA1E85E0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {E232DA8E-C2D0-48D6-913C-00D95AFFA45D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.) Task: {E4B981D8-7298-420D-B4D7-745F75F1F3A4} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d-Logon => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-08-12] (Intel(R) Software Asset Manager -> Intel Corporation) Task: {E770BCBF-877D-4FA6-A994-ED401D473079} - System32\Tasks\WinZip Update Notifier 1 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2859928 2020-09-25] (Corel Corporation -> Corel Corporation) Task: {E8C4F925-6409-4430-88AC-BF0367AAE781} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6469008 2022-02-03] (Microsoft Corporation -> Microsoft Corporation) Task: {E8F53CF0-1C03-492D-B163-9F433A7F6924} - System32\Tasks\Start OPBHOBrokerDesktop => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [506104 2015-01-30] (Softex Incorporated -> Hewlett-Packard) Task: {E9C45DFE-2C20-4C57-B6F3-ABF0500E7787} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1487568 2014-03-19] (Microsoft Corporation -> Microsoft Corporation) Task: {EB172F0E-7000-4FC7-83F5-74AB9BFC6794} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation) Task: {F399ED94-6E97-4969-893F-4FEE772AC273} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {F5CA997A-8DC9-4050-8F20-11FA5F439422} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1136984 2020-09-16] (HP Inc. -> HP Inc.) Task: {F71673B3-A235-4975-A446-2832538F1EC7} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION Task: {F76A957C-1A49-426B-BD18-67FC35B8F5A4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.) Task: {F88E223C-FE60-491C-B985-AB39301290CE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {FDFF33C8-0441-482B-86C3-496018BF0382} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_pepper.exe [1453112 2019-07-11] (Adobe Inc. -> Adobe) Task: {FF2ABC63-4C99-4C9D-B9D8-9EF297E180A0} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3404635299-2440590617-3582906486-1001.job => C:\Users\Drew Owens\AppData\Local\GoToMeeting\19932\g2mupdate.exe Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3404635299-2440590617-3582906486-1001.job => C:\Users\Drew Owens\AppData\Local\GoToMeeting\19932\g2mupload.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 10.0.1.1 Tcpip\..\Interfaces\{a2110b38-d86f-48f0-b407-ccc48109b8dd}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{dcba33c2-b08b-4331-b550-277d891a5c84}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{e56ef71c-9ffe-406a-86b2-2c51bf7485eb}: [DhcpNameServer] 10.0.1.1 HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION Edge: ======= Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found] Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found] Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found] Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found] Edge DefaultProfile: Default Edge Profile: C:\Users\Drew Owens\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-04] FireFox: ======== FF DefaultProfile: vajvojym.default FF ProfilePath: C:\Users\Drew Owens\AppData\Roaming\Mozilla\Firefox\Profiles\vajvojym.default [2020-11-21] FF Homepage: Mozilla\Firefox\Profiles\vajvojym.default -> hxxps://www.bing.com/?pc=HI2F FF NewTab: Mozilla\Firefox\Profiles\vajvojym.default -> about:newtab FF NetworkProxy: Mozilla\Firefox\Profiles\vajvojym.default -> type", 0 FF Notifications: Mozilla\Firefox\Profiles\vajvojym.default -> hxxps://helpx.adobe.com FF Extension: (Hide My Ass! Web Proxy) - C:\Users\Drew Owens\AppData\Roaming\Mozilla\Firefox\Profiles\vajvojym.default\Extensions\extension@hidemyass.com.xpi [2015-09-29] [Legacy] FF Extension: (Firebug) - C:\Users\Drew Owens\AppData\Roaming\Mozilla\Firefox\Profiles\vajvojym.default\Extensions\firebug@software.joehewitt.com.xpi [2017-03-07] [Legacy] FF Extension: (Xmarks Bookmark Sync) - C:\Users\Drew Owens\AppData\Roaming\Mozilla\Firefox\Profiles\vajvojym.default\Extensions\foxmarks@kei.com.xpi [2018-03-11] FF Extension: (Awesome Screenshot - Capture, Annotate & More) - C:\Users\Drew Owens\AppData\Roaming\Mozilla\Firefox\Profiles\vajvojym.default\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi [2020-04-29] FF Extension: (LastPass: Free Password Manager) - C:\Users\Drew Owens\AppData\Roaming\Mozilla\Firefox\Profiles\vajvojym.default\Extensions\support@lastpass.com.xpi [2020-05-04] FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Drew Owens\AppData\Roaming\Mozilla\Firefox\Profiles\vajvojym.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-04-29] FF SearchPlugin: C:\Users\Drew Owens\AppData\Roaming\Mozilla\Firefox\Profiles\vajvojym.default\searchplugins\yahoo-ysp.xml [2015-07-01] FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-03-05] FF HKLM-x32\...\Firefox\Extensions: [firefox@bho.com] - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt FF Extension: (HP SimplePass) - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt [2015-08-04] [Legacy] [not signed] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_270.dll [2019-10-13] (Adobe Inc. -> ) FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-01-26] (LastPass -> LastPass) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2022-02-04] (Adobe Inc. -> Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_270.dll [2019-10-13] (Adobe Inc. -> ) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.) [File not signed] FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] (Apple Inc. -> ) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-01-26] (LastPass -> LastPass) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-10-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2022-02-04] (Adobe Inc. -> Adobe Systems) Chrome: ======= CHR DefaultProfile: Profile 5 CHR Profile: C:\Users\Drew Owens\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-06-16] CHR Profile: C:\Users\Drew Owens\AppData\Local\Google\Chrome\User Data\Profile 5 [2022-02-12] CHR Extension: (Nimbus Screenshot & Screen Video Recorder) - C:\Users\Drew Owens\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\bpconcjcammlapcogcnnelfmaeghhagj [2022-02-04] CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Drew Owens\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-01-15] CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Drew Owens\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-02-04] CHR Extension: (LastPass: Free Password Manager) - C:\Users\Drew Owens\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2022-02-04] CHR Extension: (Chrome Web Store Payments) - C:\Users\Drew Owens\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-16] CHR Profile: C:\Users\Drew Owens\AppData\Local\Google\Chrome\User Data\System Profile [2021-06-16] CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] CHR HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [obkbegmlhbcannjaipgolkppiccljkof] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-11-01] CHR HKLM-x32\...\Chrome\Extension: [gihfmmedoddijgnhkgfgnkeohkpbipol] CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] CHR HKLM-x32\...\Chrome\Extension: [nagnmfhgkjkplbhplkbicmpkfopmnefp] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.) S4 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-10-13] (Adobe Inc. -> Adobe) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [844528 2022-02-04] (Adobe Inc. -> Adobe Inc.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3849472 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3617024 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated) S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12124536 2022-02-03] (Microsoft Corporation -> Microsoft Corporation) S4 DAMSvc; C:\Program Files (x86)\Nuance\DragonAssistant3\DragonAssistantMaintenance.exe [4279056 2014-01-27] (Nuance Communications, Inc. -> Nuance Communications, Inc.) S4 GManager; C:\WINDOWS\system32\GManager.exe [313432 2012-08-28] (Magic Control Technology Corp. -> ) R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed] R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.) S4 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-21] (HP Inc. -> HP Inc.) S4 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [573704 2014-12-01] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) S4 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed] S4 Intel(R) TA SAM; C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-08-12] (Intel(R) Software Asset Manager -> Intel Corporation) S4 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe [153296 2016-04-26] (Intel(R) Technology Access -> Intel(R) Corporation) S4 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [478416 2016-04-26] (Intel(R) Technology Access -> Intel(R) Corporation) S4 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation) S4 MlPatch; C:\WINDOWS\system32\MlPatch.exe [2244912 2014-08-22] (Magic Control Technology Corp. -> ) S2 MSSQL$PACCAR2; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.PACCAR2\MSSQL\Binn\sqlservr.exe [43130032 2015-03-30] (Microsoft Corporation -> Microsoft Corporation) R2 MSSQL$XACTWARE; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.XACTWARE\MSSQL\Binn\sqlservr.exe [43010392 2009-03-30] (Microsoft Corporation -> Microsoft Corporation) R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed] S4 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [103424 2015-01-30] (Softex Inc.) [File not signed] S4 OneTouch 4.0 Monitor; C:\Program Files (x86)\Visioneer\OneTouch 4.0\OtService.exe [277504 2017-09-18] (Visioneer Inc.) [File not signed] S4 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [1897456 2016-11-08] (Plex, Inc -> Plex, Inc.) R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed] S4 ptsysexec; C:\Windows\ptsysexec.exe [237664 2016-03-29] (Pismo Technic Inc. -> Pismo Technic Inc.) S4 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2015-10-22] (Intuit) [File not signed] S4 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [65536 2015-10-21] (Intuit Inc.) [File not signed] S4 QBVSS; C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [1248256 2015-10-21] (Intuit Inc.) [File not signed] S4 QuickBooksDB26; C:\Program Files (x86)\Intuit\QuickBooks 2016\QBDBMgrN.exe [127792 2015-10-21] (SAP -> Intuit, Inc.) [File not signed] S4 SQLAgent$PACCAR2; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.PACCAR2\MSSQL\Binn\SQLAGENT.EXE [381104 2015-03-30] (Microsoft Corporation -> Microsoft Corporation) S4 SQLAgent$XACTWARE; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.XACTWARE\MSSQL\Binn\SQLAGENT.EXE [366936 2009-03-30] (Microsoft Corporation -> Microsoft Corporation) S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-18] (TeamViewer -> TeamViewer GmbH) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\NisSrv.exe [2909208 2022-02-11] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe [128376 2022-02-11] (Microsoft Windows Publisher -> Microsoft Corporation) S4 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.2.0.5\WsAppService.exe [411648 2016-03-31] (Wondershare) [File not signed] S3 WsDrvInst; C:\Program Files (x86)\Wondershare\Video Converter Ultimate\Transfer\DriverInstall.exe [111344 2020-02-10] (Wondershare Technology Co.,Ltd -> Wondershare) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [50616 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed] S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [55232 2017-11-04] (SurfRight B.V. -> ) R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [60448 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP) R3 mctkmd; C:\WINDOWS\system32\drivers\mctkmd64.sys [174712 2016-08-29] (Magic Control Technology Corp. -> Magic Control Technology Corporation) R0 mctkmdldr; C:\WINDOWS\System32\drivers\mctkmdldr64.sys [19584 2011-04-08] (Magic Control Technology Corp. -> Magic Control Technology Corporation) R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [50448 2015-07-28] (Intel(R) Technology Access -> Intel Corporation) R3 NetTap630; C:\WINDOWS\system32\DRIVERS\nettap630.sys [67800 2015-04-30] (Intel(R) Technology Access -> Intel Corporation) S3 pfmfs_181; C:\WINDOWS\System32\Drivers\pfmfs_181.sys [256904 2016-03-29] (Pismo Technic Inc. -> Pismo Technic Inc.) R0 PxHlpa64; C:\WINDOWS\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation -> Corel Corporation) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 t2usb64; C:\WINDOWS\system32\drivers\t2usb64.sys [358704 2016-09-21] (Magic Control Technology Corp. -> Magic Control Technology Corp.) S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.) S3 usbser; C:\Windows\SysWOW64\drivers\usbser.sys [25600 2018-04-19] (Microsoft Corporation) [File not signed] S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2022-02-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [438520 2022-02-11] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-02-11] (Microsoft Windows -> Microsoft Corporation) R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP) R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2017-11-04] (Zemana Ltd. -> Zemana Ltd.) R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-11-04] (Zemana Ltd. -> Zemana Ltd.) S3 dg_ssudbus; \SystemRoot\system32\DRIVERS\ssudbus2.sys [X] S3 MpKsl9c987d53; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{521CF657-8047-47A9-8925-9FC5031564EA}\MpKslDrv.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2022-02-12 11:30 - 2022-02-12 11:30 - 000000000 ____D C:\Users\Drew Owens\Downloads\FRST-OlderVersion 2022-02-12 11:28 - 2022-02-12 11:30 - 002311680 _____ (Farbar) C:\Users\Drew Owens\Downloads\FRST64.exe 2022-02-12 10:42 - 2022-02-12 10:42 - 000017328 _____ C:\Users\Drew Owens\Downloads\tammy_whitten_gadsden_al_people_search_202202111805.pdf 2022-02-12 09:08 - 2022-02-12 09:10 - 000000000 ____D C:\Users\Drew Owens\Documents\My Timelines 2022-02-12 09:08 - 2022-02-12 09:08 - 000000000 ____D C:\Users\Drew Owens\AppData\Roaming\Progeny Software Inc 2022-02-12 09:07 - 2022-02-12 09:07 - 000000000 ____D C:\Program Files (x86)\Timeline Maker Pro Add-in for PowerPoint 2022-02-12 08:51 - 2022-02-12 08:51 - 000002066 _____ C:\Users\Public\Desktop\Timeline Maker Pro v4.lnk 2022-02-12 08:50 - 2022-02-12 08:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Timeline Maker Pro v4 2022-02-12 08:49 - 2022-02-12 09:08 - 000000000 ____D C:\Program Files (x86)\Timeline Maker Pro v4 2022-02-12 08:40 - 2022-02-12 08:43 - 026069504 _____ (Progeny Software Inc.) C:\Users\Drew Owens\Downloads\TimelineMakerPro_4-5-40_Install.exe 2022-02-12 01:00 - 2022-02-12 07:18 - 000000000 ____D C:\Users\Drew Owens\AppData\Local\Amazon Drive 2022-02-12 01:00 - 2022-02-12 01:00 - 000001286 _____ C:\Users\Drew Owens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Photos.lnk 2022-02-11 16:57 - 2022-02-11 16:57 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2022-02-11 16:57 - 2022-02-11 16:57 - 000011813 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-02-11 16:54 - 2022-02-11 16:54 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-02-11 16:54 - 2022-02-11 16:54 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe 2022-02-11 16:54 - 2022-02-11 16:54 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2022-02-11 16:13 - 2022-02-11 16:13 - 000000000 ___HD C:\$WinREAgent 2022-02-07 16:48 - 2022-02-07 16:48 - 000171036 _____ C:\Users\Drew Owens\Downloads\vkukzna4sohyf512c442wjgd_c4602ed9-e7a4-438a-a5b7-ec6a233dfae4.pdf 2022-02-07 16:48 - 2022-02-07 16:48 - 000045010 _____ C:\Users\Drew Owens\Downloads\vkukzna4sohyf512c442wjgd_af1a5cb3-d334-408a-978c-e12747feb69e.pdf 2022-02-07 16:46 - 2022-02-07 16:46 - 000466645 _____ C:\Users\Drew Owens\Downloads\vkukzna4sohyf512c442wjgd_e9bf206c-064a-4172-b875-187399e45a75.pdf 2022-02-07 16:45 - 2022-02-07 16:45 - 000589325 _____ C:\Users\Drew Owens\Downloads\vkukzna4sohyf512c442wjgd_4c042fb3-7e6c-424c-bfd1-81e7c8ed20f8.pdf 2022-02-04 14:08 - 2022-02-04 14:08 - 000000000 ____D C:\Users\Drew Owens\AppData\Local\SolidDocuments 2022-02-04 13:08 - 2022-02-04 13:09 - 000000000 ___HD C:\adobeTemp 2022-02-04 12:59 - 2022-02-04 12:59 - 000001393 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk 2022-02-04 12:59 - 2022-02-04 12:59 - 000001363 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk 2022-01-14 11:17 - 2022-01-14 11:17 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe 2022-01-14 11:17 - 2022-01-14 11:17 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2022-02-12 11:45 - 2016-04-25 06:42 - 000000000 ____D C:\Users\Drew Owens\Documents\outlook 2 2022-02-12 11:45 - 2015-01-26 19:55 - 000000000 ____D C:\Users\Drew Owens\Documents\Outlook Files 2022-02-12 11:39 - 2017-11-04 15:05 - 000169280 _____ C:\WINDOWS\ZAM.krnl.trace 2022-02-12 11:39 - 2017-11-04 15:05 - 000135491 _____ C:\WINDOWS\ZAM_Guard.krnl.trace 2022-02-12 11:37 - 2017-02-28 11:40 - 000053934 _____ C:\Users\Drew Owens\Downloads\FRST.txt 2022-02-12 11:35 - 2017-02-28 11:40 - 000000000 ____D C:\FRST 2022-02-12 11:26 - 2019-12-07 03:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-02-12 10:49 - 2015-01-26 15:08 - 000000000 ____D C:\Program Files (x86)\Google 2022-02-12 10:02 - 2021-12-05 08:00 - 000001288 _____ C:\Users\Drew Owens\Desktop\Amazon Backup.lnk 2022-02-12 09:48 - 2017-06-06 14:41 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2022-02-12 09:46 - 2020-08-02 09:19 - 000934898 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-02-12 09:46 - 2019-12-07 03:13 - 000000000 ____D C:\WINDOWS\INF 2022-02-12 09:45 - 2020-08-02 08:48 - 000000000 ____D C:\Users\Drew Owens 2022-02-12 09:41 - 2020-08-02 10:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-02-12 09:41 - 2020-08-02 08:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-02-12 09:41 - 2020-08-02 08:38 - 000008192 ___SH C:\DumpStack.log.tmp 2022-02-12 09:41 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\ServiceState 2022-02-12 09:37 - 2016-07-11 09:40 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2022-02-12 03:55 - 2020-06-03 06:55 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-02-12 03:55 - 2020-06-03 06:55 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2022-02-12 03:55 - 2019-12-07 03:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-02-12 03:55 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-02-12 01:15 - 2020-07-06 20:35 - 000000000 ____D C:\Users\Drew Owens\AppData\Local\PlaceholderTileLogoFolder 2022-02-12 01:10 - 2015-01-26 17:51 - 000000000 ____D C:\Users\Drew Owens\Documents\Youcam 2022-02-12 00:33 - 2020-08-02 08:39 - 010453480 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-02-12 00:29 - 2019-12-07 03:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2022-02-12 00:27 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-02-12 00:27 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-02-12 00:27 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2022-02-12 00:27 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2022-02-12 00:27 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-02-12 00:27 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\appraiser 2022-02-12 00:27 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2022-02-12 00:27 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2022-02-12 00:27 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-02-12 00:27 - 2019-12-07 03:03 - 000000000 ____D C:\WINDOWS\servicing 2022-02-11 17:16 - 2019-12-07 03:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-02-11 16:58 - 2020-11-21 13:08 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2022-02-11 16:54 - 2020-08-02 08:48 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-02-11 16:11 - 2015-02-09 15:53 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-02-11 15:53 - 2015-02-09 15:53 - 149611728 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-02-11 08:24 - 2015-01-26 15:08 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-02-11 08:24 - 2015-01-26 15:08 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2022-02-11 08:03 - 2018-02-25 05:38 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2022-02-11 07:56 - 2018-05-21 04:26 - 000000000 ____D C:\Users\Drew Owens\Documents\Remodeling Customers 2022-02-06 15:50 - 2015-05-14 08:14 - 000000000 ____D C:\My Web Sites 2022-02-04 14:08 - 2017-12-31 11:56 - 000000000 ____D C:\Users\Drew Owens\AppData\Local\Packages 2022-02-04 13:09 - 2016-10-22 19:22 - 000000000 ___RD C:\Users\Drew Owens\Creative Cloud Files 2022-02-04 13:08 - 2015-01-26 16:15 - 000000000 ____D C:\Program Files\Common Files\Adobe 2022-02-04 13:03 - 2015-01-26 16:13 - 000000000 ____D C:\Program Files\Adobe 2022-02-04 12:59 - 2015-01-26 16:05 - 000000000 ____D C:\Program Files (x86)\Adobe 2022-02-04 12:49 - 2015-01-26 17:49 - 000000000 ____D C:\Users\Drew Owens\AppData\Roaming\Adobe 2022-02-03 14:38 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2022-01-31 17:40 - 2022-01-01 14:13 - 000000000 ____D C:\Users\Drew Owens\Documents\Case Records All Time 2022-01-31 17:40 - 2021-05-15 08:57 - 000000000 ____D C:\Users\Drew Owens\Documents\new filings 2022-01-29 07:47 - 2020-08-02 10:00 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-01-29 07:47 - 2020-08-02 10:00 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-01-27 08:03 - 2021-12-13 07:13 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3404635299-2440590617-3582906486-1001 2022-01-27 08:03 - 2020-08-02 10:00 - 000003368 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3404635299-2440590617-3582906486-1001 2022-01-27 08:03 - 2020-08-02 08:48 - 000002446 _____ C:\Users\Drew Owens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-01-21 06:43 - 2020-08-02 10:00 - 000003694 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3404635299-2440590617-3582906486-1001UA 2022-01-21 06:43 - 2020-08-02 10:00 - 000003426 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3404635299-2440590617-3582906486-1001Core 2022-01-21 06:43 - 2020-08-02 10:00 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2022-01-21 06:43 - 2020-08-02 10:00 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2022-01-19 07:12 - 2015-01-28 07:07 - 000000000 ____D C:\Users\Drew Owens\Documents\Word 2022-01-15 00:26 - 2019-12-07 03:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2022-01-15 00:26 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\setup 2022-01-15 00:26 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-01-14 08:05 - 2020-08-02 10:00 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2022-01-14 08:02 - 2021-03-31 17:28 - 000002121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk 2022-01-14 08:02 - 2021-03-31 17:28 - 000002110 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk ==================== Files in the root of some directories ======== 2015-01-26 19:14 - 2015-01-26 19:14 - 014147584 _____ () C:\Program Files (x86)\Common Files\lpuninstall.exe 2015-03-04 11:17 - 2018-06-17 07:35 - 000000034 _____ () C:\Users\Drew Owens\AppData\Roaming\AdobeWLCMCache.dat 2016-12-20 06:06 - 2017-02-06 14:05 - 000009322 _____ () C:\Users\Drew Owens\AppData\Roaming\Comma Separated Values.EML 2015-07-15 07:20 - 2015-07-15 07:26 - 000000028 _____ () C:\Users\Drew Owens\AppData\Roaming\kulerdata.json 2016-04-03 08:23 - 2016-04-11 10:02 - 000003715 _____ () C:\Users\Drew Owens\AppData\Roaming\QBFileDrTool.log 2015-01-28 11:29 - 2019-08-04 13:05 - 000001456 _____ () C:\Users\Drew Owens\AppData\Local\Adobe Save for Web 13.0 Prefs 2018-09-20 13:27 - 2020-07-08 08:40 - 000000309 _____ () C:\Users\Drew Owens\AppData\Local\oobelibMkey.log 2017-06-06 19:05 - 2017-06-06 19:05 - 000000224 _____ () C:\Users\Drew Owens\AppData\Local\poetsch.bat 2015-04-06 13:13 - 2017-06-12 09:59 - 000000600 _____ () C:\Users\Drew Owens\AppData\Local\PUTTY.RND ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================